RFR: 8297065: DerOutputStream operations should not throw IOExceptions [v2]
Valerie Peng
valeriep at openjdk.org
Sun Nov 27 08:03:03 UTC 2022
On Wed, 23 Nov 2022 19:48:48 GMT, Weijun Wang <weijun at openjdk.org> wrote:
>> This is mostly cleanup. Everything around `DerOutputStream` no longer throws an `IOException`. This includes:
>>
>> - Remove unnecessary `throws IOException` in code and spec
>> - Remove `catch (IOException ioe)` blocks. If new exception is thrown, remove further `throws` in code and spec
>> - More classes implementing `DerEncoder` if they have a `encode(DerOutputStream)` method
>> - Modify `write(bytes)` to `writeBytes(bytes)` to avoid IOE
>> - Some unused methods removed
>> - `DerOutputStream` is final
>>
>> The only actual changes (still trivial) are:
>> - Since `PKCS7::encodeSignedData(OutputStream out)` is removed, its usages in `PKCS7::constructToken` and `TsaSigner::createResponse` (in test) are modified to use another method with a `DerOutputStream` argument.
>> - In PKCS8Key, since `getEncodedInternal` never returns non-null, remove null check on result
>> - Since `DerOutputStream` is final, no need to clone bytes in `encode` of `X509CertImpl` and `X509CRLImpl`.
>
> Weijun Wang has updated the pull request incrementally with one additional commit since the last revision:
>
> one more
src/java.base/share/classes/sun/security/x509/RDN.java line 336:
> 334: *
> 335: * @param out DerOutputStream to which RDN is to be written
> 336: * @throws IOException on error
should remove this line?
src/java.base/share/classes/sun/security/x509/SerialNumber.java line 111:
> 109: *
> 110: * @param out the DerOutputStream to marshal the contents to.
> 111: * @exception IOException on errors.
should remove this line?
src/java.base/share/classes/sun/security/x509/UniqueIdentity.java line 95:
> 93: * @param out the DerOutputStream to marshal the contents to.
> 94: * @param tag encode it under the following tag.
> 95: * @exception IOException on errors.
should remove this line?
src/java.base/share/classes/sun/security/x509/X509CRLImpl.java line 298:
> 296: * Encodes the "to-be-signed" TBSCertList to the OutputStream.
> 297: *
> 298: * @exception CRLException on encoding errors.
should remove this line?
src/java.base/share/classes/sun/security/x509/X509CRLImpl.java line 300:
> 298: * @exception CRLException on encoding errors.
> 299: */
> 300: public byte[] encodeInfo() throws CRLException {
"throws CRLException" can be removed?
src/java.base/share/classes/sun/security/x509/X509CRLImpl.java line 601:
> 599: */
> 600: public static X509CRLImpl newSigned(TBSCertList info, PrivateKey key, String algorithm, String provider)
> 601: throws CRLException, NoSuchAlgorithmException, InvalidKeyException,
Does this method still has calls which throw CRLException?
-------------
PR: https://git.openjdk.org/jdk/pull/11302
More information about the security-dev
mailing list