src/java.base/share/classes/sun/security/util/SignatureFileVerifier.java
CertPathValidatorException is caught 3 times in new code but we're not
printing out the exact algorithm that caused the exception. AFAIK, that
should be in the exception message. Would it be possible to use
something e.getMessage() call to print more detail ? You'd have to check
for null also.
371 } catch(CertPathValidatorException e) {
372 if (debug != null) {
373 debug.println(key + " uses a disabled
algorithm.");
374 }
Spacing issue on line 371 of same file :
371 } catch(CertPathValidatorException e) {
Regards,
Sean.
On 26/01/17 21:57, Sean Mullan wrote:
Looks good, mostly minor stuff so far, just have one other file I need
more time to review:
* java.security
Update description of new constraints to match CCC.
* PKIXExtendedParameters.java
Update class description (it is out-of-date).
* CertConstraintParameters.java
2 * Copyright (c) 2016, 2017 Oracle and/or its affiliates. All rights
reserved.
Should be a comma after 2017.
* AlgorithmChecker.java
278 String currSigAlg = ((X509Certificate)cert).getSigAlgName();
Just use x509Cert.getSigAlgName() instead
* SignatureFileVerifier.java
294 Timestamp[] timestamp = new Timestamp[newSigners.length];
"timestamps" would be more clear as a variable name
299 System.out.println("Timestamp[" + (i - 1) + "] = " +
debug.println
--Sean
On 1/23/17 6:27 PM, Anthony Scarpino wrote:
Hi,
I need a code review of this change that brings more detail constraints
checking and control to certpath and jar disabled algorithm Security
properties.
http://cr.openjdk.java.net/~ascarpino/8160655/webrev/
thanks
Tony
