Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8278560

X509KeyManagerImpl::getAliases might return a good key with others

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: P4 P4
    • 19
    • 18
    • security-libs
    • None

      After JDK-8262186, the method is called only once with multiple keyTypes. This means that if an entry is a perfect match (CheckResult.OK) but the keyType for it is not the 1st one, it will be returned along with other possibly non-perfect ones. Thus we cannot only look at the 1st result to determine if there's perfect match inside. See https://github.com/openjdk/jdk/blob/3d657eb0a626e33995af5d5ddf12b26d06317962/src/java.base/share/classes/sun/security/ssl/X509KeyManagerImpl.java#L385.

      That said, this is not a fatal error. After all the results are collected they are sorted by matching status and keyIndex, and the perfect match will be picked up anyway.

            weijun Weijun Wang
            weijun Weijun Wang
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: