RFR: 8179503: Java should support GET OCSP calls [v2]
Jamil Nimeh
jnimeh at openjdk.java.net
Thu Dec 31 05:33:59 UTC 2020
On Thu, 31 Dec 2020 04:42:47 GMT, Xue-Lei Andrew Fan <xuelei at openjdk.org> wrote:
>> Jamil Nimeh has updated the pull request with a new target base due to a merge or a rebase. The incremental webrev excludes the unrelated changes brought in by the merge/rebase. The pull request contains four additional commits since the last revision:
>>
>> - Merge
>> - Change IO to use readExactlyNBytes method
>> - Merge
>> - 8179503: Java should support GET OCSP calls
>
> src/java.base/share/classes/sun/security/provider/certpath/OCSP.java line 237:
>
>> 235: HttpURLConnection con;
>> 236: String encodedGetReq = responderURI.toString() + "/" +
>> 237: URLEncoder.encode(Base64.getMimeEncoder(0, new byte[0]).
>
> I did not get the point to use MIME encoder. Is the basic base64 encoder sufficient here?
Force of habit. I'm so used to using getMimeEncoder for other structures that need line breaks so I just stuck with it. From the docs it looks like the basic one might work just fine. The encoder returned by Base64.getUrlEncoder() definitely doesn't give me the encoding I want, which is why I went with the MIME encoder and then pushed it through URLEncoder.encode() to get the proper HTTP path string value. I'll try it with the Basic base64 encoder, since that will simplify the code a bit.
> src/java.base/share/classes/sun/security/provider/certpath/OCSP.java line 235:
>
>> 233:
>> 234: URL url;
>> 235: HttpURLConnection con;
>
> I was just wondering, if the new httpclient APIs could be used here? Maybe it is a out of the scope of this update.
It probably could be done, but HttpURLConnection has been working fine so I didn't see the need to change it.
-------------
PR: https://git.openjdk.java.net/jdk/pull/1760
More information about the security-dev
mailing list