On Mon, 30 Aug 2021 18:28:41 GMT, Xue-Lei Andrew Fan <xue...@openjdk.org> wrote:
>> Weijun Wang has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> reorg src, new test case
>
> src/java.base/share/classes/sun/security/ssl/X509Authentication.java line 271:
>
>> 269:
>> 270: PublicKey clientPublicKey = clientCerts[0].getPublicKey();
>> 271: if
>> (!clientPrivateKey.getAlgorithm().equals(clientPublicKey.getAlgorithm())) {
>
> See above comment, the specified keyType is not checked against. The check
> here is for the matching of private key and public key, rather the match of
> key and the specified keyType. Maybe, an additional check could be added to
> check the key type of the cert if one of the specified key types.
Done. Two checks now.
-------------
PR: https://git.openjdk.java.net/jdk/pull/5257
