On Tue, 15 Nov 2022 00:35:31 GMT, Weijun Wang <wei...@openjdk.org> wrote:
> Instead if creating an "unsigned" `X509CertImpl` with only an `X509CertInfo` > inside, a new static method `signNew` is introduced to create a newly signed > certificate from an `X509CertInfo` object and a `PrivateKey`. Thus make sure > an `X509CertImpl` is always signed and there is no read to keep its > `readOnly` flag. > > The same for `X509CRLImpl`. A new inner class `TBSCertList` is added which is > equivalent to `X509CertInfo` inside `X509CertImpl`. This pull request has now been integrated. Changeset: ab6b7ef9 Author: Weijun Wang <wei...@openjdk.org> URL: https://git.openjdk.org/jdk/commit/ab6b7ef98800bee5e87e39a616af642874eb154a Stats: 708 lines in 11 files changed: 294 ins; 313 del; 101 mod 8296901: Do not create unsigned certificate and CRL Reviewed-by: mullan ------------- PR: https://git.openjdk.org/jdk/pull/11151
