RFR: 8284694: Avoid evaluating SSLAlgorithmConstraints twice [v3]

Xue-Lei Andrew Fan xuelei at openjdk.java.net
Wed Apr 20 04:33:26 UTC 2022


On Tue, 19 Apr 2022 17:21:20 GMT, Daniel Jeliński <djelinski at openjdk.org> wrote:

>> src/java.base/share/classes/sun/security/ssl/SSLAlgorithmConstraints.java line 94:
>> 
>>> 92:      * @return a SSLAlgorithmConstraints instance
>>> 93:      */
>>> 94:     static AlgorithmConstraints forSocket(SSLSocket socket,
>> 
>> I like the idea to use a static method for the construction.  What do you think if the same coding style is used for other constructors, by making them private and add forSocket() methods accordingly?  For example, changing the following constructor to a private method.
>> 
>> SSLAlgorithmConstraints(SSLEngine engine, String[] supportedAlgorithms,
>>             boolean withDefaultCertPathConstraints) {
>
> it won't change the performance in any way - when `supportedAlgorithms` are set, we always need to create a new object. But you're right, it's inconsistent to offer both constructors and factory methods in the same class. Changed.

The variants of supportedAlgorithms could be limited. There might be a potential improvement.  But it is out of the scope of this PR.

-------------

PR: https://git.openjdk.java.net/jdk/pull/8199


More information about the security-dev mailing list