On Thu, 22 Feb 2024 01:14:24 GMT, Hai-May Chao wrote:
> For the PKIX KeyManager and PKCS12 Keystore, when the TLS server sends the
> ServerHello message and ultimately calls the
> X509KeyManagerImpl.chooseEngineServerAlias() method, it retrieves the private
> key from the keystore, decrypts it
On Thu, 22 Feb 2024 01:14:24 GMT, Hai-May Chao wrote:
> For the PKIX KeyManager and PKCS12 Keystore, when the TLS server sends the
> ServerHello message and ultimately calls the
> X509KeyManagerImpl.chooseEngineServerAlias() method, it retrieves the private
> key from the keystore, decrypts it
On Mon, 4 Mar 2024 03:58:18 GMT, John Jiang wrote:
> In method `X509Authentication::createServerPossession`, it looks unnecessary
> to define variable `serverAlias` out of the for-loop.
> It may be better to move `serverAlias` into that loop to narrow down the
> scope.
This pull request has no
On Fri, 1 Mar 2024 13:59:31 GMT, Matthew Donovan wrote:
>> For the PKIX KeyManager and PKCS12 Keystore, when the TLS server sends the
>> ServerHello message and ultimately calls the
>> X509KeyManagerImpl.chooseEngineServerAlias() method, it retrieves the
>> private key from the keystore, decry
On Thu, 22 Feb 2024 01:14:24 GMT, Hai-May Chao wrote:
> For the PKIX KeyManager and PKCS12 Keystore, when the TLS server sends the
> ServerHello message and ultimately calls the
> X509KeyManagerImpl.chooseEngineServerAlias() method, it retrieves the private
> key from the keystore, decrypts it
For the PKIX KeyManager and PKCS12 Keystore, when the TLS server sends the
ServerHello message and ultimately calls the
X509KeyManagerImpl.chooseEngineServerAlias() method, it retrieves the private
key from the keystore, decrypts it, and caches both the key and its
certificate. This caching cur
On Mon, 18 Mar 2024 16:47:24 GMT, Bill Huang wrote:
> This task addresses an essential aspect of our testing infrastructure: the
> proper handling and cleanup of temporary files and socket files created
> during test execution. The motivation behind these changes is to prevent the
> accumulati
On Fri, 23 Feb 2024 23:07:07 GMT, Alexey Bakhtin wrote:
>> Please review the proposed fix.
>>
>> The patch loads system root certificates from the MacOS Keychain with
>> TrustSettings.
>> It allows to build a trusted certificate path using the MacOS Keychain store
>> only.
>
> Alexey Bakhtin h
On Mon, 18 Mar 2024 21:05:38 GMT, Weijun Wang wrote:
>> CSR is in the Proposed state now. Workflow does not allow me to Finalize it.
>
> Now that it's in Proposed state, Joe will need to move to Provisional first.
> Since it was already Provisional some time ago and you haven't really updated
>
On Mon, 18 Mar 2024 20:55:17 GMT, Alexey Bakhtin wrote:
>> I added myself as a reviewer some time ago. You can finalize it and wait for
>> approval.
>
> CSR is in the Proposed state now. Workflow does not allow me to Finalize it.
Now that it's in Proposed state, Joe will need to move to Provisi
On Mon, 18 Mar 2024 20:50:06 GMT, Weijun Wang wrote:
>> Thank you. I've updated CSR and waiting for review.
>
> I added myself as a reviewer some time ago. You can finalize it and wait for
> approval.
CSR is in the Proposed state now. Workflow does not allow me to Finalize it.
-
P
On Mon, 18 Mar 2024 20:22:54 GMT, Alexey Bakhtin wrote:
>> Then this is the best solution we can find. I have no more comment and
>> thanks a lot for the patience. You might need to finalize your CSR now.
>
> Thank you. I've updated CSR and waiting for review.
I added myself as a reviewer some
On Mon, 18 Mar 2024 14:28:02 GMT, Weijun Wang wrote:
>> Hi @wangweij ,
>> Thank you for review.
>> Unfortunately `SecTrustCopyCustomAnchorCertificates` can not be used also.
>> It is used to retrieve certificates from your own created SecTrust. As I
>> know it is not possible to create/load Se
On Thu, 7 Mar 2024 11:57:07 GMT, Sean Coffey wrote:
>> Proposal to improve the `java.security.debug` output so that options exist
>> to add thread ID, thread name, source of log record and a timestamp
>> information to the output.
>>
>> examples:
>> format without patch :
>>
>>
>> properties
This task addresses an essential aspect of our testing infrastructure: the
proper handling and cleanup of temporary files and socket files created during
test execution. The motivation behind these changes is to prevent the
accumulation of unnecessary files in the default temporary directory, wh
On Mon, 11 Mar 2024 15:31:03 GMT, Weijun Wang wrote:
> Change `Krb5LoginModule` debugging to use `sun.security.util.Debug`.
This pull request has now been integrated.
Changeset: 569b05ad
Author:Weijun Wang
URL:
https://git.openjdk.org/jdk/commit/569b05addf69698fc93026b4dca69bc6ca092
On Sat, 9 Mar 2024 05:40:06 GMT, Alexey Bakhtin wrote:
>> src/java.base/macosx/native/libosxsecurity/KeystoreImpl.m line 525:
>>
>>> 523: // Load predefined root certificates from SystemRootCertificates
>>> keychain
>>> 524: // SecTrustCopyAnchorCertificates includes extra root certific
On Mon, 18 Mar 2024 06:59:57 GMT, Sibabrata Sahoo wrote:
>> Weijun Wang has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> typo
>
> test/jdk/sun/security/krb5/auto/LoginModuleDebug.java line 32:
>
>> 30: import com.sun.security.auth.module
On Fri, 15 Mar 2024 13:34:23 GMT, Sean Mullan wrote:
>> John Jiang has updated the pull request with a new target base due to a
>> merge or a rebase. The pull request now contains two commits:
>>
>> - Merge branch 'master' into JDK-8327182
>> - 8327182: Move serverAlias into the loop
>
> Look
Well I think AES-CCM is a decent candidate to start. If you choose to
work on this, you'll need to add support for AES/CCM to the JCE first.
Most of the code is already there: AES is implemented, CTR and CBC are
implemented, AEAD mode is implemented, so it's probably just a matter
of wiring these t
On Fri, 15 Mar 2024 13:46:12 GMT, Weijun Wang wrote:
>> Change `Krb5LoginModule` debugging to use `sun.security.util.Debug`.
>
> Weijun Wang has updated the pull request incrementally with one additional
> commit since the last revision:
>
> typo
Marked as reviewed by ssahoo (Committer).
te
21 matches
Mail list logo
