RFR: 8257497: Key identifier compliance issue [v5]

Hai-May Chao hchao at openjdk.java.net
Tue Feb 16 22:15:40 UTC 2021


On Tue, 16 Feb 2021 18:33:52 GMT, Sean Mullan <mullan at openjdk.org> wrote:

>> Hai-May Chao has updated the pull request incrementally with one additional commit since the last revision:
>> 
>>   Reduced one param to createV3Extensions
>
> src/java.base/share/classes/sun/security/tools/keytool/Main.java line 1484:
> 
>> 1482: 
>> 1483:         KeyIdentifier signerSubjectKeyId;
>> 1484:         if (subjectPubKey.equals(issuerPubKey)) {
> 
> I think in most cases, this equality test will not work as there is no requirement for PublicKey to override Object.equals, so in most cases this will just check if they reference the same object. I suggest comparing the encoded bytes.

Original logic using this equality test. Fixed as suggested.

-------------

PR: https://git.openjdk.java.net/jdk/pull/2343



More information about the security-dev mailing list