RFR: JDK-8285263 Minor cleanup could be done in java.security [v5]
Weijun Wang
weijun at openjdk.java.net
Fri Jun 10 21:52:12 UTC 2022
On Fri, 10 Jun 2022 00:35:16 GMT, Mark Powers <duke at openjdk.java.net> wrote:
>> src/java.base/share/classes/java/security/SecureRandom.java line 905:
>>
>>> 903: private static final Pattern pattern =
>>> 904: Pattern.compile(
>>> 905: "\\s*([\\S&&[^:,]]*)(:([\\S&&[^,]]*))?\\s*(,(.*))?");
>>
>> Don't quite understand this change. Can you explain?
>
> The author must have thought `:` and `,` were metacharacters that needed to be escaped to turn them into ordinary characters. I verified with a small java program that` \:` and` \,` are equivalent to `;` and `,`.
> The IntelliJ complaint is "Redundant character escape `'\:'`".
I see. Thanks for the explanation.
>> src/java.base/share/classes/java/security/cert/CertPathValidator.java line 335:
>>
>>> 333: String cpvtype =
>>> 334: AccessController.doPrivileged((PrivilegedAction<String>) () ->
>>> 335: Security.getProperty(CPV_TYPE));
>>
>> See too many, maybe we need a dedicated method in `sun.security.util.SecurityProperties`?
>
> A privilegedGetProperty method? That would be the subject of a new bug I think.
Yes.
-------------
PR: https://git.openjdk.org/jdk/pull/8319
More information about the security-dev
mailing list