RFR: 8243585: AlgorithmChecker::check throws confusing exception when it rejects the signer key [v2]
Anthony Scarpino
ascarpino at openjdk.java.net
Wed Oct 20 16:21:02 UTC 2021
On Wed, 20 Oct 2021 13:34:44 GMT, Sean Mullan <mullan at openjdk.org> wrote:
>> src/java.base/share/classes/sun/security/util/AlgorithmDecomposer.java line 106:
>>
>>> 104: // "SHA-256" and "SHA256" to make the right constraint checking.
>>> 105:
>>> 106: for (Map.Entry<String, String> e : DECOMPOSED_DIGEST_NAMES.entrySet()) {
>>
>> If you're going to change this code, you can save me a PR if you surround this by "if (algorithm.contains("SHA") { ... }"
>> Its a perf change to eliminate the unnecessary map lookups when SHA isn't in the algorithm string
>
> That's a fine suggestion, although I'll note that your suggested perf improvement also applies to the previous code which did not check the algorithm parameter first to see if it contained `SHA`.
> Also, another small perf imp: I realized below that in the loop, if the first `if` block gets executed, then the 2nd `if` block will always be false, so I changed it to an if/else.
Yes, I was about to submit a PR to change the previous code, since you changed this code it makes more sense to ask you to do it at the same time.
-------------
PR: https://git.openjdk.java.net/jdk/pull/5928
More information about the security-dev
mailing list