RFR: 8257497: Key identifier compliance issue [v3]
Hai-May Chao
hchao at openjdk.java.net
Fri Feb 12 20:42:03 UTC 2021
On Fri, 12 Feb 2021 14:49:17 GMT, Weijun Wang <weijun at openjdk.org> wrote:
>> Changed as suggested.
>
> Sorry, I should have been more verbose on my suggestion. I was thinking about passing in **_only_** the `KeyIdentifier` and _**not**_ `akey`. After all both of them are for the same purpose and it's clear to consolidate to only one. If the cert has an SKID then use it, otherwise calculate one using `new KeyIdentifier(akey)`. All these are done inside the `doGenCert)()` method. The `createV3Extensions` just add an AKID if the parameter is not null.
Updated as suggested.
-------------
PR: https://git.openjdk.java.net/jdk/pull/2343
More information about the security-dev
mailing list