> This change adds constructors (String,Throwable) and (Throwable) to
> InvalidParameterException and uses them at a few places in the jdk coding.
Matthias Baesken has updated the pull request incrementally with one additional
commit since the last revision:
Small adjustments to javadoc, some
On Thu, 3 Nov 2022 14:26:52 GMT, Matthias Baesken wrote:
>> This change adds constructors (String,Throwable) and (Throwable) to
>> InvalidParameterException and uses them at a few places in the jdk coding.
>
> Matthias Baesken has updated the pull request incrementally with one
> additional com
Hello,
I noticed that we're padding every TLS 1.3 record with exactly 16 zeros
[1]. I'd like to remove that padding to conserve network bandwidth and
processing power. Thoughts?
Some background:
- TLS 1.3 RFC [2] defines padding as a means to hide the size of the
traffic. Constant-length padding d
> This change will disable TLS_ECDH_* cipher suites by default. These cipher
> suites do not preserve forward secrecy and are rarely used in practice. See
> the CSR for more details and rationale.
>
> Users will still be able to enable the suites (at their own risk) by removing
> "ECDH" from th
On Fri, 4 Nov 2022 00:23:03 GMT, Bradford Wetmore wrote:
>> Sean Mullan has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> Fix "screcy" typos.
>
> test/jdk/javax/net/ssl/sanity/ciphersuites/CheckCipherSuites.java line 85:
>
>> 83:
> The major change is to remove the `get` and `set` methods in various
> `CertAttrSet` child classes and change them to `setXyz` and `getXyz` methods.
> The `Xyz` words might come from the field name or the attribute name. For
> example, `X509CertInfo` now has `setExtensions` and `setValidity` i
On Fri, 4 Nov 2022 03:20:11 GMT, Volodymyr Paprotski wrote:
>> Handcrafted x86_64 asm for Poly1305. Main optimization is to process 16
>> message blocks at a time. For more details, left a lot of comments in
>> `macroAssembler_x86_poly.cpp`.
>>
>> - Added new KAT test for Poly1305 and a fuzz t
On Wed, 2 Nov 2022 03:16:57 GMT, Jatin Bhateja wrote:
>>> And just looking now on uops.info, they seem to have identical timings?
>>
>> Actual instruction being used (aligned vs unaligned versions) doesn't matter
>> much here, because it's a dynamic property of the address being accessed:
>> m
On Fri, 28 Oct 2022 20:58:33 GMT, Volodymyr Paprotski wrote:
>> No, going the WhiteBox route was not something I was thinking of. I sought
>> feedback from a couple hotspot-knowledgable people about the use of WhiteBox
>> APIs and both felt that it was not the right way to go. One said that
On Tue, 18 Oct 2022 22:51:51 GMT, Sandhya Viswanathan
wrote:
>> Volodymyr Paprotski has updated the pull request with a new target base due
>> to a merge or a rebase. The pull request now contains 12 commits:
>>
>> - Merge remote-tracking branch 'origin/master' into avx512-poly
>> - address
On Fri, 4 Nov 2022 08:44:34 GMT, Matthias Baesken wrote:
>> This change adds constructors (String,Throwable) and (Throwable) to
>> InvalidParameterException and uses them at a few places in the jdk coding.
>
> Matthias Baesken has updated the pull request incrementally with one
> additional com
On Fri, 4 Nov 2022 08:44:34 GMT, Matthias Baesken wrote:
>> This change adds constructors (String,Throwable) and (Throwable) to
>> InvalidParameterException and uses them at a few places in the jdk coding.
>
> Matthias Baesken has updated the pull request incrementally with one
> additional com
On Fri, 4 Nov 2022 08:44:34 GMT, Matthias Baesken wrote:
>> This change adds constructors (String,Throwable) and (Throwable) to
>> InvalidParameterException and uses them at a few places in the jdk coding.
>
> Matthias Baesken has updated the pull request incrementally with one
> additional com
> The major change is to remove the `get` and `set` methods in various
> `CertAttrSet` child classes and change them to `setXyz` and `getXyz` methods.
> The `Xyz` words might come from the field name or the attribute name. For
> example, `X509CertInfo` now has `setExtensions` and `setValidity` i
> By moving the JFR event up to the java.security.cert.CertificateFactory
> class, we can record all generate cert events, including those from 3rd party
> providers. I've also altered the logic so that an event is genertate for
> every generate cert call (not just ones missing from the JDK prov
The padding may be also necessary to prevent from a kind of attacks, besides
hiding the length. But I cannot recall the details.
Removing padding may be not the direction. Instead, a padding length
customizable solution may be more flexible. Here is an enhancement request in
JBS (https://bug
On Fri, 4 Nov 2022 03:20:11 GMT, Volodymyr Paprotski wrote:
>> Handcrafted x86_64 asm for Poly1305. Main optimization is to process 16
>> message blocks at a time. For more details, left a lot of comments in
>> `macroAssembler_x86_poly.cpp`.
>>
>> - Added new KAT test for Poly1305 and a fuzz t
On Fri, 4 Nov 2022 03:20:11 GMT, Volodymyr Paprotski wrote:
>> Handcrafted x86_64 asm for Poly1305. Main optimization is to process 16
>> message blocks at a time. For more details, left a lot of comments in
>> `macroAssembler_x86_poly.cpp`.
>>
>> - Added new KAT test for Poly1305 and a fuzz t
On Fri, 4 Nov 2022 16:28:51 GMT, Jamil Nimeh wrote:
>> Volodymyr Paprotski has updated the pull request with a new target base due
>> to a merge or a rebase. The pull request now contains 12 commits:
>>
>> - Merge remote-tracking branch 'origin/master' into avx512-poly
>> - address Jamil's re
On Thu, 3 Nov 2022 23:25:29 GMT, Sean Coffey wrote:
> > Do you think it is that useful to have keytool record events? Ok, I guess
> > some apps could be execing keytool, but that would be in a separate
> > process, and probably wouldn't have JFR enabled. Also, these certs, if used
> > for auth
On Fri, 4 Nov 2022 15:58:01 GMT, Sean Coffey wrote:
>> By moving the JFR event up to the java.security.cert.CertificateFactory
>> class, we can record all generate cert events, including those from 3rd
>> party providers. I've also altered the logic so that an event is genertate
>> for every g
On Tue, 25 Oct 2022 00:31:07 GMT, Sandhya Viswanathan
wrote:
>> Volodymyr Paprotski has updated the pull request incrementally with one
>> additional commit since the last revision:
>>
>> extra whitespace character
>
> src/java.base/share/classes/com/sun/crypto/provider/Poly1305.java line 17
On Fri, 4 Nov 2022 20:59:10 GMT, Volodymyr Paprotski wrote:
>> src/java.base/share/classes/com/sun/crypto/provider/Poly1305.java line 175:
>>
>>> 173: // Choice of 1024 is arbitrary, need enough data blocks to
>>> amortize conversion overhead
>>> 174: // and not affect p
On Fri, 4 Nov 2022 13:08:26 GMT, Sean Mullan wrote:
>> test/jdk/javax/net/ssl/sanity/ciphersuites/CheckCipherSuites.java line 85:
>>
>>> 83: "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256",
>>> 84:
>>> 85: // AES_256(GCM) - not forward screcy
>>
>> Can you please fix the rest of the"scre
On Fri, 4 Nov 2022 13:12:34 GMT, Sean Mullan wrote:
>> This change will disable TLS_ECDH_* cipher suites by default. These cipher
>> suites do not preserve forward secrecy and are rarely used in practice. See
>> the CSR for more details and rationale.
>>
>> Users will still be able to enable t
On 11/4/2022 8:58 AM, Xuelei Fan wrote:
The padding may be also necessary to prevent from a kind of attacks,
besides hiding the length. But I cannot recall the details.
I have a vague recollection of that, but I was thinking it was something
pre-1.3. But I'm not seeing any special padding
26 matches
Mail list logo
