[JDK-8267068](https://bugs.openjdk.org/browse/JDK-8267068)
-
Commit messages:
- first iteration
Changes: https://git.openjdk.org/jdk/pull/23188/files
Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=23188&range=00
Issue: https://bugs.openjdk.org/browse/JDK-8267068
Stats: 15 li
I signed the OCA yesterday, just waiting for it to be approved
On Fri, 17 Jan 2025 at 22:20, Alexey Bakhtin wrote:
> Hello Sean,
>
> The enhancement looks reasonable.
> As far as I know, Tim submitted the PR for this enhancement. I will be
> happy to review and help with it.
>
> Regards
> Alexey
Hello Sean,
The enhancement looks reasonable.
As far as I know, Tim submitted the PR for this enhancement. I will be happy to
review and help with it.
Regards
Alexey
> On 17 Jan 2025, at 13:58, Sean Mullan wrote:
>
> Caution: This email originated from outside of the organization. Do not cli
Alexey,
Given your experience with implementing
https://bugs.openjdk.org/browse/JDK-8320362, is this something you would
be interested in working on?
Tim, any progress on the OCA?
Thanks,
Sean
On 1/13/25 2:47 PM, Alexey Bakhtin wrote:
Hello Sean, Tim
I've attached logs to the JDK-8347067
On Fri, 17 Jan 2025 20:35:28 GMT, Martin Balao wrote:
>> test/jdk/sun/security/pkcs11/KDF/TestHKDF.java line 524:
>>
>>> 522: }
>>> 523:
>>> 524: private static void test_AES_HKDFWithHmacSHA256_EmptyBaseKey() {
>>
>> Glad to see this one here. Is there one for null or empty salt?
>>
> We would like to propose an implementation of the HKDF algorithms for
> SunPKCS11, aligned with the KDF API proposed for JDK 24 (see [JEP 478: Key
> Derivation Function API
> (Preview)](https://bugs.openjdk.org/browse/JDK-8189808)).
>
> This implementation will be under the _Preview_ umbrella
On Fri, 17 Jan 2025 19:59:22 GMT, Kevin Driver wrote:
>> Martin Balao has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> Improve TestContext note about expectedOpOut
>>
>> Co-authored-by: Martin Balao Alonso
>> Co-authored-by: Franc
On Fri, 17 Jan 2025 20:17:23 GMT, Martin Balao wrote:
>> I see, so you are attempting to cover three cases then:
>>
>> 1) raw bytes
>> 2) present `SecretKey`
>> 3) token `SecretKey`
>>
>> In case three, the data would never have been available to the provider, so
>> you do not have bytes to r
On Fri, 17 Jan 2025 20:17:41 GMT, Kevin Driver wrote:
>> src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/wrapper/CK_HKDF_PARAMS.java
>> line 71:
>>
>>> 69: *
>>> 70: */
>>> 71: public final long prfHashMechanism;
>>
>> I'm assuming `CK_MECHANISM_TYPE` can safely map to
On Tue, 14 Jan 2025 01:22:30 GMT, Martin Balao wrote:
>> We would like to propose an implementation of the HKDF algorithms for
>> SunPKCS11, aligned with the KDF API proposed for JDK 24 (see [JEP 478: Key
>> Derivation Function API
>> (Preview)](https://bugs.openjdk.org/browse/JDK-8189808)).
>
On Fri, 17 Jan 2025 20:10:53 GMT, Kevin Driver wrote:
>> In some cases we need to return a `SecretKey` (a `P11SecretKey` instance,
>> internally) that represents a key inside the token. In some cases, we can
>> extract its bytes and create a key again with key translation, but it's
>> costly.
On Fri, 17 Jan 2025 20:16:18 GMT, Kevin Driver wrote:
>> Martin Balao has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> Improve TestContext note about expectedOpOut
>>
>> Co-authored-by: Martin Balao Alonso
>> Co-authored-by: Franc
On Fri, 17 Jan 2025 19:45:08 GMT, Martin Balao wrote:
>> src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11HKDF.java line
>> 117:
>>
>>> 115: boolean isExtract = false, isExpand = false;
>>> 116: boolean isData = retType == byte[].class;
>>> 117: assert isData
On Fri, 17 Jan 2025 18:19:56 GMT, Eirik Bjørsnøs wrote:
>> Please review this PR which adds the `final` modifier to non-subclassable
>> classes in `java.base`.
>>
>> The classes were identified using an automated analysis. See CSR for details.
>>
>> Besides simply adding the `final` access mod
On Tue, 14 Jan 2025 01:22:30 GMT, Martin Balao wrote:
>> We would like to propose an implementation of the HKDF algorithms for
>> SunPKCS11, aligned with the KDF API proposed for JDK 24 (see [JEP 478: Key
>> Derivation Function API
>> (Preview)](https://bugs.openjdk.org/browse/JDK-8189808)).
>
On Fri, 17 Jan 2025 19:37:07 GMT, Kevin Driver wrote:
>> src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11SecretKeyFactory.java
>> line 198:
>>
>>> 196: CK_ATTRIBUTE.SIGN_TRUE};
>>> 197:
>>> 198: P12MacPBEKeyInfo(String algo, long kdfMech, HMACKeyInfo
>>> h
On Fri, 17 Jan 2025 19:26:36 GMT, Kevin Driver wrote:
>> Martin Balao has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> Improve TestContext note about expectedOpOut
>>
>> Co-authored-by: Martin Balao Alonso
>> Co-authored-by: Franc
On Fri, 17 Jan 2025 19:35:59 GMT, Kevin Driver wrote:
>> Martin Balao has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> Improve TestContext note about expectedOpOut
>>
>> Co-authored-by: Martin Balao Alonso
>> Co-authored-by: Franc
On Tue, 14 Jan 2025 01:22:30 GMT, Martin Balao wrote:
>> We would like to propose an implementation of the HKDF algorithms for
>> SunPKCS11, aligned with the KDF API proposed for JDK 24 (see [JEP 478: Key
>> Derivation Function API
>> (Preview)](https://bugs.openjdk.org/browse/JDK-8189808)).
>
On Tue, 14 Jan 2025 01:22:30 GMT, Martin Balao wrote:
>> We would like to propose an implementation of the HKDF algorithms for
>> SunPKCS11, aligned with the KDF API proposed for JDK 24 (see [JEP 478: Key
>> Derivation Function API
>> (Preview)](https://bugs.openjdk.org/browse/JDK-8189808)).
>
On Wed, 15 Jan 2025 01:15:52 GMT, Valerie Peng wrote:
>> @martinuy: I agree and also acknowledge that it might be a matter of taste.
>> In my view, the object-oriented/polymorphic design looks more idiomatic.
>> Even if it spans a couple more classes/methods, each of them is shorter and
>> sim
> Please review this PR which adds the `final` modifier to non-subclassable
> classes in `java.base`.
>
> The classes were identified using an automated analysis. See CSR for details.
>
> Besides simply adding the `final` access modifier, the PR:
>
> * Updates a note in `java.lang.constant.Dyna
On Fri, 17 Jan 2025 00:45:54 GMT, Naoto Sato wrote:
>> This fix is a follow on for
>> [JDK-8342550](https://bugs.openjdk.org/browse/JDK-8342550). Replaces/Removes
>> usages of those deprecated time zone ids in tests.
>
> Naoto Sato has updated the pull request incrementally with one additional
Hello,
I would like to propose a solution for this test that makes it more clear when
it's skipped.
Regards,
Martin.-
-
Commit messages:
- 8225739: sun/security/pkcs11/tls/tls12/FipsModeTLS12.java is not reliable.
Changes: https://git.openjdk.org/jdk/pull/23177/files
Webrev: ht
On Tue, 26 Nov 2024 13:04:41 GMT, Eirik Bjørsnøs wrote:
> Please review this PR which adds the `final` modifier to non-subclassable
> classes in `java.base`.
>
> The classes were identified using an automated analysis. See CSR for details.
>
> Besides simply adding the `final` access modifier,
On Tue, 26 Nov 2024 13:04:41 GMT, Eirik Bjørsnøs wrote:
> Please review this PR which adds the `final` modifier to non-subclassable
> classes in `java.base`.
>
> The classes were identified using an automated analysis. See CSR for details.
>
> Besides simply adding the `final` access modifier,
26 matches
Mail list logo
