On Fri, 26 Jul 2024 04:04:55 GMT, Anthony Scarpino <[email protected]>
wrote:
>> src/java.base/share/classes/sun/security/pkcs/PKCS8Key.java line 109:
>>
>>> 107: throws InvalidKeyException {
>>> 108: this(privEncoding);
>>> 109: pubKeyEncoded = pubEncoding;
>>
>> So if there is already a public key in `privEncoding`, it will be
>> overwritten? BTW, it seems this method is not used anywhere.
>
> If it isn't used anywhere, then it's probably from an old idea that I didn't
> completely clean up
This constructor is eventually used by PEMEncoder for KeyPair. Yes if the
private key encoding did have a public key already it would be overwritten;
however, the API usage is to combine the given KeyPair into PEM text. The
expected usage is after generating a KeyPair.
As far as preventing an overwrite, while it can probably be done, I don't see
the value in adding a check at this point.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/17543#discussion_r1697453713
