On Wed, 28 May 2025 11:18:21 GMT, Mikhail Yankelevich
wrote:
>> Weijun Wang has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> more random testing
>
> src/java.security.jgss/share/classes/sun/security/krb5/C
irmed that they are parsed in the
> same way as [MIT
> krb5](https://github.com/krb5/krb5/blob/master/src/util/profile/test_parse.c).
> MIT krb5 ignores directory name after "include" but here it's an error.
Weijun Wang has updated the pull request incrementall
Several changes are made:
1. The "include" and "includedir" directives can appear everywhere, even inside
a section or a sub-section. However, it only means the content is inserted here
but the included file still need its own full structure -- from section to
subsections.
2. The same file can
On Fri, 23 May 2025 14:59:07 GMT, Nizar Benalla wrote:
>> Please review this patch to fix some `javadoc` bugs in `java.base`.
>> Certain `@link` tags used to refer to private fields instead of public APIs.
>>
>> A couple of `@see` tags in the [serialization
>> page](https://download.java.net/ja
On Thu, 22 May 2025 15:18:43 GMT, Nizar Benalla wrote:
>> Please review this patch to fix some `javadoc` bugs in `java.base`.
>> Certain `@link` tags used to refer to private fields instead of public APIs.
>>
>> A couple of `@see` tags in the [serialization
>> page](https://download.java.net/ja
> Implement HPKE as defined in https://datatracker.ietf.org/doc/rfc9180/.
> 
Weijun Wang has updated the pull request with a new target base due to a merge
or a re
On Fri, 16 May 2025 19:53:39 GMT, Weijun Wang wrote:
> This is a routine update to synchronize with the [Mozilla Public Suffix
> List](https://github.com/publicsuffix/list) for JDK 25, matching commit
> 823beb1 from 2025-05-12.
>
> The test has been updated to reflect corres
On Fri, 9 May 2025 10:31:19 GMT, Mikhail Yankelevich
wrote:
>> Refactor test/java/security/cert/CertificateFactory/slowstream.sh to java
>> test
>
> Mikhail Yankelevich has updated the pull request with a new target base due
> to a merge or a rebase. The incremental webrev excludes the unrelat
This is a routine update to synchronize with the [Mozilla Public Suffix
List](https://github.com/publicsuffix/list) for JDK 25, matching commit 823beb1
from 2025-05-12.
The test has been updated to reflect corresponding changes.
-
Commit messages:
- the fix
Changes: https://git.o
On Tue, 8 Apr 2025 18:14:53 GMT, Weijun Wang wrote:
> Finalize the KDF API.
This pull request has now been integrated.
Changeset: 079fccfa
Author: Weijun Wang
URL:
https://git.openjdk.org/jdk/commit/079fccfa9a03b890e698c52c689dea0f19f8fbee
Stats: 209 lines in 18 files chan
On Thu, 15 May 2025 04:26:30 GMT, Bradford Wetmore wrote:
>> src/java.base/share/classes/sun/security/ssl/SSLSessionImpl.java line 1682:
>>
>>> 1680: // ...now the final expand.
>>> 1681: return (deriveKey ?
>>> 1682:
>>> hkdf.
On Thu, 15 May 2025 03:37:57 GMT, Anthony Scarpino
wrote:
>> Hi all,
>>
>> I need a code review of the PEM API. Privacy-Enhanced Mail (PEM) is a
>> format for encoding and decoding cryptographic keys and certificates. It
>> will be integrated into JDK24 as a Preview Feature. Preview featur
On Fri, 9 May 2025 15:37:44 GMT, Ben Perez wrote:
> Added custom multi array allocation function to improve performance
Marked as reviewed by weijun (Reviewer).
-
PR Review: https://git.openjdk.org/jdk/pull/25151#pullrequestreview-284090
On Wed, 14 May 2025 08:25:41 GMT, Anthony Scarpino
wrote:
>> Hi all,
>>
>> I need a code review of the PEM API. Privacy-Enhanced Mail (PEM) is a
>> format for encoding and decoding cryptographic keys and certificates. It
>> will be integrated into JDK24 as a Preview Feature. Preview featur
On Wed, 14 May 2025 08:25:41 GMT, Anthony Scarpino
wrote:
>> Hi all,
>>
>> I need a code review of the PEM API. Privacy-Enhanced Mail (PEM) is a
>> format for encoding and decoding cryptographic keys and certificates. It
>> will be integrated into JDK24 as a Preview Feature. Preview featur
On Wed, 14 May 2025 08:25:41 GMT, Anthony Scarpino
wrote:
>> Hi all,
>>
>> I need a code review of the PEM API. Privacy-Enhanced Mail (PEM) is a
>> format for encoding and decoding cryptographic keys and certificates. It
>> will be integrated into JDK24 as a Preview Feature. Preview featur
On Wed, 14 May 2025 11:36:46 GMT, Weijun Wang wrote:
>> Anthony Scarpino has updated the pull request incrementally with one
>> additional commit since the last revision:
>>
>> comments
>
> src/java.base/share/classes/java/security/PEMRecord.java line 119:
>
On Wed, 14 May 2025 08:25:41 GMT, Anthony Scarpino
wrote:
>> Hi all,
>>
>> I need a code review of the PEM API. Privacy-Enhanced Mail (PEM) is a
>> format for encoding and decoding cryptographic keys and certificates. It
>> will be integrated into JDK24 as a Preview Feature. Preview featur
On Wed, 14 May 2025 08:25:41 GMT, Anthony Scarpino
wrote:
>> Hi all,
>>
>> I need a code review of the PEM API. Privacy-Enhanced Mail (PEM) is a
>> format for encoding and decoding cryptographic keys and certificates. It
>> will be integrated into JDK24 as a Preview Feature. Preview featur
On Tue, 13 May 2025 19:46:27 GMT, Sean Mullan wrote:
>> Anthony Scarpino has updated the pull request incrementally with one
>> additional commit since the last revision:
>>
>> comments on the 11th
>
> src/java.base/share/classes/java/security/PEMDecoder.java line 464:
>
>> 462: *
>> 46
On Tue, 13 May 2025 21:45:32 GMT, Anthony Scarpino
wrote:
>> Hi all,
>>
>> I need a code review of the PEM API. Privacy-Enhanced Mail (PEM) is a
>> format for encoding and decoding cryptographic keys and certificates. It
>> will be integrated into JDK24 as a Preview Feature. Preview featur
On Sun, 11 May 2025 19:02:55 GMT, Anthony Scarpino
wrote:
>> Hi all,
>>
>> I need a code review of the PEM API. Privacy-Enhanced Mail (PEM) is a
>> format for encoding and decoding cryptographic keys and certificates. It
>> will be integrated into JDK24 as a Preview Feature. Preview featur
On Tue, 13 May 2025 21:45:32 GMT, Anthony Scarpino
wrote:
>> Hi all,
>>
>> I need a code review of the PEM API. Privacy-Enhanced Mail (PEM) is a
>> format for encoding and decoding cryptographic keys and certificates. It
>> will be integrated into JDK24 as a Preview Feature. Preview featur
On Tue, 13 May 2025 16:49:36 GMT, Ben Perez wrote:
>> It turns out that initializing a multidimensional array with `int[][] a =
>> new int[rows][cols]` is slower than allocating each column in a loop. Since
>> we do a lot of large multidimensional array allocations in ML-DSA, the
>> optimized
On Tue, 13 May 2025 05:32:34 GMT, Bradford Wetmore wrote:
>> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE
>> respectively.
>>
>> CSR is underway.
>>
>> Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK
>> API (jck:api/java_security jck:
On Tue, 13 May 2025 05:32:34 GMT, Bradford Wetmore wrote:
>> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE
>> respectively.
>>
>> CSR is underway.
>>
>> Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK
>> API (jck:api/java_security jck:
On Tue, 13 May 2025 12:26:54 GMT, Sean Mullan wrote:
>> I was following the SecretKey.getEncoded() style. I see now that
>> KDF.deriveData() does do UOE.
>>
>> I could go either way on this. I do need to make this consistent, I have
>> TLSv1.3 using KDF style, and TLSv1-TLSv1.2 using the n
On Wed, 7 May 2025 22:43:10 GMT, Valerie Peng wrote:
>> In the PR for JDK-8348732 "SunJCE and SunPKCS11 have different PBE key
>> encodings", the `P11SecretKeyFactory.convertKey(...)` method is refactored
>> to call `getKeyInfo(keyAlgo)` and check that it's not `null`. However, this
>> leads t
On Sat, 10 May 2025 02:10:14 GMT, Bradford Wetmore wrote:
>> Valerie Peng has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> Address review feedbacks from Brad.
>
> src/java.base/share/classes/sun/security/util/KeyUtil.java line 451:
>
>>
On Fri, 9 May 2025 21:38:07 GMT, Bradford Wetmore wrote:
>> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE
>> respectively.
>>
>> CSR is underway.
>>
>> Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK
>> API (jck:api/java_security jck:a
On Thu, 8 May 2025 20:40:28 GMT, Anthony Scarpino wrote:
>> Hi all,
>>
>> I need a code review of the PEM API. Privacy-Enhanced Mail (PEM) is a
>> format for encoding and decoding cryptographic keys and certificates. It
>> will be integrated into JDK24 as a Preview Feature. Preview features
On Thu, 8 May 2025 20:40:28 GMT, Anthony Scarpino wrote:
>> Hi all,
>>
>> I need a code review of the PEM API. Privacy-Enhanced Mail (PEM) is a
>> format for encoding and decoding cryptographic keys and certificates. It
>> will be integrated into JDK24 as a Preview Feature. Preview features
> Finalize the KDF API.
Weijun Wang has updated the pull request incrementally with one additional
commit since the last revision:
new algorithms in SunJCE
-
Changes:
- all: https://git.openjdk.org/jdk/pull/24520/files
- new: https://git.openjdk.org/jdk/pull/24520/fi
On Thu, 8 May 2025 20:40:28 GMT, Anthony Scarpino wrote:
>> Hi all,
>>
>> I need a code review of the PEM API. Privacy-Enhanced Mail (PEM) is a
>> format for encoding and decoding cryptographic keys and certificates. It
>> will be integrated into JDK24 as a Preview Feature. Preview features
On Thu, 8 May 2025 20:40:28 GMT, Anthony Scarpino wrote:
>> Hi all,
>>
>> I need a code review of the PEM API. Privacy-Enhanced Mail (PEM) is a
>> format for encoding and decoding cryptographic keys and certificates. It
>> will be integrated into JDK24 as a Preview Feature. Preview features
On Thu, 8 May 2025 20:40:28 GMT, Anthony Scarpino wrote:
>> Hi all,
>>
>> I need a code review of the PEM API. Privacy-Enhanced Mail (PEM) is a
>> format for encoding and decoding cryptographic keys and certificates. It
>> will be integrated into JDK24 as a Preview Feature. Preview features
On Thu, 8 May 2025 04:46:31 GMT, Anthony Scarpino wrote:
>> src/java.base/share/classes/java/security/PEMDecoder.java line 228:
>>
>>> 226: * This method will read the {@code InputStream} until PEM data
>>> is
>>> 227: * found or until the end of the stream. Non-PEM data in the
>>> 2
On Thu, 8 May 2025 20:40:28 GMT, Anthony Scarpino wrote:
>> Hi all,
>>
>> I need a code review of the PEM API. Privacy-Enhanced Mail (PEM) is a
>> format for encoding and decoding cryptographic keys and certificates. It
>> will be integrated into JDK24 as a Preview Feature. Preview features
On Fri, 2 May 2025 06:09:52 GMT, Anthony Scarpino wrote:
>> Hi all,
>>
>> I need a code review of the PEM API. Privacy-Enhanced Mail (PEM) is a
>> format for encoding and decoding cryptographic keys and certificates. It
>> will be integrated into JDK24 as a Preview Feature. Preview features
On Thu, 8 May 2025 10:28:41 GMT, Mikhail Yankelevich
wrote:
>> Refactor test/java/security/cert/CertificateFactory/slowstream.sh to java
>> test
>
> Mikhail Yankelevich has updated the pull request incrementally with one
> additional commit since the last revision:
>
> Rajan's comments
tes
On Fri, 2 May 2025 06:09:52 GMT, Anthony Scarpino wrote:
>> Hi all,
>>
>> I need a code review of the PEM API. Privacy-Enhanced Mail (PEM) is a
>> format for encoding and decoding cryptographic keys and certificates. It
>> will be integrated into JDK24 as a Preview Feature. Preview features
On Wed, 7 May 2025 05:47:30 GMT, Bradford Wetmore wrote:
>> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE
>> respectively.
>>
>> CSR is underway.
>>
>> Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK
>> API (jck:api/java_security jck:a
On Wed, 7 May 2025 05:47:30 GMT, Bradford Wetmore wrote:
>> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE
>> respectively.
>>
>> CSR is underway.
>>
>> Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK
>> API (jck:api/java_security jck:a
On Mon, 5 May 2025 14:41:01 GMT, Sean Mullan wrote:
>> Anthony Scarpino has updated the pull request with a new target base due to
>> a merge or a rebase. The pull request now contains 66 commits:
>>
>> - major code review comments update
>> - Merge branch 'master' into pem
>> - Merge branch
On Thu, 24 Apr 2025 20:12:50 GMT, Mark Reinhold wrote:
>> Anthony Scarpino has updated the pull request incrementally with two
>> additional commits since the last revision:
>>
>> - javadoc updates
>> - code review comments
>
> src/java.base/share/classes/java/security/PEMEncoder.java line 74
On Fri, 2 May 2025 06:09:52 GMT, Anthony Scarpino wrote:
>> Hi all,
>>
>> I need a code review of the PEM API. Privacy-Enhanced Mail (PEM) is a
>> format for encoding and decoding cryptographic keys and certificates. It
>> will be integrated into JDK24 as a Preview Feature. Preview features
On Fri, 14 Feb 2025 16:43:32 GMT, Ben Perez wrote:
> It turns out that initializing a multidimensional array with `int[][] a = new
> int[rows][cols]` is slower than allocating each column in a loop. Since we do
> a lot of large multidimensional array allocations in ML-DSA, the optimized
> init
On Mon, 5 May 2025 20:04:46 GMT, Valerie Peng wrote:
>> Weijun Wang has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> fine tuning debug log and exception message
>
> test/jdk/com/sun/crypto/provider/KD
On Fri, 2 May 2025 06:09:52 GMT, Anthony Scarpino wrote:
>> Hi all,
>>
>> I need a code review of the PEM API. Privacy-Enhanced Mail (PEM) is a
>> format for encoding and decoding cryptographic keys and certificates. It
>> will be integrated into JDK24 as a Preview Feature. Preview features
> Finalize the KDF API.
Weijun Wang has updated the pull request incrementally with one additional
commit since the last revision:
fine tuning debug log and exception message
-
Changes:
- all: https://git.openjdk.org/jdk/pull/24520/files
- new: https://git.openjdk.org/
On Fri, 2 May 2025 12:50:41 GMT, Sean Mullan wrote:
>> Weijun Wang has updated the pull request with a new target base due to a
>> merge or a rebase. The pull request now contains six commits:
>>
>> - merge
>> - add a positive debug log and update exception mes
On Fri, 2 May 2025 00:17:29 GMT, Weijun Wang wrote:
> Fix the build error.
This pull request has now been integrated.
Changeset: c514f135
Author: Weijun Wang
URL:
https://git.openjdk.org/jdk/commit/c514f135ccf08c3be016a32ae8f2c055fb941857
Stats: 1 line in 1 file changed: 0
Fix the build error.
-
Commit messages:
- the fix
Changes: https://git.openjdk.org/jdk/pull/24993/files
Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=24993&range=00
Issue: https://bugs.openjdk.org/browse/JDK-8356051
Stats: 1 line in 1 file changed: 0 ins; 0 del; 1 mod
Pat
On Thu, 10 Apr 2025 15:30:28 GMT, Weijun Wang wrote:
> Add 2 `MessageDigest` algorithms.
This pull request has now been integrated.
Changeset: 494ef6cb
Author: Weijun Wang
URL:
https://git.openjdk.org/jdk/commit/494ef6cb8cff7f29a7346364e7620eebcec48d3b
Stats: 98 lines in 5 fi
On Thu, 1 May 2025 19:32:03 GMT, Bradford Wetmore wrote:
>> src/java.base/share/classes/sun/security/ssl/SSLSessionImpl.java line 1691:
>>
>>> 1689: // ...now the final expand.
>>> 1690: SecretKey key = hkdf.expand(derivedSecret, hkdfInfo,
>>> length,
>>> 1691:
On Wed, 30 Apr 2025 15:50:31 GMT, Anthony Scarpino
wrote:
>> src/java.base/share/classes/sun/security/ec/ECPrivateKeyImpl.java line 157:
>>
>>> 155: }
>>> 156:
>>> 157: public byte[] getArrayS() {
>>
>> Why remove `getArrayS0`? Not worth saving those bytes?
>
> I just couldn't figure
On Thu, 1 May 2025 20:15:29 GMT, Valerie Peng wrote:
>> As part of [https://bugs.openjdk.org/browse/JDK-8301553](JDK-8301553),
>> SunPKCS11 provider added support for PBE SecretKeyFactories for
>> `HmacPBESHAxxx` and `PBEWithHmacSHAxxxAndAES_yyy`. These impls produce keys
>> whose encoding con
On Thu, 1 May 2025 00:25:38 GMT, Anthony Scarpino wrote:
>> Yes, this method is private. But you allow
>> `PEMEncoder().of().encode(PEMRecord)`. People might wonder why their leading
>> data is lost.
>
> Then they can call PEMRecord.leadingData().
They can. Just tell them.
>> I meant the newl
On Thu, 1 May 2025 15:15:51 GMT, Sean Mullan wrote:
>> Weijun Wang has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> engineGetBlockSize and engineGetOutputSize returns 0 when not initialized
>
> src/java.b
On Thu, 1 May 2025 15:06:11 GMT, Sean Mullan wrote:
>> Weijun Wang has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> engineGetBlockSize and engineGetOutputSize returns 0 when not initialized
>
> src/java.b
On Thu, 1 May 2025 15:02:11 GMT, Sean Mullan wrote:
>> Weijun Wang has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> engineGetBlockSize and engineGetOutputSize returns 0 when not initialized
>
> src/java.b
On Wed, 30 Apr 2025 23:38:03 GMT, Bradford Wetmore wrote:
>> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE
>> respectively.
>>
>> CSR is underway.
>>
>> Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK
>> API (jck:api/java_security jck:
On Thu, 1 May 2025 10:31:20 GMT, Mikhail Yankelevich
wrote:
>> * Changed the test to use scratch directory
>> * Cleaned up the imports
>
> Mikhail Yankelevich has updated the pull request incrementally with one
> additional commit since the last revision:
>
> changed file creation to use Uti
> Finalize the KDF API.
Weijun Wang has updated the pull request with a new target base due to a merge
or a rebase. The pull request now contains six commits:
- merge
- add a positive debug log and update exception message
- enhancing exception messages and debug outputs
- update @si
On Fri, 18 Apr 2025 21:04:51 GMT, Valerie Peng wrote:
>> As part of [https://bugs.openjdk.org/browse/JDK-8301553](JDK-8301553),
>> SunPKCS11 provider added support for PBE SecretKeyFactories for
>> `HmacPBESHAxxx` and `PBEWithHmacSHAxxxAndAES_yyy`. These impls produce keys
>> whose encoding co
> New security/system properties are introduced to determine which CHOICE a
> private key is encoded.
>
> Both the encoding and the expanded format are stored inside a `NamedPKCS8Key`
> now. When loading from a PKCS #8 key, the expanded format is either
> calculated or copied
On Wed, 30 Apr 2025 21:57:39 GMT, Mark Powers wrote:
>> The private key encoding formats of ML-KEM and ML-DSA are updated to match
>> the latest IETF drafts at:
>> https://datatracker.ietf.org/doc/html/draft-ietf-lamps-dilithium-certificates-08
>> and
>> https://datatracker.ietf.org/doc/html/
On Wed, 30 Apr 2025 22:33:24 GMT, Mark Powers wrote:
>> The private key encoding formats of ML-KEM and ML-DSA are updated to match
>> the latest IETF drafts at:
>> https://datatracker.ietf.org/doc/html/draft-ietf-lamps-dilithium-certificates-08
>> and
>> https://datatracker.ietf.org/doc/html/
> Finalize the KDF API.
Weijun Wang has updated the pull request incrementally with two additional
commits since the last revision:
- add a positive debug log and update exception message
- enhancing exception messages and debug outputs
-
Changes:
- all: ht
The private key encoding formats of ML-KEM and ML-DSA are updated to match the
latest IERTF drafts at:
https://datatracker.ietf.org/doc/html/draft-ietf-lamps-dilithium-certificates-08
and
https://datatracker.ietf.org/doc/html/draft-ietf-lamps-kyber-certificates-10.
New security/system properti
On Tue, 29 Apr 2025 21:44:26 GMT, Valerie Peng wrote:
>> This PR removes the internal JSSE HKDF impl and changes to use the KDF API
>> for the HKDF support from JCA/JCE providers.
>>
>> This is just code refactoring. Known-answer regression test for the internal
>> JSSE HKDF impl is removed as
On Tue, 29 Apr 2025 17:50:01 GMT, Valerie Peng wrote:
> Update CSR with the new names, e.g. with the output length suffix?
Thanks for reminding. Done.
-
PR Comment: https://git.openjdk.org/jdk/pull/24576#issuecomment-2839977324
On Mon, 28 Apr 2025 14:48:34 GMT, Weijun Wang wrote:
>> Add 2 `MessageDigest` algorithms.
>
> Weijun Wang has updated the pull request incrementally with one additional
> commit since the last revision:
>
> test alias usage
I mainly don't like the current [
On Sun, 27 Apr 2025 18:36:28 GMT, Anthony Scarpino
wrote:
>> src/java.base/share/classes/java/security/PEMDecoder.java line 60:
>>
>>> 58: * A specified return class must implement {@link DEREncodable} and be
>>> an
>>> 59: * appropriate JCE object class for the PEM; otherwise an
>>> 60: *
On Sun, 27 Apr 2025 22:11:57 GMT, Anthony Scarpino
wrote:
>> src/java.base/share/classes/java/security/PEMEncoder.java line 279:
>>
>>> 277: if (keySpec != null) {
>>> 278: // For thread safety
>>> 279: lock.lock();
>>
>> How much does this lock buy? If someone
On Sun, 27 Apr 2025 21:33:06 GMT, Anthony Scarpino
wrote:
>> src/java.base/share/classes/java/security/PEMEncoder.java line 134:
>>
>>> 132: private String pemEncoded(PEMRecord pem) {
>>> 133: StringBuilder sb = new StringBuilder(1024);
>>> 134: sb.append("-BEGIN ").appe
On Sat, 26 Apr 2025 07:57:42 GMT, Anthony Scarpino
wrote:
>> src/java.base/share/classes/java/security/PEMRecord.java line 135:
>>
>>> 133: /**
>>> 134: * Returns the binary encoding from the Base64 data contained in
>>> 135: * {@code pem}.
>>
>> The name does not sound correct t
On Mon, 28 Apr 2025 03:44:43 GMT, Anthony Scarpino
wrote:
>> src/java.base/share/classes/javax/crypto/EncryptedPrivateKeyInfo.java line
>> 416:
>>
>>> 414: * {@link PrivateKey} using the {@code encKey} and given
>>> parameters.
>>> 415: *
>>> 416: * If {@code algorithm} is {@co
On Sun, 27 Apr 2025 22:20:32 GMT, Anthony Scarpino
wrote:
>> src/java.base/share/classes/java/security/PEMEncoder.java line 300:
>>
>>> 298: // If `key` is non-null, this is an encoder ready to encrypt.
>>> 299: if (key != null) {
>>> 300: if (privateBytes == null ||
On Sun, 27 Apr 2025 22:18:13 GMT, Anthony Scarpino
wrote:
>> src/java.base/share/classes/java/security/PEMEncoder.java line 287:
>>
>>> 285: keySpec = null;
>>> 286: } catch (GeneralSecurityException e) {
>>> 287: throw new SecurityExcepti
> Add 2 `MessageDigest` algorithms.
Weijun Wang has updated the pull request incrementally with one additional
commit since the last revision:
test alias usage
-
Changes:
- all: https://git.openjdk.org/jdk/pull/24576/files
- new: https://git.openjdk.org/jdk/pull/24576/fi
On Thu, 10 Apr 2025 15:30:28 GMT, Weijun Wang wrote:
> Add 2 `MessageDigest` algorithms.
I updated the names. I also changed the names in `KnownOID`. According to
https://csrc.nist.gov/Projects/Computer-Security-Objects-Register/Algorithm-Registration#Hash,
these OIDs are assigned to &quo
> Add 2 `MessageDigest` algorithms.
Weijun Wang has updated the pull request incrementally with one additional
commit since the last revision:
new algorithm names
-
Changes:
- all: https://git.openjdk.org/jdk/pull/24576/files
- new: https://git.openjdk.org/jdk/pull/24
On Thu, 17 Apr 2025 21:35:36 GMT, Valerie Peng wrote:
>> This PR removes the internal JSSE HKDF impl and changes to use the KDF API
>> for the HKDF support from JCA/JCE providers.
>>
>> This is just code refactoring. Known-answer regression test for the internal
>> JSSE HKDF impl is removed as
On Thu, 17 Apr 2025 15:51:09 GMT, Anthony Scarpino
wrote:
>> Hi all,
>>
>> I need a code review of the PEM API. Privacy-Enhanced Mail (PEM) is a
>> format for encoding and decoding cryptographic keys and certificates. It
>> will be integrated into JDK24 as a Preview Feature. Preview featur
On Mon, 21 Apr 2025 15:24:37 GMT, Weijun Wang wrote:
>> Consider adding a String or Enum argument to `of()` with the name of the
>> profile, ex "RFC9180".
>
> I can add a sentence saying if an implementation does not provide default
> numeric algorithm identi
> Implement HPKE as defined in https://datatracker.ietf.org/doc/rfc9180/.
> 
Weijun Wang has updated the pull request incrementally with one additional
commit since
On Thu, 17 Apr 2025 15:51:09 GMT, Anthony Scarpino
wrote:
>> Hi all,
>>
>> I need a code review of the PEM API. Privacy-Enhanced Mail (PEM) is a
>> format for encoding and decoding cryptographic keys and certificates. It
>> will be integrated into JDK24 as a Preview Feature. Preview featur
On Thu, 17 Apr 2025 17:17:15 GMT, Valerie Peng wrote:
> I will take a look~
Thanks.
I have 2 concerns on this feature:
1. These algorithms are mainly used in higher-level algorithms, mainly
signature algorithms. It seems seldom used on their owns. But again, even other
SHA-3 algorithms are no
On Thu, 17 Apr 2025 15:51:09 GMT, Anthony Scarpino
wrote:
>> Hi all,
>>
>> I need a code review of the PEM API. Privacy-Enhanced Mail (PEM) is a
>> format for encoding and decoding cryptographic keys and certificates. It
>> will be integrated into JDK24 as a Preview Feature. Preview featur
> Add `Cipher::exportKey` API.
Weijun Wang has updated the pull request with a new target base due to a merge
or a rebase. The incremental webrev excludes the unrelated changes brought in
by the merge/rebase. The pull request contains 16 additional commits since the
last revision:
- Me
the moment because
> `System.console()` is not available.
Weijun Wang has updated the pull request incrementally with one additional
commit since the last revision:
no more wildcard imports
-
Changes:
- all: https://git.openjdk.org/jdk/pull/24805/files
- new: https://git.
On Wed, 23 Apr 2025 13:54:37 GMT, Mikhail Yankelevich
wrote:
>> Weijun Wang has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> hide warning when password is piped into the command; enhance test
>
> test/
the moment because
> `System.console()` is not available.
Weijun Wang has updated the pull request incrementally with one additional
commit since the last revision:
modify the test to use hyperlinks
-
Changes:
- all: https://git.openjdk.org/jdk/pull/24805/files
- new: ht
the moment because
> `System.console()` is not available.
Weijun Wang has updated the pull request incrementally with one additional
commit since the last revision:
hide warning when password is piped into the command; enhance test
-
Changes:
- all: https://git.openjdk.org/jd
Add more description on password handling into the keytool man page. A link to
the man page is now added to the keytool help screen.
When keytool output is redirected into a file or file, a warning is shown:
$ keytool -genkeypair | type
Warning: password will be echoed because output is redirec
> Implement HPKE as defined in https://datatracker.ietf.org/doc/rfc9180/.
> 
Weijun Wang has updated the pull request with a new target base due to a merge
or a re
On Mon, 14 Apr 2025 16:14:03 GMT, Roger Riggs wrote:
>> The JavaIOFilePermissionAccess interface is removed from SharedSecrets and
>> its implementation (FilePermCompat.java) used by the test is moved to
>> java.io FilePermission where cross package access is not needed.
>> The test FilePermis
> Implement HPKE as defined in https://datatracker.ietf.org/doc/rfc9180/.
> 
Weijun Wang has updated the pull request incrementally with one additional
commit since the last revision:
address
On Tue, 15 Apr 2025 18:37:40 GMT, Sean Mullan wrote:
>> src/java.base/share/classes/javax/crypto/spec/HPKEParameterSpec.java line
>> 136:
>>
>>> 134: * {@snippet lang=java class="PackageSnippets"
>>> region="hpke-spec-example"}
>>> 135: *
>>> 136: * @implNote
>>
>> Making this implementati
1 - 100 of 1583 matches
Mail list logo
