RFR: 8255348: NPE in PKIXCertPathValidator event logging code
Sean Mullan
mullan at openjdk.java.net
Thu Jan 21 19:47:43 UTC 2021
On Tue, 19 Jan 2021 17:54:33 GMT, Sean Coffey <coffeys at openjdk.org> wrote:
> Correction of NPE and updating of test cases. Minor refactoring of test library also.
src/java.base/share/classes/sun/security/provider/certpath/PKIXCertPathValidator.java line 248:
> 246: int anchorCertId = 0;
> 247: X509Certificate trustedCert = anchor.getTrustedCert();
> 248: if (trustedCert != null) {
You could use the `anchorCert` variable which was set earlier instead of calling `getTrustedCert()` again.
src/java.base/share/classes/sun/security/provider/certpath/PKIXCertPathValidator.java line 251:
> 249: anchorCertId = trustedCert.hashCode();
> 250: } else {
> 251: if (anchor.getCAPublicKey() != null) {
Per the TrustAnchor API, you can't create a TrustAnchor with a null public key, so I don't think you need this check.
-------------
PR: https://git.openjdk.java.net/jdk/pull/2150
More information about the security-dev
mailing list