RFR: 8292033: Move jdk.X509Certificate event logic to JCA layer [v3]
Sean Mullan
mullan at openjdk.org
Tue Oct 25 20:27:06 UTC 2022
On Tue, 25 Oct 2022 20:11:33 GMT, Sean Mullan <mullan at openjdk.org> wrote:
> I think this will miss cases where the certificates are part of a chain, and the application (or JDK code) is calling `CertificateFactory.generateCertPath` or `generateCertificates`, whereas the previous code would not have missed it (if not using a 3rd-party provider) as it was firing the event at a lower layer in the provider code.
Actually, I think the previous code missed these cases as well. But I think it is important to try to fix this. If not as part of this issue, then a separate issue. It is just for the cases where the above methods take an `InputStream`.
-------------
PR: https://git.openjdk.org/jdk/pull/10422
More information about the security-dev
mailing list