On Mon, 26 Jul 2021 17:03:11 GMT, Sean Mullan <mul...@openjdk.org> wrote:
>> Please review this fix to change the internal `X509CertImpl.getFingerprint` >> method to not return "" as a fingerprint if there is an error generating >> that fingerprint. Instead, `null` is now returned, and "" is no longer >> cached as a valid fingerprint. Although errors generating fingerprints >> should be very rare, this is a cleaner way to handle them. >> >> Also, debugging messages have been added when there is an exception. And, as >> a memory/performance improvement, `X509CertImpl.getFingerprint` now calls >> `X509CertImpl.getEncodedInternal` which avoids cloning the encoded bytes if >> the `Certificate` is an instance of `X509CertImpl`. > > Sean Mullan has updated the pull request incrementally with one additional > commit since the last revision: > > Refactor X509CertImpl.getFingerprint(String, Debug). > Treat null fingerprint as untrusted. Marked as reviewed by weijun (Reviewer). ------------- PR: https://git.openjdk.java.net/jdk/pull/4891
