On Thu, 17 Apr 2025 03:14:14 GMT, Martin Balao wrote:
>> Hi,
>>
>> I would like to request a review for the fix of JDK-8350661. In this fix, we
>> translate the native PKCS 11 error code into an
>> `InvalidAlgorithmParameterException`, as documented in the `KDF::deriveKey`
>> API. With that s
> This fix addresses a performance regression found on some aarch64 processors,
> namely the Apple M1, when we moved to a quarter round parallel implementation
> in JDK-8349106. After making some improvements in the ordering of the
> instructions in the 20-round loop we found that going back to
On Thu, 17 Apr 2025 03:14:14 GMT, Martin Balao wrote:
>> Hi,
>>
>> I would like to request a review for the fix of JDK-8350661. In this fix, we
>> translate the native PKCS 11 error code into an
>> `InvalidAlgorithmParameterException`, as documented in the `KDF::deriveKey`
>> API. With that s
> This PR removes the internal JSSE HKDF impl and changes to use the KDF API
> for the HKDF support from JCA/JCE providers.
>
> This is just code refactoring. Known-answer regression test for the internal
> JSSE HKDF impl is removed as the test vectors are already covered by the HKDF
> impl in
On Thu, 17 Apr 2025 03:14:14 GMT, Martin Balao wrote:
>> Hi,
>>
>> I would like to request a review for the fix of JDK-8350661. In this fix, we
>> translate the native PKCS 11 error code into an
>> `InvalidAlgorithmParameterException`, as documented in the `KDF::deriveKey`
>> API. With that s
On Tue, 15 Apr 2025 23:01:56 GMT, Valerie Peng wrote:
>> As part of [https://bugs.openjdk.org/browse/JDK-8301553](JDK-8301553),
>> SunPKCS11 provider added support for PBE SecretKeyFactories for
>> `HmacPBESHAxxx` and `PBEWithHmacSHAxxxAndAES_yyy`. These impls produce keys
>> whose encoding co
The private marshal() method in sun.security.util.Debug still contains code to
parse "permission=" and "codebase=" options. These sub-options
were part of the "access" option which was removed in JDK 24 as part of JEP
486, so this code can be removed.
-
Commit messages:
- 8353001:
On Thu, 10 Apr 2025 15:30:28 GMT, Weijun Wang wrote:
> Add 2 `MessageDigest` algorithms.
I will take a look~
-
PR Comment: https://git.openjdk.org/jdk/pull/24576#issuecomment-2813594903
On Thu, 12 Dec 2024 19:59:05 GMT, Anthony Scarpino
wrote:
>> Hi all,
>>
>> I need a code review of the PEM API. Privacy-Enhanced Mail (PEM) is a
>> format for encoding and decoding cryptographic keys and certificates. It
>> will be integrated into JDK24 as a Preview Feature. Preview featur
On Thu, 13 Mar 2025 01:15:03 GMT, Anthony Scarpino
wrote:
>> Hi all,
>>
>> I need a code review of the PEM API. Privacy-Enhanced Mail (PEM) is a
>> format for encoding and decoding cryptographic keys and certificates. It
>> will be integrated into JDK24 as a Preview Feature. Preview featur
> Hi all,
>
> I need a code review of the PEM API. Privacy-Enhanced Mail (PEM) is a format
> for encoding and decoding cryptographic keys and certificates. It will be
> integrated into JDK24 as a Preview Feature. Preview features does not
> permanently define the API and it is subject to cha
On Mon, 14 Apr 2025 23:59:39 GMT, Bradford Wetmore wrote:
>
> This bug only handles the `ssl` change, so I'm thinking we should change the
> regtest for this bug to be a simple test looking for the effects of `ssl`
> with no `data/verbose/plaintext/packet` output, and move (or update) this
>
> Breaking the parent JDK-8044609 JBS issue into sub tasks.
>
> This patch addresses the main issue which is that `javax.net.debug=ssl `
> option is completely broken since TLSv1.3 support was introduced. This patch
> should be easier for backporting also.
>
> Wider corrections can be followe
On Thu, 3 Apr 2025 19:05:59 GMT, Artur Barashev wrote:
> MD5 algorithm is prohibited by TLSv1.3 RFC to be used in certificates:
>
>
> Any endpoint receiving any certificate which it would need to
> validate using any signature algorithm using an MD5 hash MUST abort
> the handshake with a "bad_c
On Thu, 17 Apr 2025 01:36:30 GMT, Artur Barashev wrote:
>> MD5 algorithm is prohibited by TLSv1.3 RFC to be used in certificates:
>>
>>
>> Any endpoint receiving any certificate which it would need to
>> validate using any signature algorithm using an MD5 hash MUST abort
>> the handshake with a
On Wed, 16 Apr 2025 22:03:07 GMT, Mark Powers wrote:
>> Artur Barashev has updated the pull request incrementally with one
>> additional commit since the last revision:
>>
>> Further optimization: remove unnecessary updates
>
> test/jdk/javax/net/ssl/HttpsURLConnection/CriticalSubjectAltName.
On Thu, 17 Apr 2025 01:36:30 GMT, Artur Barashev wrote:
>> MD5 algorithm is prohibited by TLSv1.3 RFC to be used in certificates:
>>
>>
>> Any endpoint receiving any certificate which it would need to
>> validate using any signature algorithm using an MD5 hash MUST abort
>> the handshake with a
> Hi,
>
> I would like to request a review for the fix of JDK-8350661. In this fix, we
> translate the native PKCS 11 error code into an
> `InvalidAlgorithmParameterException`, as documented in the `KDF::deriveKey`
> API. With that said, different PKCS 11 libraries may throw different errors
>
On Wed, 16 Apr 2025 19:22:51 GMT, Vladimir Ivanov wrote:
>> Ferenc Rakoczi has updated the pull request incrementally with one
>> additional commit since the last revision:
>>
>> Fixed asserts.
>
> src/hotspot/cpu/aarch64/vm_version_aarch64.cpp line 717:
>
>> 715: desc_len = (int)strlen(_c
* Changed the test to use scratch directory
* Cleaned up the imports
-
Commit messages:
- JDK-8183348: Better cleanup for
jdk/test/sun/security/pkcs12/P12SecretKey.java
Changes: https://git.openjdk.org/jdk/pull/24718/files
Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=24718&ra
On Wed, 16 Apr 2025 19:22:51 GMT, Vladimir Ivanov wrote:
>> Ferenc Rakoczi has updated the pull request incrementally with one
>> additional commit since the last revision:
>>
>> Fixed asserts.
>
> src/hotspot/cpu/aarch64/vm_version_aarch64.cpp line 717:
>
>> 715: desc_len = (int)strlen(_c
On Thu, 17 Apr 2025 09:40:02 GMT, Ferenc Rakoczi wrote:
>> src/hotspot/cpu/aarch64/vm_version_aarch64.cpp line 717:
>>
>>> 715: desc_len = (int)strlen(_cpu_desc);
>>> 716: snprintf(_cpu_desc + desc_len, CPU_DETAILED_DESC_BUF_SIZE -
>>> desc_len, " %s", _features_string);
>>> 717: fprintf(
> MD5 algorithm is prohibited by TLSv1.3 RFC to be used in certificates:
>
>
> Any endpoint receiving any certificate which it would need to
> validate using any signature algorithm using an MD5 hash MUST abort
> the handshake with a "bad_certificate" alert.
>
>
>
> The bug manifests itself wh
23 matches
Mail list logo
