On Fri, 14 Feb 2025 16:43:32 GMT, Ben Perez wrote:
> It turns out that initializing a multidimensional array with `int[][] a = new
> int[rows][cols]` is slower than allocating each column in a loop. Since we do
> a lot of large multidimensional array allocations in ML-DSA, the optimized
> init
On Fri, 18 Apr 2025 21:15:41 GMT, Valerie Peng wrote:
>> We would need to repeat code if we separate (invocation to
>> `P11KeyGenerator::checkKeySize`). Does not look complex enough in my opinion
>> to merit this split.
>
> The separation can remove 1 conditional block, so only 1 extra line and
On Fri, 18 Apr 2025 19:52:45 GMT, Martin Balao wrote:
>> src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11SecretKeyFactory.java
>> line 605:
>>
>>> 603: }
>>> 604: }
>>> 605: }
>>
>> Hmm, how about separating out AES, RC4,
> As part of [https://bugs.openjdk.org/browse/JDK-8301553](JDK-8301553),
> SunPKCS11 provider added support for PBE SecretKeyFactories for
> `HmacPBESHAxxx` and `PBEWithHmacSHAxxxAndAES_yyy`. These impls produce keys
> whose encoding contains the PBKDF2 derived bytes. Given that SunJCE provider
On Thu, 17 Apr 2025 17:51:16 GMT, Mark Powers wrote:
>> Valerie Peng has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> minor comment and copyright year update.
>
> src/java.base/share/classes/sun/security/util/PBEUtil.java line 270:
>
>>
Take the class file version to reject flags not yet defined, redefined, or
obsoleted. The non-cffv version can return the preview flags when the current
runtime is in preview.
-
Depends on: https://git.openjdk.org/jdk/pull/23095
Commit messages:
- 8297271: AccessFlag.maskToAccessF
> Hi,
>
> I would like to request a review for the fix of JDK-8350661. In this fix, we
> translate the native PKCS 11 error code into an
> `InvalidAlgorithmParameterException`, as documented in the `KDF::deriveKey`
> API. With that said, different PKCS 11 libraries may throw different errors
>
On Thu, 17 Apr 2025 23:52:56 GMT, Valerie Peng wrote:
>> Martin Balao has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> Inform key sizes in the exception when failing check.
>
> src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11
On Thu, 17 Apr 2025 22:59:49 GMT, Valerie Peng wrote:
>> Martin Balao has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> Inform key sizes in the exception when failing check.
>
> src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11
On Thu, 17 Apr 2025 20:52:52 GMT, Valerie Peng wrote:
>> Martin Balao has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> Inform key sizes in the exception when failing check.
>
> src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11
On Fri, 18 Apr 2025 13:05:24 GMT, Daniel Fuchs wrote:
> Hi,
>
> Please find here a PR for the implementation of JEP [JDK-8291976: HTTP/3 for
> the HTTP Client API](https://bugs.openjdk.org/browse/JDK-8291976).
>
> The CSR can be viewed at [JDK-8350588: Implement HTTP/3 for the HTTP Client
> A
The current key manager is SunX509, which is configured in the java.security.
The SunX509 algorithm does not check of the local certificate. The PKIX
algorithm should be preferred now so that the default key manager could be more
robust.
-
Commit messages:
- Rework unit tests
- U
On Thu, 17 Apr 2025 03:14:14 GMT, Martin Balao wrote:
>> Hi,
>>
>> I would like to request a review for the fix of JDK-8350661. In this fix, we
>> translate the native PKCS 11 error code into an
>> `InvalidAlgorithmParameterException`, as documented in the `KDF::deriveKey`
>> API. With that s
On Fri, 18 Apr 2025 14:58:41 GMT, Matthew Donovan wrote:
>> This PR updates the CertificateBuilder with a new method that creates a new
>> instance with common fields (subject name, public key, serial number,
>> validity, and key uses) filled-in. One test, IPIdentities.java, is updated
>> to s
On Fri, 18 Apr 2025 14:58:41 GMT, Matthew Donovan wrote:
>> This PR updates the CertificateBuilder with a new method that creates a new
>> instance with common fields (subject name, public key, serial number,
>> validity, and key uses) filled-in. One test, IPIdentities.java, is updated
>> to s
On Fri, 18 Apr 2025 15:38:02 GMT, Artur Barashev wrote:
>> Matthew Donovan has updated the pull request with a new target base due to a
>> merge or a rebase. The pull request now contains 10 commits:
>>
>> - expanded wildcard imports
>> - Merge branch 'master' into certbuilder
>> - Merge bra
On Fri, 18 Apr 2025 14:24:10 GMT, Matthew Donovan wrote:
>> test/jdk/sun/net/www/protocol/https/HttpsURLConnection/IPIdentities.java
>> line 243:
>>
>>> 241: .addBasicConstraintsExt(false, false, -1)
>>> 242:
>>> .addExtension(CertificateBuilder.createIPSubjectA
> This PR updates the CertificateBuilder with a new method that creates a new
> instance with common fields (subject name, public key, serial number,
> validity, and key uses) filled-in. One test, IPIdentities.java, is updated to
> show how the method can be used to create various certificates.
On Thu, 3 Apr 2025 20:30:33 GMT, Artur Barashev wrote:
>> Matthew Donovan has updated the pull request with a new target base due to a
>> merge or a rebase. The pull request now contains seven commits:
>>
>> - reversed order of DN strings when making certificates.
>> - Merge branch 'master' i
Hi,
Please find here a PR for the implementation of JEP [JDK-8291976: HTTP/3 for
the HTTP Client API](https://bugs.openjdk.org/browse/JDK-8291976).
The CSR can be viewed at [JDK-8350588: Implement HTTP/3 for the HTTP Client
API](https://bugs.openjdk.org/browse/JDK-8350588)
This JEP proposes to
Provider is now added to the Security before the test
-
Commit messages:
- JDK-8230016: re-visit test
sun/security/pkcs11/Serialize/SerializeProvider.java
Changes: https://git.openjdk.org/jdk/pull/24750/files
Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=24750&range=00
Issue
21 matches
Mail list logo
