Re: RFR: 8282038: CipherSpi.bufferCrypt leaves plaintext copy on the heap

On Wed, 15 Jun 2022 22:27:27 GMT, Valerie Peng wrote: >> Seems so. BTW, I was using a test-driven programming model and have not >> observed a leak here. I'll see if I can trigger one. > > Sounds good. Rest of changes look fine. I cannot reproduce this leak, but I found more by mixing the calls

RFR: 8215916: The failure reason of an optional JAAS LoginModule is not logged

Could you please review the changes? This patch is to address : https://bugs.openjdk.org/browse/JDK-8215916?jql=labels%20%3D%20starter-bug - Commit messages: - 8215916: Print out more information as a part of failure reason of an optional JAAS LoginModule Changes: https://git.open

Re: RFR: 8286389: Address possibly lossy conversions in jdk.crypto.ec

On Fri, 17 Jun 2022 16:05:38 GMT, Ryan Ernst wrote: > Applied required casts in jdk.crypto.ec for the upcoming warning. > Verified by cherry-picking @asotona's patch. Marked as reviewed by xuelei (Reviewer). src/jdk.crypto.ec/share/classes/sun/security/ec/XDHPublicKeyImpl.java line 79: > 77:

Integrated: 8288209: SSL debug message wrong about unsupported authentication scheme

On Mon, 13 Jun 2022 14:53:51 GMT, Weijun Wang wrote: > At the beginning, this bug was about the incorrect warning message > "Unsupported authentication scheme" on line 1051 which should have been "This > key algorithm has been checked, skip it". > > Now, it's a code refactoring that emphasizes

Re: Private Keys are cached "forever" leading to inop HTTP-TLS-servers

Am 21.06.2022 um 09:32 schrieb Andrew Haley: On 6/16/22 21:02, Lothar Kimmeringer wrote: If they are allowed to become unuseable (as explained, I see that as something that is to be expected IRL) I don't think they are. There is nothing in PKCS#11 that gives an implementation any permission

Re: RFR: 8286395: Address possibly lossy conversions in java.security.jgss

On Fri, 17 Jun 2022 16:09:41 GMT, Ryan Ernst wrote: > Applied required casts in java.security.jgss for the upcoming warning. > Verified by cherry-picking @asotona's patch. Looks reasonable to me - but it we be good to have someone from security-dev take a look. - PR: https://git.o

Re: RFR: 8286389: Address possibly lossy conversions in jdk.crypto.ec

On Fri, 17 Jun 2022 16:05:38 GMT, Ryan Ernst wrote: > Applied required casts in jdk.crypto.ec for the upcoming warning. > Verified by cherry-picking @asotona's patch. Looks reasonable to me - but it would be good to have someone from security-dev take a look. - PR: https://git.op

Re: Private Keys are cached "forever" leading to inop HTTP-TLS-servers

On 6/16/22 21:02, Lothar Kimmeringer wrote: If they are allowed to become unuseable (as explained, I see that as something that is to be expected IRL) I don't think they are. There is nothing in PKCS#11 that gives an implementation any permission to time out. -- Andrew Haley (he/him) Java Pla

Re: [Internet]Re: SSLExtension: Bug/typo in unsupported extension

Thanks Jaikiran. Since RFC 7250 &7685 are unsupported, this isn't particularly significant. (I discovered whilst looking for raw public key support.) On Tue, 21 Jun 2022 at 07:51, Jaikiran Pai wrote: > > On 20/06/22 9:05 pm, Ben Smyth wrote: > > On Mon, 20 Jun 2022 at 17:00, xueleifan(XueleiFan)