RFR: JDK-8166596: TLS support for the EdDSA signature algorithm [v3]
Weijun Wang
weijun at openjdk.java.net
Sat Nov 21 02:03:12 UTC 2020
On Fri, 20 Nov 2020 20:22:33 GMT, Jamil Nimeh <jnimeh at openjdk.org> wrote:
>> src/java.base/share/classes/sun/security/ssl/CertificateRequest.java line 139:
>>
>>> 137: if (cct.isAvailable) {
>>> 138: cct.keyAlgorithm.forEach(key -> {
>>> 139: if (!keyTypes.contains(key)) {
>>
>> Can this ever happen? Why not just `addAll`?
>
> I wanted to make sure we didn't end up with duplicates if two different certificate types had the same underlying key type and also to deal with both well-formed certificate request messages or ones that erroneously reiterate the type. It is definitely an edge case.
OK.
-------------
PR: https://git.openjdk.java.net/jdk/pull/1197
More information about the security-dev
mailing list