On Fri, 5 Aug 2022 14:57:45 GMT, Xue-Lei Andrew Fan wrote:
> This update is to support key exchange named groups customization for
> individual (D)TLS connection. Please review the CSR as well:
> CSR: https://bugs.openjdk.org/browse/JDK-8291950
> RFE: https://bugs.openjdk.org/browse/JDK-8281236
> This fix adds Certigna root CA to cacerts trust store.
Rajan Halade has updated the pull request with a new target base due to a merge
or a rebase. The incremental webrev excludes the unrelated changes brought in
by the merge/rebase. The pull request contains six additional commits since the
On Tue, 1 Nov 2022 16:14:20 GMT, Daniel Fuchs wrote:
>> Deprecate URL constructors. Developers are encouraged to use `java.net.URI`
>> to parse or construct any URL.
>>
>> The `java.net.URL` class does not itself encode or decode any URL components
>> according to the escaping mechanism define
On Wed, 2 Nov 2022 08:24:37 GMT, Rajan Halade wrote:
>> This fix adds Certigna root CA to cacerts trust store.
>
> Rajan Halade has updated the pull request with a new target base due to a
> merge or a rebase. The incremental webrev excludes the unrelated changes
> brought in by the merge/rebas
On Tue, 1 Nov 2022 13:34:40 GMT, Weijun Wang wrote:
> This code change removes `getElements()` and `delete()` from `CertAttrSet`
> and all its subclasses. The `getName()` method is moved to `s.s.x.Extension`
> since it's only useful there.
>
> Except for removing lines, the only place where re
On Tue, 1 Nov 2022 13:34:40 GMT, Weijun Wang wrote:
> This code change removes `getElements()` and `delete()` from `CertAttrSet`
> and all its subclasses. The `getName()` method is moved to `s.s.x.Extension`
> since it's only useful there.
>
> Except for removing lines, the only place where re
On Sat, 8 Oct 2022 15:34:57 GMT, Xue-Lei Andrew Fan wrote:
>> Hi,
>>
>> May I have this patch reviewed?
>>
>> This is one of a few steps to improve the EC performance. The multiplicative
>> inverse implementation could be improved for better performance.
>>
>> For secp256r1 prime p, the curr
On Mon, 31 Oct 2022 17:19:21 GMT, Xue-Lei Andrew Fan wrote:
> > ... you only have one chance to measure, so cannot average out noise ...
>
> There are cases that one chance is enough to place an attack. We normally
> don't discuss vulnerability details in public, please send me an email in
> p
> By moving the JFR event up to the java.security.cert.CertificateFactory
> class, we can record all generate cert events, including those from 3rd party
> providers. I've also altered the logic so that an event is genertate for
> every generate cert call (not just ones missing from the JDK prov
On Wed, 2 Nov 2022 15:42:08 GMT, Sean Coffey wrote:
>> By moving the JFR event up to the java.security.cert.CertificateFactory
>> class, we can record all generate cert events, including those from 3rd
>> party providers. I've also altered the logic so that an event is genertate
>> for every g
On Wed, 2 Nov 2022 14:44:30 GMT, Ferenc Rakoczi wrote:
> > > ... you only have one chance to measure, so cannot average out noise ...
> >
> >
> > There are cases that one chance is enough to place an attack. We normally
> > don't discuss vulnerability details in public, please send me an email
On Wed, 2 Nov 2022 14:35:20 GMT, Ferenc Rakoczi wrote:
>> Xue-Lei Andrew Fan has updated the pull request incrementally with one
>> additional commit since the last revision:
>>
>> more improvement
>
> src/java.base/share/classes/sun/security/util/math/IntegerModuloP.java line
> 410:
>
>> 4
> Hi,
>
> May I have this patch reviewed?
>
> This is one of a few steps to improve the EC performance. The multiplicative
> inverse implementation could be improved for better performance.
>
> For secp256r1 prime p, the current multiplicative inverse impl needs 256
> square and 128 multipli
Hi Carter,
Are you running this on an AVX512 machine? Have you seen/tried to run
this on a machine that does not have AVX512, like AVX2 or even aarch64?
thanks
Tony
On 11/1/22 12:19 PM, Anthony Scarpino wrote:
Hi Carter,
I'll have to review your data more and look into it.
thanks
Tony
I see that you ran this on a Xeon W-2175, so that answers that question.
So aside from the question about running it on any other processors, how
do you run jdk18 on your test. When I typed './gradlew run' it only ran
jdk17.
thanks
Tony
On 11/2/22 9:56 AM, Anthony Scarpino wrote:
Hi Carte
> So aside from the question about running it on any other processors, how
> do you run jdk18 on your test. When I typed './gradlew run' it only ran
> jdk17.
The easiest way is to update the source with '@Fork(value = 1, jvm =
"/absolute/path/to/bin/java")'
e.g. https://github.com/carterkozak/
The major change is to remove the `get` and `set` methods in various
`CertAttrSet` child classes and change them to `setXyz` and `getXyz` methods.
The `Xyz` words might come from the field name or the attribute name. For
example, `X509CertInfo` now has `setExtensions` and `setValidity` instead o
On Wed, 2 Nov 2022 19:52:54 GMT, Weijun Wang wrote:
> The major change is to remove the `get` and `set` methods in various
> `CertAttrSet` child classes and change them to `setXyz` and `getXyz` methods.
> The `Xyz` words might come from the field name or the attribute name. For
> example, `X50
18 matches
Mail list logo
