Re: RFR: 8350661: PKCS11 HKDF throws ProviderException when requesting a 31-byte AES key [v6]

On Mon, 21 Apr 2025 17:12:27 GMT, Martin Balao wrote: >> Hi, >> >> I would like to request a review for the fix of JDK-8350661. In this fix, we >> translate the native PKCS 11 error code into an >> `InvalidAlgorithmParameterException`, as documented in the `KDF::deriveKey` >> API. With that s

Re: RFR: 8350126: Regression ~3% on Crypto-ChaCha20Poly1305.encrypt for MacOSX aarch64 [v4]

> This fix addresses a performance regression found on some aarch64 processors, > namely the Apple M1, when we moved to a quarter round parallel implementation > in JDK-8349106. After making some improvements in the ordering of the > instructions in the 20-round loop we found that going back to

RFR: 8354235: Test javax/net/ssl/SSLSocket/Tls13PacketSize.java failed with java.net.SocketException: An established connection was aborted by the software in your host machine

In this PR, I updated the default `serverAddress` field to use the loopback interface. I also removed some unnecessary logic around creating the server interface and the client connecting code. - Commit messages: - 8354235: Test javax/net/ssl/SSLSocket/Tls13PacketSize.java failed w

Re: TLS support for X25519MLKEM768.

There is an enhancement at https://bugs.openjdk.org/browse/JDK-8314323. > On Apr 21, 2025, at 12:19, Azeem Jiva wrote: > > Hi, > Are there plans for TLS support for the X25519MLKEM768 key exchange in > OpenJDK? Thanks.

Re: RFR: 8350661: PKCS11 HKDF throws ProviderException when requesting a 31-byte AES key [v4]

On Fri, 18 Apr 2025 21:18:04 GMT, Valerie Peng wrote: >> The separation can remove 1 conditional block, so only 1 extra line and the >> flow looks cleaner in my opinion, e.g. >> Suggestion: >> >> case (int) CKK_DES, (int) CKK_DES3 -> { >> keyLength = P11KeyGe

Re: RFR: 8350661: PKCS11 HKDF throws ProviderException when requesting a 31-byte AES key [v6]

> Hi, > > I would like to request a review for the fix of JDK-8350661. In this fix, we > translate the native PKCS 11 error code into an > `InvalidAlgorithmParameterException`, as documented in the `KDF::deriveKey` > API. With that said, different PKCS 11 libraries may throw different errors >

Re: RFR: 8350126: Regression ~3% on Crypto-ChaCha20Poly1305.encrypt for MacOSX aarch64 [v3]

On Fri, 18 Apr 2025 01:11:48 GMT, Jamil Nimeh wrote: >> This fix addresses a performance regression found on some aarch64 >> processors, namely the Apple M1, when we moved to a quarter round parallel >> implementation in JDK-8349106. After making some improvements in the >> ordering of the in

Re: RFR: 8354053: Remove unused JavaIOFilePermissionAccess [v2]

On Mon, 14 Apr 2025 16:14:03 GMT, Roger Riggs wrote: >> The JavaIOFilePermissionAccess interface is removed from SharedSecrets and >> its implementation (FilePermCompat.java) used by the test is moved to >> java.io FilePermission where cross package access is not needed. >> The test FilePermis

TLS support for X25519MLKEM768.

Hi, Are there plans for TLS support for the X25519MLKEM768 key exchange in OpenJDK? Thanks.

Re: RFR: 8325448: Hybrid Public Key Encryption [v16]

> Implement HPKE as defined in https://datatracker.ietf.org/doc/rfc9180/. >  Weijun Wang has updated the pull request incrementally with one additional commit since the last revision: address Sean's comment

Re: RFR: 8325448: Hybrid Public Key Encryption [v15]

On Tue, 15 Apr 2025 18:37:40 GMT, Sean Mullan wrote: >> src/java.base/share/classes/javax/crypto/spec/HPKEParameterSpec.java line >> 136: >> >>> 134: * {@snippet lang=java class="PackageSnippets" >>> region="hpke-spec-example"} >>> 135: * >>> 136: * @implNote >> >> Making this implementati

Re: RFR: 8325448: Hybrid Public Key Encryption [v15]

On Tue, 15 Apr 2025 13:04:58 GMT, Sean Mullan wrote: >> Weijun Wang has updated the pull request incrementally with one additional >> commit since the last revision: >> >> toString, exportData, spec in HPKEParameters must have algorithm >> identifiers specified > > src/java.base/share/classe

Re: RFR: 8325448: Hybrid Public Key Encryption [v15]

On Tue, 15 Apr 2025 13:06:42 GMT, Sean Mullan wrote: >> Weijun Wang has updated the pull request incrementally with one additional >> commit since the last revision: >> >> toString, exportData, spec in HPKEParameters must have algorithm >> identifiers specified > > src/java.base/share/classe

Re: RFR: 8325448: Hybrid Public Key Encryption [v15]

On Mon, 14 Apr 2025 17:25:41 GMT, Sean Mullan wrote: >> Weijun Wang has updated the pull request incrementally with one additional >> commit since the last revision: >> >> toString, exportData, spec in HPKEParameters must have algorithm >> identifiers specified > > src/java.base/share/classe

Re: RFR: 8325448: Hybrid Public Key Encryption [v14]

On Fri, 11 Apr 2025 18:42:12 GMT, Sean Mullan wrote: >> Weijun Wang has updated the pull request incrementally with two additional >> commits since the last revision: >> >> - put encapsulation in params from getParameters >> - receiver must specify all algorithm identifiers > > src/java.base/

Re: RFR: 8325448: Hybrid Public Key Encryption [v14]

On Fri, 11 Apr 2025 18:35:07 GMT, Sean Mullan wrote: >> Weijun Wang has updated the pull request incrementally with two additional >> commits since the last revision: >> >> - put encapsulation in params from getParameters >> - receiver must specify all algorithm identifiers > > src/java.base/