> We have a number of failing sun/security/pkcs11 test on RHEL 8.6, see
>
> https://bugs.openjdk.org/browse/JDK-8295343
> 8295343 : sun/security/pkcs11 tests fail on Linux RHEL 8.6
>
> The exceptions generated by these tests sometimes miss the cause (causing
> exception), it would be nice to hav
On Wed, 26 Oct 2022 15:22:41 GMT, Sean Mullan wrote:
>> Matthias Baesken has updated the pull request incrementally with one
>> additional commit since the last revision:
>>
>> More causes
>
> src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11PSSSignature.java
> line 212:
>
>> 21
On 27/10/2022 4:26 pm, Alan Bateman wrote:
On 26/10/2022 23:53, Peter Firmstone wrote:
The change will have some performance impact, by requiring redundant
parsing.
Just thought I'd mention it, in case it hasn't been thought of. If
you do an internet search there are other implementations o
On Thu, 27 Oct 2022 05:14:19 GMT, ExE Boss wrote:
>> src/java.base/share/classes/java/net/JarURLConnection.java line 177:
>>
>>> 175: @SuppressWarnings("deprecation")
>>> 176: var tmp = jarFileURL = new URL(spec.substring(0, separator++));
>>> 177:
>>
>> I realise that @Suppres
On Mon, 24 Oct 2022 22:09:29 GMT, vpaprotsk wrote:
>> Handcrafted x86_64 asm for Poly1305. Main optimization is to process 16
>> message blocks at a time. For more details, left a lot of comments in
>> `macroAssembler_x86_poly.cpp`.
>>
>> - Added new KAT test for Poly1305 and a fuzz test to co
On Wed, 26 Oct 2022 21:11:33 GMT, Jamil Nimeh wrote:
>> 10% is not a negligible impact. I see your point about AVX512 reaping the
>> rewards of this change, but there are plenty of x86_64 systems without
>> AVX512 that will be impacted, not to mention other platforms like aarch64
>> which (fo
On Tue, 25 Oct 2022 14:56:15 GMT, Sean Coffey wrote:
>> By moving the JFR event up to the java.security.cert.CertificateFactory
>> class, we can record all generate cert events, including those from 3rd
>> party providers. I've also altered the logic so that an event is genertate
>> for every
On Thu, 27 Oct 2022 09:17:29 GMT, Michael McMahon wrote:
>> Having unnamed local variables[^1] would probably be best for this.
>>
>> [^1]: https://openjdk.org/jeps/8294349
>
> How about `_unused` or `_unused1`, `_unused2` then in the meantime?
I'd be happy to make the change. Let's wait to see
On 27/10/2022 07:26, Alan Bateman wrote:
We have a strict URI 3986 implementation, which we use to create all
URL instances from.
Note also that though this change proposes to deprecate these
constructors in order to provide a stronger warning against their
potential misuse, it does not depreca
I'm considering using one of the non parsing constructors, as Alan
points out we're currently double parsing. By the time the constructor
is removed, I'm guessing there will be a RFC3986 URI implementation in
the JDK, so we'll change to that when it happens. Or if you decide to
not deprecate
Thanks for your interest in the topic.
> While it might not be a problem in practice (large buffers are ok, but larger
> than 1mb seems seldom, especially in multi threaded apps) it is still a
> condition which can be handled. But with AE ciphers becoming the norm, such
> large cipher chunks se
On Wed, 26 Oct 2022 15:18:15 GMT, Sean Mullan wrote:
> I think you mean InvalidParameterException.
> InvalidAlgorithmParameterException has a ctor that takes a cause. Can you
> file an RFE?
Sorry I meant indeed InvalidParameterException .
But I plan to propose this in another JBS issue not thi
Hello Carter,Thanks for the clarification. I agree there is code out there using large buffers to write to encrypting output streams, it’s just a question how often. If the internal chunking does not affect the more typical smaller chunk writers it might be worthwhile.But
On Tue, 25 Oct 2022 14:56:15 GMT, Sean Coffey wrote:
>> By moving the JFR event up to the java.security.cert.CertificateFactory
>> class, we can record all generate cert events, including those from 3rd
>> party providers. I've also altered the logic so that an event is genertate
>> for every
For timestamp nonces, change the PKCS7 code to use the default SecureRandom
PRNG (which varies depending on the OS), instead of SHA1PRNG.
-
Commit messages:
- Change PKCS7 code to use default SecureRandom impl instead of SHA1PRNG.
Changes: https://git.openjdk.org/jdk/pull/10883/fil
The fragmentation can be done within the update(…) functions that call the
intrinsified processBlocks(…) (in this case there are only 2 of those, with 3
call sites altogether), but a more general solution would be if somehow we
could tell the JIT compiler (with an annotation similar to
@Intrins
On Thu, 27 Oct 2022 14:21:19 GMT, Sean Mullan wrote:
> For timestamp nonces, change the PKCS7 code to use the default SecureRandom
> PRNG (which varies depending on the OS), instead of SHA1PRNG.
LGTM
-
PR: https://git.openjdk.org/jdk/pull/10883
On Thu, 27 Oct 2022 14:21:19 GMT, Sean Mullan wrote:
> For timestamp nonces, change the PKCS7 code to use the default SecureRandom
> PRNG (which varies depending on the OS), instead of SHA1PRNG.
Marked as reviewed by weijun (Reviewer).
-
PR: https://git.openjdk.org/jdk/pull/10883
On Thu, 27 Oct 2022 14:21:19 GMT, Sean Mullan wrote:
> For timestamp nonces, change the PKCS7 code to use the default SecureRandom
> PRNG (which varies depending on the OS), instead of SHA1PRNG.
Marked as reviewed by xuelei (Reviewer).
-
PR: https://git.openjdk.org/jdk/pull/10883
Hi Carter,
CTR doesn't have the same splitting up of the input data to speed the
triggering of the intrinsic that GCM has. The need to split data is
such as narrow situation as users don't typically use 1, 10 or 100MB
data sizes.
Are you using a particular application where you are seeing t
On Wed, 26 Oct 2022 16:00:56 GMT, Daniel Fuchs wrote:
> Deprecate URL constructors. Developers are encouraged to use `java.net.URI`
> to parse or construct any URL.
>
> The `java.net.URL` class does not itself encode or decode any URL components
> according to the escaping mechanism defined in
On Thu, 27 Oct 2022 14:21:19 GMT, Sean Mullan wrote:
> For timestamp nonces, change the PKCS7 code to use the default SecureRandom
> PRNG (which varies depending on the OS), instead of SHA1PRNG.
This pull request has now been integrated.
Changeset: 21571457
Author:Sean Mullan
URL:
On Thu, 27 Oct 2022 17:20:04 GMT, Joe Wang wrote:
> Hi Daniel, if it's not a major improvement, we'd like to keep the java.xml
> module at the JDK 8 code level. Can we remove the 'var' usage in a few
> java.xml classes?
No problem - I will make this change when we have settled on a name for th
On Thu, 27 Oct 2022 08:03:39 GMT, Matthias Baesken wrote:
>> We have a number of failing sun/security/pkcs11 test on RHEL 8.6, see
>>
>> https://bugs.openjdk.org/browse/JDK-8295343
>> 8295343 : sun/security/pkcs11 tests fail on Linux RHEL 8.6
>>
>> The exceptions generated by these tests someti
On Wed, 26 Oct 2022 16:00:56 GMT, Daniel Fuchs wrote:
> Deprecate URL constructors. Developers are encouraged to use `java.net.URI`
> to parse or construct any URL.
>
> The `java.net.URL` class does not itself encode or decode any URL components
> according to the escaping mechanism defined in
On Thu, 27 Oct 2022 17:50:37 GMT, Andrey Turbanov wrote:
>> Deprecate URL constructors. Developers are encouraged to use `java.net.URI`
>> to parse or construct any URL.
>>
>> The `java.net.URL` class does not itself encode or decode any URL components
>> according to the escaping mechanism de
> CTR doesn't have the same splitting up of the input data to speed the
> triggering of the intrinsic that GCM has. The need to split data is
> such as narrow situation as users don't typically use 1, 10 or 100MB
> data sizes.
In the case of Cipher usage outside of TLS, users may not know that the
On Thu, 27 Oct 2022 09:22:03 GMT, Jatin Bhateja wrote:
>> One small thing maybe: It doesn't look like R in `processMultipleBlocks` and
>> `rbytes` ever changes, so maybe there's no need to repeatedly
>> serialize/deserialize them on every call to engineUpdate? There is already
>> an `r` that
On Wed, 26 Oct 2022 16:00:56 GMT, Daniel Fuchs wrote:
> Deprecate URL constructors. Developers are encouraged to use `java.net.URI`
> to parse or construct any URL.
>
> The `java.net.URL` class does not itself encode or decode any URL components
> according to the escaping mechanism defined in
Enhance the Java programming language with string templates, which are similar
to string literals but contain embedded expressions. A string template is
interpreted at run time by replacing each expression with the result of
evaluating that expression, possibly after further validation and
tran
On Thu, 27 Oct 2022 20:16:14 GMT, Jim Laskey wrote:
> Enhance the Java programming language with string templates, which are
> similar to string literals but contain embedded expressions. A string
> template is interpreted at run time by replacing each expression with the
> result of evaluatin
Hi,
May I have this update reviewed?
The EC point multiplication for secp256r1 could be improved for better
performance, by using more efficient algorithm and pre-computation.
Improvement for other curves are similar, but will be addressed in separated
PRs.
The basic idea is using pre-comput
On Thu, 27 Oct 2022 22:10:15 GMT, Xue-Lei Andrew Fan wrote:
> Hi,
>
> May I have this update reviewed?
>
> The EC point multiplication for secp256r1 could be improved for better
> performance, by using more efficient algorithm and pre-computation.
> Improvement for other curves are similar,
On Fri, 7 Oct 2022 12:51:26 GMT, Alan Bateman wrote:
>> Michael Ernst has updated the pull request with a new target base due to a
>> merge or a rebase. The pull request now contains six commits:
>>
>> - Reinstate typos in Apache code that is copied into the JDK
>> - Merge ../jdk-openjdk into
34 matches
Mail list logo
