Re: RFR: 8275338: Add JFR events for notable serialization situations [v12]

2024-01-08 Thread Raffaello Giulietti
> Adds serialization misdeclaration events to JFR. Raffaello Giulietti has updated the pull request with a new target base due to a merge or a rebase. The incremental webrev excludes the unrelated changes brought in by the merge/rebase. The pull request contains 15 additional commits since the

Re: RFR: 8319332: Security properties files inclusion [v5]

2024-01-08 Thread Francisco Ferrari Bihurriet
> The implementation of this proposal is based on the requirements, > specification and design choices described in the [JDK-8319332] ticket and > its respective CSR [JDK-8319333]. What follows are implementation notes > organized per functional component, with the purpose of assisting to naviga

Re: RFR: 8319332: Security properties files inclusion [v5]

2024-01-08 Thread Francisco Ferrari Bihurriet
On Mon, 8 Jan 2024 18:59:54 GMT, Francisco Ferrari Bihurriet wrote: >> The implementation of this proposal is based on the requirements, >> specification and design choices described in the [JDK-8319332] ticket and >> its respective CSR [JDK-8319333]. What follows are implementation notes >>

Re: RFR: 8322971: KEM.getInstance() should check if a 3rd-party security provider is signed

2024-01-08 Thread Sean Mullan
On Wed, 3 Jan 2024 20:41:06 GMT, Weijun Wang wrote: > `KEM.getInstance` now checks if the implementation is from a signed provider > if it's not builtin to JDK. > > Several adjustments to the test: > 1. Put one impl in `SunEC` to pretend it's builtin. This is necessary to test > for provider s

Re: RFR: 8275338: Add JFR events for notable serialization situations [v12]

2024-01-08 Thread Roger Riggs
On Mon, 8 Jan 2024 13:48:06 GMT, Raffaello Giulietti wrote: >> Adds serialization misdeclaration events to JFR. > > Raffaello Giulietti has updated the pull request with a new target base due > to a merge or a rebase. The incremental webrev excludes the unrelated changes > brought in by the me

Re: RFR: 8322971: KEM.getInstance() should check if a 3rd-party security provider is signed

2024-01-08 Thread Weijun Wang
On Mon, 8 Jan 2024 19:26:37 GMT, Sean Mullan wrote: >> `KEM.getInstance` now checks if the implementation is from a signed provider >> if it's not builtin to JDK. >> >> Several adjustments to the test: >> 1. Put one impl in `SunEC` to pretend it's builtin. This is necessary to >> test for prov

Re: RFR: 8322971: KEM.getInstance() should check if a 3rd-party security provider is signed

2024-01-08 Thread Sean Mullan
On Mon, 8 Jan 2024 20:54:34 GMT, Weijun Wang wrote: >> test/jdk/javax/crypto/KEM/RSA_KEM.java line 128: >> >>> 126: // To bypass the JCE security provider signature check >>> 127: private static KEM getKemImpl(Provider p) throws Exception { >>> 128: var ctor = KEM.class.getDeclar