On Thu, 6 Feb 2025 18:47:54 GMT, Ferenc Rakoczi wrote:
>> By using the aarch64 vector registers the speed of the computation of the
>> ML-DSA algorithms (key generation, document signing, signature verification)
>> can be approximately doubled.
>
> Ferenc Rakoczi has updated the pull request in
> Currently when a signature scheme constraint is specified with
> "jdk.tls.disabledAlgorithms" property we don't differentiate between
> signatures used to sign a TLS handshake exchange and the signatures used in
> TLS certificates:
> https://datatracker.ietf.org/doc/html/rfc8446#section-4.2.3
Currently when a signature scheme constraint is specified with
"jdk.tls.disabledAlgorithms" property we don't differentiate between signatures
used to sign a TLS handshake exchange and the signatures used in TLS
certificates:
https://datatracker.ietf.org/doc/html/rfc8446#section-4.2.3
-
On Mon, 20 Jan 2025 16:20:27 GMT, Fernando Guallini
wrote:
> The test javax/crypto/CryptoPermissions/InconsistentEntries.java should not
> modify the JDK home directory under test as that could impact the results of
> other tests, or it could fail if the JDK home dir is read-only.
>
> This PR
On Mon, 17 Feb 2025 11:40:59 GMT, Mikhail Yankelevich wrote:
> Changed `HexDumpEncoder`, so `encodeBuffer` always uses ISO_8859_1.
> This also fixes the issue with conversion in `encode` method, as the input is
> always ISO_8859_1.
The fix needs a test or you need to add an appropriate `noreg`
On Fri, 7 Feb 2025 21:15:36 GMT, Leonid Mesnik wrote:
> The fix add remaining classes to the testlibrary jar and fix some warnings in
> security-related classes.
This pull request has now been integrated.
Changeset: 62d93f2a
Author:Leonid Mesnik
URL:
https://git.openjdk.org/jdk/com
On Tue, 18 Feb 2025 15:48:26 GMT, Matthew Donovan wrote:
>> I need a review of this change that adds new timing controls for the initial
>> server setup. On rare occasions, more so on certain architectures, the
>> server may not fully start before the client tries to connect. Additional
>> d
On Tue, 18 Feb 2025 19:42:25 GMT, Anthony Scarpino
wrote:
>> test/jdk/javax/net/ssl/templates/TLSBase.java line 204:
>>
>>> 202: write(sock, read(sock));
>>> 203: } catch (Exception e) {
>>> 204: System.err.println("Caught " + e.getMessage
On Tue, 18 Feb 2025 15:38:50 GMT, Matthew Donovan wrote:
>> I need a review of this change that adds new timing controls for the initial
>> server setup. On rare occasions, more so on certain architectures, the
>> server may not fully start before the client tries to connect. Additional
>> d
On Mon, 17 Feb 2025 18:52:17 GMT, Fernando Guallini
wrote:
>> The test javax/crypto/CryptoPermissions/InconsistentEntries.java should not
>> modify the JDK home directory under test as that could impact the results of
>> other tests, or it could fail if the JDK home dir is read-only.
>>
>> Th
On Sat, 1 Feb 2025 04:20:36 GMT, Anthony Scarpino wrote:
> I need a review of this change that adds new timing controls for the initial
> server setup. On rare occasions, more so on certain architectures, the
> server may not fully start before the client tries to connect. Additional
> debug
On Tue, 4 Feb 2025 18:56:05 GMT, Hai-May Chao wrote:
>> I need a review of this change that adds new timing controls for the initial
>> server setup. On rare occasions, more so on certain architectures, the
>> server may not fully start before the client tries to connect. Additional
>> debug
> Earlier code will trigger NPE if the certificate does not contain the
> extensions or if the requested extensions does not exist. The better approach
> for hardening **getExtensionValue** here is to to check for NULL explicitly
> before calling **getExtensionValue()** and avoding try-catch blo
On Tue, 18 Feb 2025 11:45:57 GMT, Konanki Sreenath wrote:
>> Earlier code will trigger NPE if the certificate does not contain the
>> extensions or if the requested extensions does not exist. The better
>> approach for hardening **getExtensionValue** here is to to check for NULL
>> explicitly
On Sat, 1 Feb 2025 04:20:36 GMT, Anthony Scarpino wrote:
> I need a review of this change that adds new timing controls for the initial
> server setup. On rare occasions, more so on certain architectures, the
> server may not fully start before the client tries to connect. Additional
> debug
On Mon, 17 Feb 2025 11:06:09 GMT, Fernando Guallini
wrote:
>> This updates the OpenSSL version that is used by test
>> `sun/security/pkcs12/KeytoolOpensslInteropTest.java` to the current LTS
>> version (3.0 series).
>> There are some differences between the 1.1.x and the current OpenSSL versi
On Fri, 14 Feb 2025 18:22:26 GMT, Leonid Mesnik wrote:
>> The fix add remaining classes to the testlibrary jar and fix some warnings
>> in security-related classes.
>
> Leonid Mesnik has updated the pull request incrementally with two additional
> commits since the last revision:
>
> - added
On Sat, 15 Feb 2025 22:33:46 GMT, Bradford Wetmore wrote:
>> The example code in the JEP was much clearer than that in the current `KEM`
>> class. It's easier to keep the various nested classes straight, rather than
>> using `var`s which require scrolling to see what the return types are.
>>
On Mon, 17 Feb 2025 11:06:09 GMT, Fernando Guallini
wrote:
>> This updates the OpenSSL version that is used by test
>> `sun/security/pkcs12/KeytoolOpensslInteropTest.java` to the current LTS
>> version (3.0 series).
>> There are some differences between the 1.1.x and the current OpenSSL versi
On Sun, 16 Feb 2025 06:31:50 GMT, Konanki Sreenath wrote:
>> Earlier code will trigger NPE if the certificate does not contain the
>> extensions or if the requested extensions does not exist. The better
>> approach for hardening **getExtensionValue** here is to to check for NULL
>> explicitly
On Thu, 6 Feb 2025 18:47:54 GMT, Ferenc Rakoczi wrote:
>> By using the aarch64 vector registers the speed of the computation of the
>> ML-DSA algorithms (key generation, document signing, signature verification)
>> can be approximately doubled.
>
> Ferenc Rakoczi has updated the pull request in
On Thu, 6 Feb 2025 18:47:54 GMT, Ferenc Rakoczi wrote:
>> By using the aarch64 vector registers the speed of the computation of the
>> ML-DSA algorithms (key generation, document signing, signature verification)
>> can be approximately doubled.
>
> Ferenc Rakoczi has updated the pull request in
> Earlier code will trigger NPE if the certificate does not contain the
> extensions or if the requested extensions does not exist. The better approach
> for hardening **getExtensionValue** here is to to check for NULL explicitly
> before calling **getExtensionValue()** and avoding try-catch blo
23 matches
Mail list logo
