On Tue, 30 Dec 2025 03:27:21 GMT, Kirill Shirokov <[email protected]> wrote:
>> src/java.base/share/classes/java/security/CodeSource.java line 241:
>>
>>> 239: // Convert the certs to code signers
>>> 240: signers = convertCertArrayToSignerArray(certs);
>>> 241: if (signers != null) {
>>
>> I think this should return an empty array, and not null. This would make it
>> consistent with `CodeSource.getCertificates()` which returns an empty array
>> when a `CodeSource` object is constructed with an empty array of
>> `CodeSigner`.
>
> I agree, considering the statement from line 666:
>
> private CodeSigner[] convertCertArrayToSignerArray(
> ...
> if (signers.isEmpty()) {
> return null;
> }
>
>
> This would make getCodeSigners() return value more consistent for the
> following corner cases:
>
> new CodeSource(certificates=null): getCertificates()=null;
> getCodeSigners()=null
> new CodeSource(certificates=[]): getCertificates()=[]; getCodeSigners()=[]
> new CodeSource(certificates=[NON-X509-CERT]): getCertificates()=[];
> getCodeSigners()=[]
> new CodeSource(codeSigners=null): getCertificates()=null;
> getCodeSigners()=null
> new CodeSource(codeSigners=[]): getCertificates()=[]; getCodeSigners()=[]
Updated the code and the test.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/27105#discussion_r2652197196
