I've updated the webrev to address your comments: http://cr.openjdk.java.net/~vinnie/8014805/webrev.02/
Thanks. On 24 Jun 2013, at 16:24, Sean Mullan wrote: > On 06/24/2013 10:38 AM, Vincent Ryan wrote: >> Hello all, >> >> The fix to handle Authority Key IDs also applies to Subject Key IDs so I've >> duplicated the changes: >> http://cr.openjdk.java.net/~vinnie/8014805/webrev.01 > > > 1211 subjectKeyId = id.getIdentifier(); > > Should "id" be "ki"? Yes. > > Also, these 2 methods are not thread-safe, which could cause issues if the > same certificates are used in multiple threads. This is an existing issue > with the methods, but unless this is a demonstrable performance issue, I > think you should change them to not cache the subject/authKeyIds and just > generate them each time the methods are invoked. Agreed. > > --Sean > >> >> Thanks. >> >> >> On 24 Jun 2013, at 12:42, Vincent Ryan wrote: >> >>> Thanks. >>> >>> On 22 Jun 2013, at 01:19, Xuelei Fan wrote: >>> >>>> Looks fine to me. >>>> >>>> Xuelei >>>> >>>> On 6/21/2013 11:46 PM, Vincent Ryan wrote: >>>>> Please review this fix for 7u: >>>>> >>>>> http://cr.openjdk.java.net/~vinnie/8014805/webrev.00/ >>>>> http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=8014805 >>>>> >>>>> It corrects the NPE that occurs when verifying an X.509 cert that has an >>>>> Authority Key ID extension >>>>> present but it is not in the hash-based format. >>>>> >>>>> This problem does not occur in JDK 8. >>>>> >>>>> Thanks. >>>>> >>>> >>> >> >
