RFR: 8080272 Refactor I/O stream copying to use InputStream.transferTo/readAllBytes and Files.copy [v11]
Andrey Turbanov
github.com+741251+turbanoff at openjdk.java.net
Sun Mar 7 20:31:08 UTC 2021
On Fri, 19 Feb 2021 15:03:11 GMT, Sean Mullan <mullan at openjdk.org> wrote:
>> As I can see only ByteArrayInputStream is actually passed in `InputStream` in current JDK code:
>>
>> PKCS7 pkcs7 = new PKCS7(is.readAllBytes());
>> private static List<X509Certificate> parsePKCS7(InputStream is)
>> certs = parsePKCS7(is);
>> public X509CertPath(InputStream is, String encoding)
>> return new X509CertPath(new ByteArrayInputStream(data), encoding);
>>
>> PKCS7 pkcs7 = new PKCS7(is.readAllBytes());
>> private static List<X509Certificate> parsePKCS7(InputStream is)
>> certs = parsePKCS7(is);
>> public X509CertPath(InputStream is, String encoding)
>> this(is, PKIPATH_ENCODING);
>> public X509CertPath(InputStream is) throws CertificateException {
>> return new X509CertPath(new ByteArrayInputStream(encoding));
>>
>> 
>>
>> Perhaps original marking approach was lost during refactoring?
>
> You are right, the code was refactored (way back in 2010) [1] to read one block at a time, so this check on mark can be removed. So, in this case, I think it is probably safe to just pass the InputStream as-is to PKCS7(InputStream), but maybe you can add a comment that says this should always be a ByteArrayInputStream. We can look at refactoring this code and clean it up a bit more later.
>
> [1] https://hg.openjdk.java.net/jdk/jdk/rev/337ae296b6d6
I find implementation of `sun.security.pkcs.PKCS7#PKCS7(java.io.InputStream)` a bit confusing (or even buggy). It uses only `InputStream.available()` to parse block.
So I would prefer to not use it.
-------------
PR: https://git.openjdk.java.net/jdk/pull/1853
More information about the security-dev
mailing list