RFR: 8243585: AlgorithmChecker::check throws confusing exception when it rejects the signer key
Weijun Wang
weijun at openjdk.java.net
Tue Oct 19 16:16:50 UTC 2021
On Tue, 19 Oct 2021 15:26:52 GMT, Sean Mullan <mullan at openjdk.org> wrote:
>> src/java.base/share/classes/sun/security/util/AlgorithmDecomposer.java line 48:
>>
>>> 46: "SHA-384", "SHA384", "SHA-512", "SHA512", "SHA-512/224",
>>> 47: "SHA512/224", "SHA-512/256", "SHA512/256");
>>> 48:
>>
>> Do you want to support the "SHA" -> "SHA1" mapping?
>
> These should be standard digest names as specified by the disabled algorithm security property syntax. SHA is an alias.
OK, I saw the default in `CANONICAL_NAME.getOrDefault(algorithm, algorithm)` and thought non-standard names are also allowed.
-------------
PR: https://git.openjdk.java.net/jdk/pull/5928
More information about the security-dev
mailing list