On Mon, 30 Aug 2021 18:28:41 GMT, Xue-Lei Andrew Fan <xue...@openjdk.org> wrote:

>> Weijun Wang has updated the pull request incrementally with one additional 
>> commit since the last revision:
>> 
>>   reorg src, new test case
>
> src/java.base/share/classes/sun/security/ssl/X509Authentication.java line 271:
> 
>> 269: 
>> 270:         PublicKey clientPublicKey = clientCerts[0].getPublicKey();
>> 271:         if 
>> (!clientPrivateKey.getAlgorithm().equals(clientPublicKey.getAlgorithm())) {
> 
> See above comment, the specified keyType is not checked against.  The check 
> here is for the matching of private key and public key, rather the match of 
> key and the specified keyType.  Maybe, an additional check could be added to 
> check the key type of the cert if one of the specified key types.

Done. Two checks now.

-------------

PR: https://git.openjdk.java.net/jdk/pull/5257

Reply via email to