On Mon, 21 Dec 2020 09:51:25 GMT, Andrey Turbanov
<github.com+741251+turban...@openjdk.org> wrote:
>> src/java.base/share/classes/sun/security/tools/keytool/Main.java line 2459:
>>
>>> 2457: byte[] bytes = in.readAllBytes();
>>> 2458: return
>>> CertificateFactory.getInstance("X509").generateCRLs(
>>> 2459: new ByteArrayInputStream(bytes));
>>
>> Let's just pass `in` into `generateCRLs` instead of reading all bytes and
>> rewrapping them into `InputStream` again?
>
> Looks like it was done intentionally by original author of the code.
> Check comment above:
>
> // Read the full stream before feeding to X509Factory,
> // otherwise, keytool -gencrl | keytool -printcrl
> // might not work properly, since -gencrl is slow
> // and there's no data in the pipe at the beginning.
Let's keep it then
-------------
PR: https://git.openjdk.java.net/jdk/pull/1853
