On Sat, 23 Jan 2021 03:59:12 GMT, Valerie Peng <valer...@openjdk.org> wrote:
>> Weijun Wang has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> more wrap, less copy
>
> src/java.base/share/classes/sun/security/pkcs/PKCS8Key.java line 221:
>
>> 219: if (encodedKey == null) {
>> 220: try {
>> 221: DerOutputStream tmp = new DerOutputStream();
>
> What is the criteria of using the default constructor vs the one with a
> initial size? Here is using the default, are we sure about the key (line 224
> below) will always fit?
Here the key is the last thing to be written into the DerOutputStream, so there
will be no more reallocation after and its content will not be leaked.
> src/java.base/share/classes/sun/security/pkcs12/PKCS12KeyStore.java line 664:
>
>> 662:
>> 663: // Encode secret key in a PKCS#8
>> 664: DerOutputStream secretKeyInfo = new DerOutputStream();
>
> Same, using default constructor here and we write encodedKey into it at line
> 670 below.
Same as above.
-------------
PR: https://git.openjdk.java.net/jdk/pull/2070
