RFR (XS) 8209851 : Algorithm name is compared via reference identity
Sean Mullan
sean.mullan at oracle.com
Thu Aug 23 13:42:21 UTC 2018
Looks fine to me.
--Sean
On 8/22/18 3:21 PM, Ivan Gerasimov wrote:
> Hello!
>
> In sun.security.provider.DSA.engineInitSign() a check for the key size
> is meant to be skipped if the MessageDigest is NullDigest20.
>
> However, the check for the algorithm's name is done via comparing with a
> String literal, which is not guaranteed to be accurate.
>
> Would you please help review the trivial fix?
>
> BUGURL: https://bugs.openjdk.java.net/browse/JDK-8209851
> WEBREV: http://cr.openjdk.java.net/~igerasim/8209851/00/webrev/
>
More information about the security-dev
mailing list