RFR: 8265372: Simplify PKCS9Attribute
Weijun Wang
weijun at openjdk.org
Thu Dec 21 16:23:37 UTC 2023
On Fri, 15 Dec 2023 20:34:21 GMT, Ben Perez <duke at openjdk.org> wrote:
> Refactored PKCS9Attribute to use a hash map instead of multiple arrays. The key for the hash map is an `ObjectIdentifier` and the values are a record `AttributeInfo` that stores the information previously contained in the arrays `PKCS9_VALUE_TAGS`, `VALUE_CLASSES`, and `SINGLE_VALUED`.
>
> It seems as though we should be able to get rid of constants such as `EMAIL_ADDRESS_OID` since they aren't heavily used with the hash map approach, but since the values are public it might cause compatibility issues.
>
> Another question is how to handle `RSA DSI`, `S/MIME`, `Extended-certificate`, and `Issuer Serial Number` OIDs. The prior version threw an error but in this refactor they are treated as an "unknown OID" and only throw a debug warning. This was addressed in https://bugs.openjdk.org/browse/JDK-8011867 but prior to this refactor the aforementioned OIDs were treated differently than unknown OIDs.
I suggest removing the TABLE in the class spec. Now that we have the map it's easy to read all info from one place. There is no need to maintain the table anymore.
-------------
PR Comment: https://git.openjdk.org/jdk/pull/17132#issuecomment-1866596268
More information about the security-dev
mailing list