# HG changeset patch # User weijun # Date 1237432626 -28800 # Node ID 99207c64bf80ede760d63297131901b4624e3e1c # Parent b45a9855b390a8897dff27207f3f2e0a9bbfa44f 6819272: keytool -importcert should read the whole input Reviewed-by: xuelei diff -r b45a9855b390 -r 99207c64bf80 jdk/src/share/classes/sun/security/tools/KeyTool.java --- a/jdk/src/share/classes/sun/security/tools/KeyTool.java Wed Mar 18 17:37:39 2009 -0700 +++ b/jdk/src/share/classes/sun/security/tools/KeyTool.java Thu Mar 19 11:17:06 2009 +0800 @@ -875,6 +875,18 @@ if (filename != null) { inStream = new FileInputStream(filename); } + // Read the full stream before feeding to X509Factory, + // otherwise, keytool -gencert | keytool -importcert + // might not work properly, since -gencert is slow + // and there's no data in the pipe at the beginning. + ByteArrayOutputStream bout = new ByteArrayOutputStream(); + byte[] b = new byte[4096]; + while (true) { + int len = inStream.read(b); + if (len < 0) break; + bout.write(b, 0, len); + } + inStream = new ByteArrayInputStream(bout.toByteArray()); try { String importAlias = (alias!=null)?alias:keyAlias; if (keyStore.entryInstanceOf(importAlias, KeyStore.PrivateKeyEntry.class)) { diff -r b45a9855b390 -r 99207c64bf80 jdk/test/sun/security/tools/keytool/importreadall.sh --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/jdk/test/sun/security/tools/keytool/importreadall.sh Thu Mar 19 11:17:06 2009 +0800 @@ -0,0 +1,62 @@ +# +# Copyright 2009 Sun Microsystems, Inc. All Rights Reserved. +# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +# +# This code is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License version 2 only, as +# published by the Free Software Foundation. +# +# This code is distributed in the hope that it will be useful, but WITHOUT +# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +# version 2 for more details (a copy is included in the LICENSE file that +# accompanied this code). +# +# You should have received a copy of the GNU General Public License version +# 2 along with this work; if not, write to the Free Software Foundation, +# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. +# +# Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, +# CA 95054 USA or visit www.sun.com if you need additional information or +# have any questions. +# + +# @test +# @bug 6819272 +# @summary keytool -importcert should read the whole input +# +# @run shell importreadall.sh + +# set a few environment variables so that the shell-script can run stand-alone +# in the source directory +if [ "${TESTSRC}" = "" ] ; then + TESTSRC="." +fi + +if [ "${TESTJAVA}" = "" ] ; then + JAVA_CMD=`which java` + TESTJAVA=`dirname $JAVA_CMD`/.. +fi + +# set platform-dependent variables +OS=`uname -s` +case "$OS" in + Windows_* ) + FS="\\" + ;; + * ) + FS="/" + ;; +esac + +KEYTOOL="${TESTJAVA}${FS}bin${FS}keytool -keystore importreadall.jks -storepass changeit -keypass changeit" + +# In case the test is run twice in the same directory + +$KEYTOOL -delete -alias a +$KEYTOOL -delete -alias ca +$KEYTOOL -genkeypair -alias a -dname CN=a || exit 1 +$KEYTOOL -genkeypair -alias ca -dname CN=ca || exit 2 +$KEYTOOL -certreq -alias a | $KEYTOOL -gencert -alias ca | $KEYTOOL -importcert -alias a + +exit $?