On Wed, 23 Feb 2022 16:08:49 GMT, Xue-Lei Andrew Fan <xue...@openjdk.org> wrote:
> In the TlsChannelBinding.java implementation, the string operation is placed > before the case conversion. The behavior may be not expected. > > > String hashAlg = serverCertificate.getSigAlgName(). > - replace("SHA", "SHA-").toUpperCase(Locale.ENGLISH); > + toUpperCase(Locale.ENGLISH).replace("SHA", "SHA-"); > > > See also [Bernd Eckenfels](mailto:e...@zusammenkunft.net) comment in [PR > 7583](https://github.com/openjdk/jdk/pull/7583) This change looks good. Just wondering, have other JSSE source code been checked for same problem? ------------- Marked as reviewed by valeriep (Reviewer). PR: https://git.openjdk.java.net/jdk/pull/7592