On Mon, 30 Aug 2021 18:28:41 GMT, Xue-Lei Andrew Fan <xue...@openjdk.org> wrote:
>> Weijun Wang has updated the pull request incrementally with one additional >> commit since the last revision: >> >> reorg src, new test case > > src/java.base/share/classes/sun/security/ssl/X509Authentication.java line 271: > >> 269: >> 270: PublicKey clientPublicKey = clientCerts[0].getPublicKey(); >> 271: if >> (!clientPrivateKey.getAlgorithm().equals(clientPublicKey.getAlgorithm())) { > > See above comment, the specified keyType is not checked against. The check > here is for the matching of private key and public key, rather the match of > key and the specified keyType. Maybe, an additional check could be added to > check the key type of the cert if one of the specified key types. Done. Two checks now. ------------- PR: https://git.openjdk.java.net/jdk/pull/5257