> Traditionally, an asymmetric key has a key size. The size is displayed by
> `keytool` and `jarsigner`, both in informational output and weak-key
> warnings. However, for the recently added ML-DSA algorithm, key size is not
> defined.
>
> Thus when an ML-DSA key is created, `keytool` shows
>
> Traditionally, an asymmetric key has a key size. The size is displayed by
> `keytool` and `jarsigner`, both in informational output and weak-key
> warnings. However, for the recently added ML-DSA algorithm, key size is not
> defined.
>
> Thus when an ML-DSA key is created, `keytool` shows
>
On Thu, 9 Jan 2025 19:19:11 GMT, Hai-May Chao wrote:
>> Weijun Wang has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> no more combined output
>
> src/java.base/share/classes/sun/security/tools/keytool/Main.java line 2074:
>
>> 2072:
On 1/8/25 4:06 AM, Tim Jacomb wrote:
TLS handshake fails with PKIX path building error.
Chain is Root -> Intermediate -> Leaf in the runnable example although
in our real-world use-case its Root -> Intermediate 1 -> Intermediate 2
-> Leaf
If I run the example only with Root -> Leaf then it
On Thu, 9 Jan 2025 03:29:37 GMT, Weijun Wang wrote:
> 8347289: HKDF delayed provider selection failed with non-extractable PRK
This pull request has now been integrated.
Changeset: 864d0fde
Author:Weijun Wang
URL:
https://git.openjdk.org/jdk/commit/864d0fde236c80c13a0428e099a6ee2ff6
On Fri, 13 Dec 2024 15:10:15 GMT, Weijun Wang wrote:
>> Traditionally, an asymmetric key has a key size. The size is displayed by
>> `keytool` and `jarsigner`, both in informational output and weak-key
>> warnings. However, for the recently added ML-DSA algorithm, key size is not
>> defined.
>
On Fri, 13 Dec 2024 15:10:15 GMT, Weijun Wang wrote:
>> Traditionally, an asymmetric key has a key size. The size is displayed by
>> `keytool` and `jarsigner`, both in informational output and weak-key
>> warnings. However, for the recently added ML-DSA algorithm, key size is not
>> defined.
>
On Fri, 13 Dec 2024 15:10:15 GMT, Weijun Wang wrote:
>> Traditionally, an asymmetric key has a key size. The size is displayed by
>> `keytool` and `jarsigner`, both in informational output and weak-key
>> warnings. However, for the recently added ML-DSA algorithm, key size is not
>> defined.
>
> Allow `Generic` as an algorithm in the `KeyAgreement::generateSecret(alg)`
> method.
Weijun Wang has updated the pull request incrementally with one additional
commit since the last revision:
"secret-key" to "secret key"
-
Changes:
- all: https://git.openjdk.org/jdk/pull/226
On Thu, 9 Jan 2025 18:19:26 GMT, Rajan Halade wrote:
>> Mikhail Yankelevich has refreshed the contents of this pull request, and
>> previous commits have been removed. The incremental views will show
>> differences compared to the previous content of the PR. The pull request
>> contains one ne
> Changed the gencert, so the certificate is now initialised to be with a start
> time of -1M. This prevents a potential error with the certificate not yet
> being valid.
> Similar solution to [this pull
> request](https://github.com/openjdk/jdk/pull/22592)
> Have tested the test 6000 times for
> Allow `Generic` as an algorithm in the `KeyAgreement::generateSecret(alg)`
> method.
Weijun Wang has updated the pull request incrementally with one additional
commit since the last revision:
not supported
-
Changes:
- all: https://git.openjdk.org/jdk/pull/22650/files
- ne
> Changed the gencert, so the certificate is now initialised to be with a start
> time of -1M. This prevents a potential error with the certificate not yet
> being valid.
> Similar solution to [this pull
> request](https://github.com/openjdk/jdk/pull/22592)
> Have tested the test 6000 times for
On Thu, 9 Jan 2025 03:29:37 GMT, Weijun Wang wrote:
> 8347289: HKDF delayed provider selection failed with non-extractable PRK
Look good.
-
Marked as reviewed by valeriep (Reviewer).
PR Review: https://git.openjdk.org/jdk/pull/22995#pullrequestreview-2540649639
On Thu, 9 Jan 2025 10:50:44 GMT, Mikhail Yankelevich wrote:
> Changed the gencert, so the certificate is now initialised to be with a start
> time of -1M. This prevents a potential error with the certificate not yet
> being valid.
> Similar solution to [this pull
> request](https://github.com
On Thu, 19 Dec 2024 20:48:18 GMT, Martin Balao wrote:
>> Martin Balao has updated the pull request with a new target base due to a
>> merge or a rebase. The incremental webrev excludes the unrelated changes
>> brought in by the merge/rebase.
>
> Added a non-goal to the JEP to indicate that secu
On Thu, 2 Jan 2025 14:41:48 GMT, Sean Mullan wrote:
> Periodically, we review the security algorithm requirements to see if new
> algorithms should be added or existing ones should be removed. The
> requirements are intended to improve interoperability across different SE
> implementations by
On Thu, 9 Jan 2025 14:31:53 GMT, Sean Mullan wrote:
>> Periodically, we review the security algorithm requirements to see if new
>> algorithms should be added or existing ones should be removed. The
>> requirements are intended to improve interoperability across different SE
>> implementations
On Fri, 13 Dec 2024 15:10:15 GMT, Weijun Wang wrote:
>> Traditionally, an asymmetric key has a key size. The size is displayed by
>> `keytool` and `jarsigner`, both in informational output and weak-key
>> warnings. However, for the recently added ML-DSA algorithm, key size is not
>> defined.
>
On Fri, 13 Dec 2024 15:10:15 GMT, Weijun Wang wrote:
>> Traditionally, an asymmetric key has a key size. The size is displayed by
>> `keytool` and `jarsigner`, both in informational output and weak-key
>> warnings. However, for the recently added ML-DSA algorithm, key size is not
>> defined.
>
If it's more clear or easier for you, we can do it.
I've re-opened JDK-8346720. We will reference JDK-8346720 in PR #22215's
commit for the code changes part. My understanding is that PR #22215 will
now be blocked by JDK-8346720's CSR.
We look forward to having the CSR for JDK-8346720 reviewed, s
> Periodically, we review the security algorithm requirements to see if new
> algorithms should be added or existing ones should be removed. The
> requirements are intended to improve interoperability across different SE
> implementations by requiring a set of commonly used algorithms. The
> al
On Wed, 8 Jan 2025 19:41:42 GMT, Hannes Wallnöfer wrote:
> Please review a doc-only change to add missing `@serial` javadoc tags in
> module `java.base`. This is a sub-task of [JDK-8286931] to allow us to
> re-enable the javadoc `-serialwarn` option in the JDK doc build, which has
> been disab
Changed the gencert, so the certificate is now initialised to be with a start
time of -1M. This prevents a potential error with the certificate not yet being
valid.
Similar solution to [this pull
request](https://github.com/openjdk/jdk/pull/22592)
Have tested the test 6000 times for stability a
On Wed, 8 Jan 2025 19:41:42 GMT, Hannes Wallnöfer wrote:
> Please review a doc-only change to add missing `@serial` javadoc tags in
> module `java.base`. This is a sub-task of [JDK-8286931] to allow us to
> re-enable the javadoc `-serialwarn` option in the JDK doc build, which has
> been disab
25 matches
Mail list logo
