The test sun/security/validator/samedn.sh failed once due to the following
reason:
`Caused by: java.security.cert.CertificateNotYetValidException: NotBefore: Tue
Aug 06 14:41:13 GMT 2024`
This test generates several certificates using the keytool as a precondition,
and then validates their cer
On Fri, 16 Aug 2024 21:04:22 GMT, Kevin Driver wrote:
>> Well, I am not too sure if we should state it this way as we have no way to
>> tell if the KDF parameters are valid or not since KDF class is not coded
>> with algorithm-specific knowledge to validate it. How about we just simply
>> stat
On Fri, 16 Aug 2024 21:04:02 GMT, Kevin Driver wrote:
>> Ignore my suggestion. I'm convinced now that unless specified we should
>> consider the return value non nullable. Sorry.
>
> Addressed in
> https://github.com/openjdk/jdk/pull/20301/commits/c6f491cd05c76088e6431b2ba9d4ab42b29e4055.
> Pl
On Tue, 13 Aug 2024 15:19:30 GMT, Kevin Driver wrote:
>> src/java.base/share/classes/javax/crypto/KDF.java line 458:
>>
>>> 456: * @param alg
>>> 457: * the algorithm of the resultant {@code SecretKey} object
>>> 458: * @param kdfParameterSpec
>>
>> I think this parameter sho
On Tue, 27 Aug 2024 13:05:42 GMT, Ferenc Rakoczi wrote:
>> In preparation for the new PQC algorithms implementations, internal XOF
>> (eXtendable Output Function) methods are added to the SHAKE128 and SHAKE256
>> implementations.
>
> Ferenc Rakoczi has updated the pull request incrementally wit
> In preparation for the new PQC algorithms implementations, internal XOF
> (eXtendable Output Function) methods are added to the SHAKE128 and SHAKE256
> implementations.
Ferenc Rakoczi has updated the pull request incrementally with one additional
commit since the last revision:
Fixing typo
On Wed, 28 Aug 2024 13:24:04 GMT, Weijun Wang wrote:
>> Ferenc Rakoczi has updated the pull request incrementally with one
>> additional commit since the last revision:
>>
>> Code style changes suggested by Andrey Turbanov
>
> src/java.base/share/classes/sun/security/provider/SHA3.java line 7
On Wed, 28 Aug 2024 16:51:11 GMT, Ferenc Rakoczi wrote:
>> src/java.base/share/classes/sun/security/provider/SHA3.java line 84:
>>
>>> 82: // calls) will set it to 0 at its start.
>>> 83: // When a squeeze() call uses up all available bytes from this state
>>> 84: // and so a new kec
On Wed, 28 Aug 2024 16:42:38 GMT, Ferenc Rakoczi wrote:
>> In preparation for the new PQC algorithms implementations, internal XOF
>> (eXtendable Output Function) methods are added to the SHAKE128 and SHAKE256
>> implementations.
>
> Ferenc Rakoczi has updated the pull request incrementally wit
On Wed, 29 May 2024 18:53:55 GMT, Anthony Scarpino
wrote:
> Hi
>
> This change is to improve TLS 1.3 session resumption by allowing a TLS server
> to send more than one resumption ticket per connection and clients to store
> more. Resumption is a quick way to use an existing TLS session to e
On Tue, 27 Aug 2024 11:00:31 GMT, Sean Mullan wrote:
>> Kevin Driver has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> code review comments and test renaming
>
> src/java.base/share/classes/javax/crypto/KDF.java line 230:
>
>> 228:
>> 22
On Tue, 27 Aug 2024 10:39:12 GMT, Sean Mullan wrote:
>> Kevin Driver has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> code review comments and test renaming
>
> src/java.base/share/classes/javax/crypto/spec/HKDFParameterSpec.java line 142
> Introduce an API for Key Derivation Functions (KDFs), which are cryptographic
> algorithms for deriving additional keys from a secret key and other data. See
> [JEP 478](https://openjdk.org/jeps/478).
>
> Work was begun in [another PR](https://github.com/openjdk/jdk/pull/18924).
Kevin Driver
On Tue, 27 Aug 2024 10:36:39 GMT, Sean Mullan wrote:
>> Kevin Driver has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> code review comments and test renaming
>
> src/java.base/share/classes/javax/crypto/KDF.java line 84:
>
>> 82: *
On Mon, 26 Aug 2024 19:03:18 GMT, Weijun Wang wrote:
>> This depends on the implementation. It may be just as inaccurate to say "a
>> different object".
>
> OK, maybe you can just say the "actual" object. I still think `mutating` is
> strange.
Resolved in
https://github.com/openjdk/jdk/pull/2
On Mon, 26 Aug 2024 17:56:21 GMT, Weijun Wang wrote:
>> Kevin Driver has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> code review comments and test renaming
>
> src/java.base/share/classes/com/sun/crypto/provider/HkdfKeyDerivation.java
>
On Tue, 27 Aug 2024 11:16:44 GMT, Sean Mullan wrote:
>> src/java.base/share/classes/javax/crypto/spec/HKDFParameterSpec.java line
>> 282:
>>
>>> 280: * @param length
>>> 281: * the length of the output key material (must be greater than
>>> 0 and
>>> 282: * less than 255
On Wed, 21 Aug 2024 17:50:23 GMT, Valerie Peng wrote:
>> Kevin Driver has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> addresses delayed provider selection where parameters are involved
>
> test/jdk/javax/crypto/KDF/Threading.java line 68
On Tue, 20 Aug 2024 23:37:03 GMT, Valerie Peng wrote:
>> Addressed in
>> https://github.com/openjdk/jdk/pull/20301/commits/c6f491cd05c76088e6431b2ba9d4ab42b29e4055.
>> Please indicate if this is resolved.
>
> "{@code null} if no salt is to be used" seems incorrect as RFC 5869 states
> that "if
On Wed, 28 Aug 2024 18:14:24 GMT, Kevin Driver wrote:
>> src/java.base/share/classes/javax/crypto/spec/HKDFParameterSpec.java line
>> 216:
>>
>>> 214: *
>>> 215: * An implementation should concatenate the salt into a single
>>> value
>>> 216: * once all components a
On Mon, 26 Aug 2024 16:20:31 GMT, Sean Mullan wrote:
>> Addressed in
>> https://github.com/openjdk/jdk/pull/20301/commits/48395b86ba8e1cda663ae326e06ae2556f4b905a.
>> Please indicate if this is resolved.
>
> I think "cannot be null" or "must not be null" is more precise and
> unambiguous. The
On Wed, 28 Aug 2024 18:41:52 GMT, Weijun Wang wrote:
>> src/java.base/share/classes/javax/crypto/spec/HKDFParameterSpec.java line
>> 142:
>>
>>> 140: * if {@code length} is not greater than 0
>>> 141: */
>>> 142: public ExtractThenExpand thenExpand(byte[] info, int
On Mon, 26 Aug 2024 17:55:29 GMT, Weijun Wang wrote:
>> Kevin Driver has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> code review comments and test renaming
>
> src/java.base/share/classes/javax/crypto/spec/HKDFParameterSpec.java line 1:
On Wed, 28 Aug 2024 18:13:26 GMT, Kevin Driver wrote:
>> src/java.base/share/classes/javax/crypto/KDF.java line 230:
>>
>>> 228:
>>> 229: /**
>>> 230: * Returns a {@code KDF} instance initialized with the specified
>>> algorithm from
>>
>> "initialized with the specified algorithm" i
On Wed, 28 Aug 2024 20:38:06 GMT, Kevin Driver wrote:
>> src/java.base/share/classes/javax/crypto/KDF.java line 231:
>>
>>> 229: /**
>>> 230: * Returns a {@code KDF} instance initialized with the specified
>>> algorithm from
>>> 231: * the specified security provider.
>>
>> Add "
On Mon, 26 Aug 2024 17:45:19 GMT, Weijun Wang wrote:
>> Kevin Driver has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> code review comments and test renaming
>
> src/java.base/share/classes/javax/crypto/KDF.java line 476:
>
>> 474: *
On Fri, 23 Aug 2024 21:45:46 GMT, Kevin Driver wrote:
>> I'm happy to increase the value, but this will vary by machine capability. I
>> think I tuned it to a shorter `timeOut` recently, but I can increase the
>> value again.
>
> I double-checked, and the value was actually lengthened recently.
On Fri, 16 Aug 2024 18:09:02 GMT, Valerie Peng wrote:
>> Kevin Driver has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> addressed several review comments, namely: - renaming the getParameters
>> method - renaming the AlgorithmParameterSpe
On Mon, 26 Aug 2024 18:16:17 GMT, Kevin Driver wrote:
>> src/java.base/share/classes/javax/crypto/KDF.java line 473:
>>
>>> 471: * @param alg
>>> 472: * the algorithm of the resultant {@code SecretKey} object
>>> 473: * @param derivationParameterSpec
>>
>> I prefer a short na
On Wed, 14 Aug 2024 15:29:21 GMT, Kevin Driver wrote:
>> src/java.base/share/classes/javax/crypto/KDFSpi.java line 72:
>>
>>> 70: */
>>> 71: protected KDFSpi(KDFParameters kdfParameters)
>>> 72: throws InvalidAlgorithmParameterException {}
>>
>> The implementation doesn't do an
On Wed, 28 Aug 2024 20:36:06 GMT, Kevin Driver wrote:
>> test/jdk/security/unsignedjce/java.base/javax/crypto/ProviderVerifier.java
>> line 1:
>>
>>> 1: /*
>>
>> This is exact the same code as the one in OpenJDK.
>> For the Delayed.java, it just needs the bare minimum, e.g. do not error out
>
On Wed, 28 Aug 2024 20:44:10 GMT, Kevin Driver wrote:
>> Introduce an API for Key Derivation Functions (KDFs), which are
>> cryptographic algorithms for deriving additional keys from a secret key and
>> other data. See [JEP 478](https://openjdk.org/jeps/478).
>>
>> Work was begun in [another P
On Wed, 28 Aug 2024 20:44:10 GMT, Kevin Driver wrote:
>> Introduce an API for Key Derivation Functions (KDFs), which are
>> cryptographic algorithms for deriving additional keys from a secret key and
>> other data. See [JEP 478](https://openjdk.org/jeps/478).
>>
>> Work was begun in [another P
33 matches
Mail list logo
