On Tue, 26 Mar 2024 06:00:33 GMT, Hai-May Chao wrote:
>> For the PKIX KeyManager and PKCS12 Keystore, when the TLS server sends the
>> ServerHello message and ultimately calls the
>> X509KeyManagerImpl.chooseEngineServerAlias() method, it retrieves the
>> private key from the keystore, decrypt
On Tue, 26 Mar 2024 06:00:33 GMT, Hai-May Chao wrote:
>> For the PKIX KeyManager and PKCS12 Keystore, when the TLS server sends the
>> ServerHello message and ultimately calls the
>> X509KeyManagerImpl.chooseEngineServerAlias() method, it retrieves the
>> private key from the keystore, decrypt
On Tue, 26 Mar 2024 07:48:10 GMT, Daniel Jeliński wrote:
> LGTM
Thanks for the review~
-
PR Comment: https://git.openjdk.org/jdk/pull/18387#issuecomment-2021625533
On Tue, 26 Mar 2024 19:35:29 GMT, Sean Mullan wrote:
> Is "disableLegacy" a standard PKCS11 attribute we are introducing support
> for? If so, I think a CSR is probably needed as it is kind of like a system
> property.
It's a configuration file option. Just for the uncommon case if users would
On Tue, 26 Mar 2024 15:57:55 GMT, Prajwal Kumaraswamy
wrote:
> > > > Now that we are going with the normative version first, maybe we should
> > > > make additional changes to clean up the flow further?Say,
> > > >
> > > > 1. update `jGCMParamsToCKGCMParamPtr(JNIEnv *env, jobject jParam,
> >
On Wed, 20 Mar 2024 02:44:19 GMT, Valerie Peng wrote:
> Existing legacy mechanism check disables mechanism(s) when the support is
> partial, e.g. supports decryption but not encryption, or supports
> verification but not signing. Some mechanisms can be used for both
> encryption/decryption and
On Mon, 25 Mar 2024 19:24:39 GMT, Aleksey Shipilev wrote:
>> See the rationale/discussion in the bug. This patch introduces the option
>> that allows to restore
>> pre-[JDK-8179503](https://bugs.openjdk.org/browse/JDK-8179503) behavior. The
>> default behavior does not change. Better suggestio
On Tue, 26 Mar 2024 18:34:42 GMT, Aleksey Shipilev wrote:
>> test/jdk/security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java
>> line 478:
>>
>>> 476: * @library /test/lib
>>> 477: * @build jtreg.SkippedException ValidatePathWithURL CAInterop
>>> 478: * @run main/oth
On Tue, 26 Mar 2024 17:48:49 GMT, Matthew Donovan wrote:
>> When resolving the location of the NSS library, the code appended a
>> hard-coded path: `/nss/lib`. This makes it difficult for a person to specify
>> the library when it is installed in a location such as `/usr/lib64`.
>>
>> In this
On Tue, 26 Mar 2024 18:10:39 GMT, Rajan Halade wrote:
>> Aleksey Shipilev has updated the pull request with a new target base due to
>> a merge or a rebase. The pull request now contains five commits:
>>
>> - Merge branch 'master' into JDK-8328638-ocsp-post
>> - Merge branch 'master' into JDK
> This task addresses an essential aspect of our testing infrastructure: the
> proper handling and cleanup of temporary files and socket files created
> during test execution. The motivation behind these changes is to prevent the
> accumulation of unnecessary files in the default temporary direc
On Mon, 25 Mar 2024 19:24:39 GMT, Aleksey Shipilev wrote:
>> See the rationale/discussion in the bug. This patch introduces the option
>> that allows to restore
>> pre-[JDK-8179503](https://bugs.openjdk.org/browse/JDK-8179503) behavior. The
>> default behavior does not change. Better suggestio
On Tue, 26 Mar 2024 16:31:06 GMT, Martin Balao wrote:
> Hi @mpdonova ,
>
> Thanks for contributing this fix. I've seen in java.nio.file.Files::find doc
> an implementation note saying that it should be used in a try-with-resource
> fashion to close the stream and any open directories. Should w
> When resolving the location of the NSS library, the code appended a
> hard-coded path: `/nss/lib`. This makes it difficult for a person to specify
> the library when it is installed in a location such as `/usr/lib64`.
>
> In this PR, I removed the hard-coded path and updated the code to searc
On Mon, 25 Mar 2024 22:51:48 GMT, Nizar Benalla wrote:
>> For context, I am writing tests to check for accurate use of `@since` tags
>> in documentation comments in source code.
>> We're following these rules for now:
>>
>> ### Rule 1: Introduction of New Elements
>>
>> - If an element is new
On Mon, 25 Mar 2024 22:51:48 GMT, Nizar Benalla wrote:
>> For context, I am writing tests to check for accurate use of `@since` tags
>> in documentation comments in source code.
>> We're following these rules for now:
>>
>> ### Rule 1: Introduction of New Elements
>>
>> - If an element is new
On Mon, 25 Mar 2024 22:51:48 GMT, Nizar Benalla wrote:
>> For context, I am writing tests to check for accurate use of `@since` tags
>> in documentation comments in source code.
>> We're following these rules for now:
>>
>> ### Rule 1: Introduction of New Elements
>>
>> - If an element is new
On Tue, 26 Mar 2024 14:02:27 GMT, Matthew Donovan wrote:
> When resolving the location of the NSS library, the code appended a
> hard-coded path: `/nss/lib`. This makes it difficult for a person to specify
> the library when it is installed in a location such as `/usr/lib64`.
>
> In this PR,
On Tue, 26 Mar 2024 12:07:49 GMT, Sean Mullan wrote:
> Looks good. Please also write a release note and I will review it.
Here you go: https://bugs.openjdk.org/browse/JDK-8329111
-
PR Comment: https://git.openjdk.org/jdk/pull/18408#issuecomment-2020848495
On Mon, 25 Mar 2024 21:05:07 GMT, Valerie Peng wrote:
> > > Now that we are going with the normative version first, maybe we should
> > > make additional changes to clean up the flow further?Say,
> > >
> > > 1. update `jGCMParamsToCKGCMParamPtr(JNIEnv *env, jobject jParam,
> > > CK_ULONG *pLen
On Thu, 21 Mar 2024 17:13:46 GMT, Bill Huang wrote:
>> This task addresses an essential aspect of our testing infrastructure: the
>> proper handling and cleanup of temporary files and socket files created
>> during test execution. The motivation behind these changes is to prevent the
>> accumu
When resolving the location of the NSS library, the code appended a hard-coded
path: `/nss/lib`. This makes it difficult for a person to specify the library
when it is installed in a location such as `/usr/lib64`.
In this PR, I removed the hard-coded path and updated the code to search the
spe
On Mon, 25 Mar 2024 19:24:39 GMT, Aleksey Shipilev wrote:
>> See the rationale/discussion in the bug. This patch introduces the option
>> that allows to restore
>> pre-[JDK-8179503](https://bugs.openjdk.org/browse/JDK-8179503) behavior. The
>> default behavior does not change. Better suggestio
On Wed, 20 Mar 2024 02:44:19 GMT, Valerie Peng wrote:
> Existing legacy mechanism check disables mechanism(s) when the support is
> partial, e.g. supports decryption but not encryption, or supports
> verification but not signing. Some mechanisms can be used for both
> encryption/decryption and
On Thu, 21 Mar 2024 17:13:46 GMT, Bill Huang wrote:
>> This task addresses an essential aspect of our testing infrastructure: the
>> proper handling and cleanup of temporary files and socket files created
>> during test execution. The motivation behind these changes is to prevent the
>> accumu
Thank you Valerie PENG for your PR, that's exactly what we need for French
Healthcare card.
I look foorward to use this in the next release.
Many thanks.
Nicolas
26 matches
Mail list logo
