RFR: 8296734: JarVerifier:: mapSignersToCodeSource should cache in map [v2]
Weijun Wang
weijun at openjdk.org
Fri Nov 18 15:47:09 UTC 2022
On Fri, 18 Nov 2022 03:57:32 GMT, pandaapo <duke at openjdk.org> wrote:
>> The cache named `signerToCodeSource` in `JarVerifier` is never used now.
>
> pandaapo has updated the pull request with a new target base due to a merge or a rebase. The incremental webrev excludes the unrelated changes brought in by the merge/rebase. The pull request contains three additional commits since the last revision:
>
> - Remove some unused methods and refactor some reldated codes.
> - Merge branch 'master' into master-JDK-8296734
> - Make signerToCodeSource cache work.
src/java.base/share/classes/java/util/jar/JarVerifier.java line 340:
> 338: public java.security.cert.Certificate[] getCerts(String name)
> 339: {
> 340: return mapSignersToCertArray(getCodeSigners(name));
This `getCerts(String)` method seems useless as well.
src/java.base/share/classes/java/util/jar/JarVerifier.java line 343:
> 341: }
> 342:
> 343: public java.security.cert.Certificate[] getCerts(JarEntry entry)
I would suggest changing the `import java.security.*` at the beginning to individual imports with class names. And then you can `import java.security.cert.Certificate` and there is no need to write this long class name. The long name also appears in other places in this file.
-------------
PR: https://git.openjdk.org/jdk/pull/11072
More information about the security-dev
mailing list