On Fri, 14 Jul 2023 03:45:47 GMT, Anthony Scarpino
wrote:
>> Hi,
>>
>> I need a code review for moving the contents of the jdk.crypto.ec module
>> into java.base. This moves the SunEC JCE Provider (Elliptic Curve) into
>> java.base. EC has always been separate from the base module/pkg becau
On Wed, 12 Jul 2023 23:12:18 GMT, Valerie Peng wrote:
>> This change refactors the RSAPadding class to return an output record
>> containing the status instead of relying on exception object to indicate a
>> failure.
>>
>> Thanks in advance for review~
>> Valerie
>
> Valerie Peng has updated t
> Hi,
>
> I need a code review for moving the contents of the jdk.crypto.ec module into
> java.base. This moves the SunEC JCE Provider (Elliptic Curve) into
> java.base. EC has always been separate from the base module/pkg because of
> its dependence on a native library. That library was rem
On Fri, 14 Jul 2023 02:37:09 GMT, Xue-Lei Andrew Fan wrote:
> > > It looks good to me to rollback to previous behaviors. I was just
> > > wondering, if the use of key in other methods, like hashCode()/equals(),
> > > has the similar issue? Thanks!
> >
> >
> > For the usage of hashCode()/equal
On Thu, 13 Jul 2023 21:01:06 GMT, Valerie Peng wrote:
> > It looks good to me to rollback to previous behaviors. I was just
> > wondering, if the use of key in other methods, like hashCode()/equals(),
> > has the similar issue? Thanks!
>
> For the usage of hashCode()/equals(), there should be
On Tue, 11 Jul 2023 18:09:26 GMT, Craig Andrews wrote:
> When loading the default JVM trust store, if the JVM trust store contains an
> invalid certificate, the exception contains insufficient information to
> determine which certificate is invalid, making it very difficult to fix the
> proble
On Wed, 26 Apr 2023 11:51:23 GMT, Jaikiran Pai wrote:
>> Can I please get a review of this change which proposes to fix the issue
>> reported in https://bugs.openjdk.org/browse/JDK-8301686?
>>
>> The internal implementation of SSLContext caches SSLSession(s). These
>> sessions are for a partic
On Thu, 13 Jul 2023 08:51:23 GMT, Pavel Rappo wrote:
>> Please review this PR to use modern APIs and language features to simplify
>> `equals` and `hashCode` in security area.
>>
>> I understand that security area is sensitive and a non-expert, such as
>> myself, should tread carefully; so bel
> Please review this PR to use modern APIs and language features to simplify
> `equals` and `hashCode` in security area.
>
> I understand that security area is sensitive and a non-expert, such as
> myself, should tread carefully; so below are my notes to assist the review.
>
> * Unlike `hashCod
On Thu, 13 Jul 2023 20:58:45 GMT, Valerie Peng wrote:
>> src/java.base/share/classes/com/sun/crypto/provider/PBKDF2KeyImpl.java line
>> 1:
>>
>>> 1: /*
>>
>> I also think the change which moved the registering of the `Cleaner` outside
>> the `finally` block in the constructor is not correct,
On Thu, 13 Jul 2023 18:27:08 GMT, Sean Mullan wrote:
>> This change adds back the Reference.ReachabilityFence(Object) call removed
>> by [JDK-8301553](https://bugs.openjdk.org/browse/JDK-8301553).
>>
>> Please help review.
>> Thanks!
>> Valerie
>
> src/java.base/share/classes/com/sun/crypto/pro
On Thu, 13 Jul 2023 04:15:54 GMT, Xue-Lei Andrew Fan wrote:
> It looks good to me to rollback to previous behaviors. I was just wondering,
> if the use of key in other methods, like hashCode()/equals(), has the similar
> issue? Thanks!
For the usage of hashCode()/equals(), there should be stro
On Thu, 13 Jul 2023 18:16:21 GMT, Sean Mullan wrote:
>> This change adds back the Reference.ReachabilityFence(Object) call removed
>> by [JDK-8301553](https://bugs.openjdk.org/browse/JDK-8301553).
>>
>> Please help review.
>> Thanks!
>> Valerie
>
> src/java.base/share/classes/com/sun/crypto/pro
On Thu, 13 Jul 2023 18:07:54 GMT, Justin Lu wrote:
>> Please review this PR which addresses `KeytoolReaderP12Test.java` failing
>> for non-English locale users.
>>
>> This test checks output from keytool, but fails on finding the value 'alias
>> name' for non-English locale users. This is beca
On Thu, 13 Jul 2023 02:46:10 GMT, Valerie Peng wrote:
> This change adds back the Reference.ReachabilityFence(Object) call removed by
> [JDK-8301553](https://bugs.openjdk.org/browse/JDK-8301553).
>
> Please help review.
> Thanks!
> Valerie
src/java.base/share/classes/com/sun/crypto/provider/PB
On Thu, 13 Jul 2023 02:46:10 GMT, Valerie Peng wrote:
> This change adds back the Reference.ReachabilityFence(Object) call removed by
> [JDK-8301553](https://bugs.openjdk.org/browse/JDK-8301553).
>
> Please help review.
> Thanks!
> Valerie
src/java.base/share/classes/com/sun/crypto/provider/PB
On Fri, 7 Jul 2023 18:58:02 GMT, Justin Lu wrote:
> Please review this PR which addresses `KeytoolReaderP12Test.java` failing for
> non-English locale users.
>
> This test checks output from keytool, but fails on finding the value 'alias
> name' for non-English locale users. This is because 'a
> Please review this PR which addresses `KeytoolReaderP12Test.java` failing for
> non-English locale users.
>
> This test checks output from keytool, but fails on finding the value 'alias
> name' for non-English locale users. This is because 'alias name' is a
> localized value. (For example, in
On Mon, 26 Jun 2023 17:38:04 GMT, Matthew Donovan wrote:
> In this PR, I updated the test to use read time-outs. The test is restarted
> if the read operations time-out within (default) 30 seconds. The test makes 5
> attempts before giving up.
This pull request has now been integrated.
Change
On Thu, 13 Jul 2023 17:36:47 GMT, Matthew Donovan wrote:
>> test/jdk/javax/net/ssl/DTLS/DTLSWontNegotiateV10.java line 51:
>>
>>> 49: private static final String DTLSV_1_2 = "DTLSv1.2";
>>> 50:
>>> 51: private static final int READ_TIMEOUT_SECS =
>>> Integer.getInteger("readtimeout", 3
On Thu, 13 Jul 2023 16:47:14 GMT, Jamil Nimeh wrote:
>> In this PR, I updated the test to use read time-outs. The test is restarted
>> if the read operations time-out within (default) 30 seconds. The test makes
>> 5 attempts before giving up.
>
> test/jdk/javax/net/ssl/DTLS/DTLSWontNegotiateV10
On 7/13/23 12:27 PM, Martin Balao wrote:
On 7/13/23 12:06, Sean Mullan wrote:
One other comment that I thought of - is that from a practical
standpoint, I think it will be hard to unilaterally disable an algorithm
at the JCE layer unless it is so broken that almost no code ever uses
it, say M
On Mon, 26 Jun 2023 17:38:04 GMT, Matthew Donovan wrote:
> In this PR, I updated the test to use read time-outs. The test is restarted
> if the read operations time-out within (default) 30 seconds. The test makes 5
> attempts before giving up.
Aside from the nit, looks good to me.
test/jdk/ja
On Thu, 13 Jul 2023 12:11:09 GMT, Matthew Donovan wrote:
>> I reverted the changes to SSLEngineImpl and looked at the history of
>> SSLSocketImpl and TransportContext but didn't see anything that I would be
>> undoing with this change.
>
> Sorry for the delay on any updates here.
>
> I update
On 7/13/23 12:06, Sean Mullan wrote:
One other comment that I thought of - is that from a practical
standpoint, I think it will be hard to unilaterally disable an algorithm
at the JCE layer unless it is so broken that almost no code ever uses
it, say MD2 or RC2. There may be cases where a weak
One other comment that I thought of - is that from a practical
standpoint, I think it will be hard to unilaterally disable an algorithm
at the JCE layer unless it is so broken that almost no code ever uses
it, say MD2 or RC2. There may be cases where a weak algorithm is
acceptable, for example
Hi Sean,
Thanks for your feedback.
Just to give some visibility, we have implemented most of the
functionality and are now working on final adjustments, more tests
coverage, documentation and internal reviews. The implementation is
pretty much aligned to what we previously discussed, with the
On Thu, 13 Jul 2023 08:51:23 GMT, Pavel Rappo wrote:
>> Please review this PR to use modern APIs and language features to simplify
>> `equals` and `hashCode` in security area.
>>
>> I understand that security area is sensitive and a non-expert, such as
>> myself, should tread carefully; so bel
On Mon, 26 Jun 2023 17:38:04 GMT, Matthew Donovan wrote:
> In this PR, I updated the test to use read time-outs. The test is restarted
> if the read operations time-out within (default) 30 seconds. The test makes 5
> attempts before giving up.
I'm looking for a reviewer on this, thanks!
-
On Wed, 21 Jun 2023 12:04:34 GMT, Matthew Donovan wrote:
>> There's a bit of a history with SSLSocket closures since the new handshaker
>> was brought into JDK11. Some of it dealt with synchronization, others with
>> properly handling full vs. half-duplex closes. You may want to look up some
On Wed, 12 Jul 2023 23:12:18 GMT, Valerie Peng wrote:
>> This change refactors the RSAPadding class to return an output record
>> containing the status instead of relying on exception object to indicate a
>> failure.
>>
>> Thanks in advance for review~
>> Valerie
>
> Valerie Peng has updated t
On Thu, 13 Jul 2023 04:35:31 GMT, Xue-Lei Andrew Fan wrote:
>> Valerie Peng has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> Address review feedbacks, e.g. Removed RSAPadding.Output and use byte[] as
>> before.
>
> src/java.base/share/cl
On Fri, 7 Jul 2023 23:19:27 GMT, Pavel Rappo wrote:
>> Please review this PR to use modern APIs and language features to simplify
>> `equals` and `hashCode` in security area.
>>
>> I understand that security area is sensitive and a non-expert, such as
>> myself, should tread carefully; so belo
> Please review this PR to use modern APIs and language features to simplify
> `equals` and `hashCode` in security area.
>
> I understand that security area is sensitive and a non-expert, such as
> myself, should tread carefully; so below are my notes to assist the review.
>
> * Unlike `hashCod
34 matches
Mail list logo
