<html><head><meta http-equiv="Content-Type" content="text/html charset=windows-1252"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div class="">OK. How about this?</div><div class=""><br class=""></div><div class=""><div style="margin: 0px; font-size: 11px; font-family: Menlo;" class="">--- a/src/java.base/share/classes/sun/security/pkcs12/PKCS12KeyStore.java</div><div style="margin: 0px; font-size: 11px; font-family: Menlo;" class="">+++ b/src/java.base/share/classes/sun/security/pkcs12/PKCS12KeyStore.java</div><div style="margin: 0px; font-size: 11px; font-family: Menlo;" class="">@@ -1,5 +1,5 @@</div><div style="margin: 0px; font-size: 11px; font-family: Menlo;" class=""> /*</div><div style="margin: 0px; font-size: 11px; font-family: Menlo;" class="">- * Copyright (c) 1999, 2014, Oracle and/or its affiliates. All rights reserved.</div><div style="margin: 0px; font-size: 11px; font-family: Menlo;" class="">+ * Copyright (c) 1999, 2015, Oracle and/or its affiliates. All rights reserved.</div><div style="margin: 0px; font-size: 11px; font-family: Menlo;" class="">  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.</div><div style="margin: 0px; font-size: 11px; font-family: Menlo;" class="">  *</div><div style="margin: 0px; font-size: 11px; font-family: Menlo;" class="">  * This code is free software; you can redistribute it and/or modify it</div><div style="margin: 0px; font-size: 11px; font-family: Menlo;" class="">@@ -1642,23 +1642,22 @@</div><div style="margin: 0px; font-size: 11px; font-family: Menlo;" class="">             Entry entry = entries.get(alias);</div><p style="margin: 0px; font-size: 11px; font-family: Menlo; min-height: 13px;" class=""> <br class="webkit-block-placeholder"></p><div style="margin: 0px; font-size: 11px; font-family: Menlo;" class="">             // certificate chain</div><div style="margin: 0px; font-size: 11px; font-family: Menlo;" class="">-            int chainLen = 1;</div><div style="margin: 0px; font-size: 11px; font-family: Menlo;" class="">             Certificate[] certs = null;</div><p style="margin: 0px; font-size: 11px; font-family: Menlo; min-height: 13px;" class=""> <br class="webkit-block-placeholder"></p><div style="margin: 0px; font-size: 11px; font-family: Menlo;" class="">             if (entry instanceof PrivateKeyEntry) {</div><div style="margin: 0px; font-size: 11px; font-family: Menlo;" class="">                 PrivateKeyEntry keyEntry = (PrivateKeyEntry) entry;</div><div style="margin: 0px; font-size: 11px; font-family: Menlo;" class="">-                    if (keyEntry.chain == null) {</div><div style="margin: 0px; font-size: 11px; font-family: Menlo;" class="">-                        chainLen = 0;</div><div style="margin: 0px; font-size: 11px; font-family: Menlo;" class="">-                    } else {</div><div style="margin: 0px; font-size: 11px; font-family: Menlo;" class="">-                        chainLen = keyEntry.chain.length;</div><div style="margin: 0px; font-size: 11px; font-family: Menlo;" class="">-                    }</div><div style="margin: 0px; font-size: 11px; font-family: Menlo;" class="">-                certs = keyEntry.chain;</div><div style="margin: 0px; font-size: 11px; font-family: Menlo;" class="">-</div><div style="margin: 0px; font-size: 11px; font-family: Menlo;" class="">+                if (keyEntry.chain != null) {</div><div style="margin: 0px; font-size: 11px; font-family: Menlo;" class="">+                    certs = keyEntry.chain;</div><div style="margin: 0px; font-size: 11px; font-family: Menlo;" class="">+                } else {</div><div style="margin: 0px; font-size: 11px; font-family: Menlo;" class="">+                    certs = new Certificate[0];</div><div style="margin: 0px; font-size: 11px; font-family: Menlo;" class="">+                }</div><div style="margin: 0px; font-size: 11px; font-family: Menlo;" class="">             } else if (entry instanceof CertEntry) {</div><div style="margin: 0px; font-size: 11px; font-family: Menlo;" class="">-               certs = new Certificate[]{((CertEntry) entry).cert};</div><div style="margin: 0px; font-size: 11px; font-family: Menlo;" class="">+                certs = new Certificate[]{((CertEntry) entry).cert};</div><div style="margin: 0px; font-size: 11px; font-family: Menlo;" class="">+            } else {</div><div style="margin: 0px; font-size: 11px; font-family: Menlo;" class="">+                certs = new Certificate[0];</div><div style="margin: 0px; font-size: 11px; font-family: Menlo;" class="">             }</div><p style="margin: 0px; font-size: 11px; font-family: Menlo; min-height: 13px;" class=""> <br class="webkit-block-placeholder"></p><div style="margin: 0px; font-size: 11px; font-family: Menlo;" class="">-            for (int i = 0; i < chainLen; i++) {</div><div style="margin: 0px; font-size: 11px; font-family: Menlo;" class="">+            for (int i = 0; i < certs.length; i++) {</div><div style="margin: 0px; font-size: 11px; font-family: Menlo;" class="">                 // create SafeBag of Type CertBag</div><div style="margin: 0px; font-size: 11px; font-family: Menlo;" class="">                 DerOutputStream safeBag = new DerOutputStream();</div><div style="margin: 0px; font-size: 11px; font-family: Menlo;" class="">                 safeBag.putOID(CertBag_OID);</div></div><div class=""><br class=""></div><div class=""><br class=""></div><div class=""><br class=""></div><div><blockquote type="cite" class=""><div class="">On 5 May 2015, at 15:10, Weijun Wang <<a href="mailto:weijun.wang@oracle.com" class="">weijun.wang@oracle.com</a>> wrote:</div><br class="Apple-interchange-newline"><div class="">Anyway it looks redundant and error-prone to maintain the length of an array in a separate variable.<br class=""><br class="">--Max<br class=""><br class="">On 5/5/2015 8:32 PM, Vincent Ryan wrote:<br class=""><blockquote type="cite" class="">Replacing the for loop below with a for-each loop on certs would be fine except that certs can be null.<br class="">I could initialize certs with an empty array on each iteration of the outer loop but it doesn’t seem to gain much overall.<br class=""><br class=""><br class=""><blockquote type="cite" class="">On 4 May 2015, at 13:10, Weijun Wang <<a href="mailto:weijun.wang@oracle.com" class="">weijun.wang@oracle.com</a>> wrote:<br class=""><br class="">1662             for (int i = 0; i < chainLen; i++) {<br class=""><br class=""><br class="">On 5/4/2015 6:08 PM, Vincent Ryan wrote:<br class=""><blockquote type="cite" class="">Which line?<br class=""><br class=""><blockquote type="cite" class="">On 2 May 2015, at 02:22, Weijun Wang <<a href="mailto:weijun.wang@oracle.com" class="">weijun.wang@oracle.com</a>> wrote:<br class=""><br class="">Is it safe to just run for-each on certs (if it's not null)?<br class=""><br class="">--Max<br class=""><br class="">On 5/2/2015 6:39 AM, Vincent Ryan wrote:<br class=""><blockquote type="cite" class="">Please review this fix to correct the PKCS12 encoding when a secret key is being stored in one keystore entry and a certificate in another.<br class=""><br class="">Thanks.<br class=""><br class=""><br class="">Bug: <a href="https://bugs.openjdk.java.net/browse/JDK-8079129" class="">https://bugs.openjdk.java.net/browse/JDK-8079129</a><br class="">Webrev: <a href="http://cr.openjdk.java.net/~vinnie/8079129/webrev.00/" class="">http://cr.openjdk.java.net/~vinnie/8079129/webrev.00/</a><br class=""><br class=""></blockquote></blockquote><br class=""></blockquote></blockquote><br class=""></blockquote></div></blockquote></div><br class=""></body></html>