Please review the small update for JDK-8286259.
-
Commit messages:
- 8286259: Password cleanup after KeyStore.PasswordProtection in P11KeyStore
Changes: https://git.openjdk.org/jdk/pull/9254/files
Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=9254&range=00
Issue: https://bugs.
> TLS `*_CHACHA20_POLY1305_*` cipher suites are currently broken when
> configuration with SunPKCS11 provider is used. I discovered this by my
> ssl-tests testsuite [1].
>
>
> make TEST_PKCS11_FIPS=1
> SSLTESTS_SSL_CONFIG_FILTER=SunJSSE,Default,TLSv1.2,TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256
TLS `*_CHACHA20_POLY1305_*` cipher suites are currently broken when
configuration with SunPKCS11 provider is used. I discovered this by my
ssl-tests testsuite [1].
make TEST_PKCS11_FIPS=1
SSLTESTS_SSL_CONFIG_FILTER=SunJSSE,Default,TLSv1.2,TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256
SSLTESTS_CUS
On Wed, 22 Jun 2022 15:10:50 GMT, Weijun Wang wrote:
>> Thanks you both for taking a look at this PR.
>> I will investigate further for suitable suggested changes.
>> Could you please suggest me how I can quickly check whether the changes I
>> made are reflecting properly as expected ?
>
> There
On Wed, 22 Jun 2022 14:12:34 GMT, Jayashree Huttanagoudar
wrote:
>> I have the same suggestion as Sean. In JAAS, login could succeed even if one
>> optional LoginModule failed, and in this case the reason for that failure is
>> lost (even with your current fix). Logging it somewhere might help
On Wed, 22 Jun 2022 13:52:13 GMT, Weijun Wang wrote:
>> src/java.base/share/classes/javax/security/auth/login/LoginContext.java line
>> 887:
>>
>>> 885: (new java.io.PrintWriter(sw));
>>> 886: sw.flush();
>>> 887: le = new Logi
On Wed, 22 Jun 2022 13:10:24 GMT, Sean Mullan wrote:
>> Could you please review the changes?
>> This patch is to address :
>> https://bugs.openjdk.org/browse/JDK-8215916?jql=labels%20%3D%20starter-bug
>
> src/java.base/share/classes/javax/security/auth/login/LoginContext.java line
> 887:
>
>>
On Tue, 14 Jun 2022 19:07:24 GMT, Jayashree Huttanagoudar
wrote:
> Could you please review the changes?
> This patch is to address :
> https://bugs.openjdk.org/browse/JDK-8215916?jql=labels%20%3D%20starter-bug
src/java.base/share/classes/javax/security/auth/login/LoginContext.java line
887:
On Tue, 24 May 2022 at 17:20, Ben Smyth wrote:
> Javadoc advises HandshakeStatus.FINISHED is reported when "a call to
> SSLEngine.wrap() / unwrap() ... finishes a handshake." As expected,
>
> * OpenJDK SSLEngine.wrap() reports HandshakeStatus.FINISHED on wrapping a
> client's (TLS) FINISHED messag
