On Fri, 8 Mar 2024 08:22:21 GMT, Hai-May Chao <hc...@openjdk.org> wrote:
>> Change was made to engineGetEntry() in PKCS12KeyStore to extract the key and >> certificate chain from Entry only once. This is because the entry may get >> updated between engineGetKey() and engineGetCertificateChain() which causes >> inconsistent result. A new test was added to assess and manipulate >> PKCS12KeyStore with read and write operations concurrently from multiple >> threads. Thanks! > > Hai-May Chao has updated the pull request incrementally with one additional > commit since the last revision: > > Update engineDeleteEntry Very nice improvement. Thank you! src/java.base/share/classes/sun/security/pkcs12/PKCS12KeyStore.java line 1331: > 1329: if (internalEngineIsCertificateEntry(entry)) { > 1330: if (entry instanceof CertEntry && > 1331: ((CertEntry) entry).trustedKeyUsage != null) { `internalEngineIsCertificateEntry` performs exactly the same checks; you can remove these lines. src/java.base/share/classes/sun/security/pkcs12/PKCS12KeyStore.java line 1368: > 1366: entry.attributes); > 1367: } > 1368: } else if (!internalEngineIsKeyEntry(entry)) { Suggestion: } else { (the matching `if` already checks `internalEngineIsKeyEntry(entry)`) ------------- PR Review: https://git.openjdk.org/jdk/pull/18156#pullrequestreview-1924367027 PR Review Comment: https://git.openjdk.org/jdk/pull/18156#discussion_r1517406770 PR Review Comment: https://git.openjdk.org/jdk/pull/18156#discussion_r1517411548