> Please review this fix to change the internal `X509CertImpl.getFingerprint` > method to not return "" as a fingerprint if there is an error generating that > fingerprint. Instead, `null` is now returned, and "" is no longer cached as a > valid fingerprint. Although errors generating fingerprints should be very > rare, this is a cleaner way to handle them. > > Also, debugging messages have been added when there is an exception. And, as > a memory/performance improvement, `X509CertImpl.getFingerprint` now calls > `X509CertImpl.getEncodedInternal` which avoids cloning the encoded bytes if > the `Certificate` is an instance of `X509CertImpl`.
Sean Mullan has updated the pull request incrementally with one additional commit since the last revision: Refactor X509CertImpl.getFingerprint(String, Debug). Treat null fingerprint as untrusted. ------------- Changes: - all: https://git.openjdk.java.net/jdk/pull/4891/files - new: https://git.openjdk.java.net/jdk/pull/4891/files/50b47ad9..d8652367 Webrevs: - full: https://webrevs.openjdk.java.net/?repo=jdk&pr=4891&range=01 - incr: https://webrevs.openjdk.java.net/?repo=jdk&pr=4891&range=00-01 Stats: 35 lines in 4 files changed: 10 ins; 3 del; 22 mod Patch: https://git.openjdk.java.net/jdk/pull/4891.diff Fetch: git fetch https://git.openjdk.java.net/jdk pull/4891/head:pull/4891 PR: https://git.openjdk.java.net/jdk/pull/4891
