On Wed, 30 Apr 2025 15:50:31 GMT, Anthony Scarpino
wrote:
>> src/java.base/share/classes/sun/security/ec/ECPrivateKeyImpl.java line 157:
>>
>>> 155: }
>>> 156:
>>> 157: public byte[] getArrayS() {
>>
>> Why remove `getArrayS0`? Not worth saving those bytes?
>
> I just couldn't figure
On Thu, 1 May 2025 19:32:03 GMT, Bradford Wetmore wrote:
>> src/java.base/share/classes/sun/security/ssl/SSLSessionImpl.java line 1691:
>>
>>> 1689: // ...now the final expand.
>>> 1690: SecretKey key = hkdf.expand(derivedSecret, hkdfInfo,
>>> length,
>>> 1691:
Fix the build error.
-
Commit messages:
- the fix
Changes: https://git.openjdk.org/jdk/pull/24993/files
Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=24993&range=00
Issue: https://bugs.openjdk.org/browse/JDK-8356051
Stats: 1 line in 1 file changed: 0 ins; 0 del; 1 mod
Pat
On Fri, 2 May 2025 00:17:29 GMT, Weijun Wang wrote:
> Fix the build error.
This pull request has now been integrated.
Changeset: c514f135
Author:Weijun Wang
URL:
https://git.openjdk.org/jdk/commit/c514f135ccf08c3be016a32ae8f2c055fb941857
Stats: 1 line in 1 file changed: 0 ins; 0
On Fri, 2 May 2025 00:17:29 GMT, Weijun Wang wrote:
> Fix the build error.
Marked as reviewed by rhalade (Reviewer).
-
PR Review: https://git.openjdk.org/jdk/pull/24993#pullrequestreview-2810976171
On Thu, 1 May 2025 18:08:40 GMT, Mikhail Yankelevich
wrote:
>> * Changed the test to use scratch directory
>> * Cleaned up the imports
>
> Mikhail Yankelevich has updated the pull request incrementally with one
> additional commit since the last revision:
>
> changed file format and throwing
On Thu, 1 May 2025 00:25:38 GMT, Anthony Scarpino wrote:
>> Yes, this method is private. But you allow
>> `PEMEncoder().of().encode(PEMRecord)`. People might wonder why their leading
>> data is lost.
>
> Then they can call PEMRecord.leadingData().
They can. Just tell them.
>> I meant the newl
On Wed, 30 Apr 2025 21:57:39 GMT, Mark Powers wrote:
>> The private key encoding formats of ML-KEM and ML-DSA are updated to match
>> the latest IETF drafts at:
>> https://datatracker.ietf.org/doc/html/draft-ietf-lamps-dilithium-certificates-08
>> and
>> https://datatracker.ietf.org/doc/html/
On Thu, 1 May 2025 10:31:20 GMT, Mikhail Yankelevich
wrote:
>> * Changed the test to use scratch directory
>> * Cleaned up the imports
>
> Mikhail Yankelevich has updated the pull request incrementally with one
> additional commit since the last revision:
>
> changed file creation to use Uti
On Wed, 23 Apr 2025 10:19:51 GMT, Mikhail Yankelevich
wrote:
> I could not replicate the issue after more than 64000 runs. However, I have
> done the following to increase stability and added logs in case this happens
> again.
>
> Changes:
> * Specifically binding the client to the loopback
On Thu, 1 May 2025 15:06:11 GMT, Sean Mullan wrote:
>> Weijun Wang has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> engineGetBlockSize and engineGetOutputSize returns 0 when not initialized
>
> src/java.base/share/classes/javax/crypto/spe
> * Changed the test to use scratch directory
> * Cleaned up the imports
Mikhail Yankelevich has updated the pull request incrementally with one
additional commit since the last revision:
changed file format and throwing an exception in case of the failure
-
Changes:
- all: htt
On Tue, 11 Feb 2025 19:16:01 GMT, Koushik Muthukrishnan Thirupattur
wrote:
> java.security.debug is a widely used debug system property for JDK security
> libs. It's time to capture details about this property via javadoc.
>
> src="https://github.com/user-attachments/assets/555f034a-57fb-4ac0
On Thu, 1 May 2025 10:31:20 GMT, Mikhail Yankelevich
wrote:
>> * Changed the test to use scratch directory
>> * Cleaned up the imports
>
> Mikhail Yankelevich has updated the pull request incrementally with one
> additional commit since the last revision:
>
> changed file creation to use Uti
On Thu, 24 Apr 2025 21:24:49 GMT, Weijun Wang wrote:
>> Implement HPKE as defined in https://datatracker.ietf.org/doc/rfc9180/.
>> 
>
> Weijun Wang has updated the pull request
On Wed, 30 Apr 2025 23:38:03 GMT, Bradford Wetmore wrote:
>> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE
>> respectively.
>>
>> CSR is underway.
>>
>> Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK
>> API (jck:api/java_security jck:
On Thu, 1 May 2025 15:25:46 GMT, Weijun Wang wrote:
> LGTM. Or, you can just create files named `algName-keySize.ks`. There is no
> need to be random here.
+1. This would be a good enhancement to include.
-
PR Comment: https://git.openjdk.org/jdk/pull/24718#issuecomment-2845087042
On Thu, 1 May 2025 05:33:29 GMT, Volkan Yazici wrote:
> Document preconditions on certain `JavaLangAccess` methods that use
> operations either unsafe and/or without range checks.
src/java.base/share/classes/jdk/internal/access/JavaLangAccess.java line 315:
> 313: * WARNING: The caller of
On Wed, 30 Apr 2025 23:38:03 GMT, Bradford Wetmore wrote:
>> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE
>> respectively.
>>
>> CSR is underway.
>>
>> Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK
>> API (jck:api/java_security jck:
On Thu, 1 May 2025 18:08:40 GMT, Mikhail Yankelevich
wrote:
>> * Changed the test to use scratch directory
>> * Cleaned up the imports
>
> Mikhail Yankelevich has updated the pull request incrementally with one
> additional commit since the last revision:
>
> changed file format and throwing
On Thu, 1 May 2025 15:02:11 GMT, Sean Mullan wrote:
>> Weijun Wang has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> engineGetBlockSize and engineGetOutputSize returns 0 when not initialized
>
> src/java.base/share/classes/javax/crypto/spe
On Tue, 15 Apr 2025 07:46:52 GMT, Alan Bateman wrote:
>> Hi, this is a proposal to fix 8352728.
>>
>> The main idea is to replace
>> [`java.nio.file.Path::toRealPath`](https://docs.oracle.com/en/java/javase/24/docs/api/java.base/java/nio/file/Path.html#toRealPath(java.nio.file.LinkOption...))
>
On Thu, 1 May 2025 05:00:13 GMT, Rajan Halade wrote:
>> Mikhail Yankelevich has updated the pull request incrementally with one
>> additional commit since the last revision:
>>
>> changed file creation to use Utils.createTempFile
>
> test/jdk/sun/security/pkcs12/P12SecretKey.java line 68:
>
> * Changed the test to use scratch directory
> * Cleaned up the imports
Mikhail Yankelevich has updated the pull request incrementally with one
additional commit since the last revision:
changed file creation to use Utils.createTempFile
-
Changes:
- all: https://git.openjdk.or
On Wed, 30 Apr 2025 22:33:24 GMT, Mark Powers wrote:
>> The private key encoding formats of ML-KEM and ML-DSA are updated to match
>> the latest IETF drafts at:
>> https://datatracker.ietf.org/doc/html/draft-ietf-lamps-dilithium-certificates-08
>> and
>> https://datatracker.ietf.org/doc/html/
On Thu, 1 May 2025 11:55:20 GMT, Weijun Wang wrote:
>> src/java.base/share/classes/sun/security/util/KeyUtil.java line 506:
>>
>>> 504: if (seed == null) return null;
>>> 505: skOctets = new byte[seed.length + 2];
>>> 506: skOctets[0] = (byte)0x80;
On Mon, 28 Apr 2025 21:31:49 GMT, Artur Barashev wrote:
> Per TLSv1.3 RFC:
>
>
>If no "signature_algorithms_cert" extension is
>present, then the "signature_algorithms" extension also applies to
>signatures appearing in certificates.
>
>
> When no "signature_algorithms_cert" exten
On Wed, 30 Apr 2025 15:19:10 GMT, Koushik Muthukrishnan Thirupattur
wrote:
>> The private marshal() method in sun.security.util.Debug still contains code
>> to parse "permission=" and "codebase=" options. These
>> sub-options were part of the "access" option which was removed in JDK 24 as
>>
On Thu, 1 May 2025 15:15:51 GMT, Sean Mullan wrote:
>> Weijun Wang has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> engineGetBlockSize and engineGetOutputSize returns 0 when not initialized
>
> src/java.base/share/classes/javax/crypto/spe
On Thu, 1 May 2025 04:12:10 GMT, Rajan Halade wrote:
>> I could not replicate the issue after more than 64000 runs. However, I have
>> done the following to increase stability and added logs in case this
>> happens again.
>>
>> Changes:
>> * Specifically binding the client to the loopback ad
> Hi,
>
> Please find here a PR for the implementation of JEP [JDK-8291976: HTTP/3 for
> the HTTP Client API](https://bugs.openjdk.org/browse/JDK-8291976).
>
> The CSR can be viewed at [JDK-8350588: Implement HTTP/3 for the HTTP Client
> API](https://bugs.openjdk.org/browse/JDK-8350588)
>
> Th
On Wed, 23 Apr 2025 10:19:51 GMT, Mikhail Yankelevich
wrote:
> I could not replicate the issue after more than 64000 runs. However, I have
> done the following to increase stability and added logs in case this happens
> again.
>
> Changes:
> * Specifically binding the client to the loopback
On Fri, 18 Apr 2025 21:04:51 GMT, Valerie Peng wrote:
>> As part of [https://bugs.openjdk.org/browse/JDK-8301553](JDK-8301553),
>> SunPKCS11 provider added support for PBE SecretKeyFactories for
>> `HmacPBESHAxxx` and `PBEWithHmacSHAxxxAndAES_yyy`. These impls produce keys
>> whose encoding co
> Finalize the KDF API.
Weijun Wang has updated the pull request with a new target base due to a merge
or a rebase. The pull request now contains six commits:
- merge
- add a positive debug log and update exception message
- enhancing exception messages and debug outputs
- update @since tags
On Mon, 21 Apr 2025 18:42:55 GMT, Matthew Donovan wrote:
> In this PR, I updated the default `serverAddress` field to use the loopback
> interface. I also removed some unnecessary logic around creating the server
> interface and the client connecting code.
This pull request has now been integr
> The private key encoding formats of ML-KEM and ML-DSA are updated to match
> the latest IETF drafts at:
> https://datatracker.ietf.org/doc/html/draft-ietf-lamps-dilithium-certificates-08
> and
> https://datatracker.ietf.org/doc/html/draft-ietf-lamps-kyber-certificates-10.
> New security/syst
On Thu, 10 Apr 2025 15:30:28 GMT, Weijun Wang wrote:
> Add 2 `MessageDigest` algorithms.
This pull request has now been integrated.
Changeset: 494ef6cb
Author:Weijun Wang
URL:
https://git.openjdk.org/jdk/commit/494ef6cb8cff7f29a7346364e7620eebcec48d3b
Stats: 98 lines in 5 files
> As part of [https://bugs.openjdk.org/browse/JDK-8301553](JDK-8301553),
> SunPKCS11 provider added support for PBE SecretKeyFactories for
> `HmacPBESHAxxx` and `PBEWithHmacSHAxxxAndAES_yyy`. These impls produce keys
> whose encoding contains the PBKDF2 derived bytes. Given that SunJCE provider
On Thu, 1 May 2025 20:15:29 GMT, Valerie Peng wrote:
>> As part of [https://bugs.openjdk.org/browse/JDK-8301553](JDK-8301553),
>> SunPKCS11 provider added support for PBE SecretKeyFactories for
>> `HmacPBESHAxxx` and `PBEWithHmacSHAxxxAndAES_yyy`. These impls produce keys
>> whose encoding con
On Thu, 24 Apr 2025 23:23:50 GMT, Sergey Kuksenko wrote:
> Benchmark modification/extension shouldn't affect the behavior of other
> benchmarks.
> Precisely: [JDK-8344144](https://bugs.openjdk.org/browse/JDK-8344144)
> modified AESBench in that way, which caused significant changes in the
> be
On Fri, 25 Apr 2025 15:25:11 GMT, Sergey Kuksenko wrote:
>> Benchmark modification/extension shouldn't affect the behavior of other
>> benchmarks.
>> Precisely: [JDK-8344144](https://bugs.openjdk.org/browse/JDK-8344144)
>> modified AESBench in that way, which caused significant changes in the
On Thu, 1 May 2025 15:34:11 GMT, Rajan Halade wrote:
>> Mikhail Yankelevich has updated the pull request incrementally with one
>> additional commit since the last revision:
>>
>> changed file creation to use Utils.createTempFile
>
> test/jdk/sun/security/pkcs12/P12SecretKey.java line 88:
>
On Thu, 1 May 2025 13:51:14 GMT, Weijun Wang wrote:
>> Valerie Peng has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> address review comments from Mark
>
> test/jdk/sun/security/pkcs11/SecretKeyFactory/TestPBKD.java line 46:
>
>> 44: * @
On Wed, 30 Apr 2025 22:37:54 GMT, Bradford Wetmore wrote:
> Missing test plan in the PR Description. (i.e. tier1/tier2/JCK?)
I always run tier 1-3 tests for all of my PRs. Don't anticipate that this would
affect JCK, but will give it a try just in case.
Thanks for the suggestion~
-
> This PR removes the internal JSSE HKDF impl and changes to use the KDF API
> for the HKDF support from JCA/JCE providers.
>
> This is just code refactoring. Known-answer regression test for the internal
> JSSE HKDF impl is removed as the test vectors are already covered by the HKDF
> impl in
On Thu, 1 May 2025 18:24:19 GMT, Artur Barashev wrote:
>> Bradford Wetmore has updated the pull request incrementally with one
>> additional commit since the last revision:
>>
>> Moved too fast
>
> test/jdk/javax/net/ssl/ExtendedSSLSession/TLSKeyExporters.java line 296:
>
>> 294: //
On Thu, 1 May 2025 15:18:43 GMT, Weijun Wang wrote:
>> Bradford Wetmore has updated the pull request incrementally with one
>> additional commit since the last revision:
>>
>> Moved too fast
>
> src/java.base/share/classes/sun/security/ssl/SSLSessionImpl.java line 1691:
>
>> 1689:
On Thu, 1 May 2025 18:26:03 GMT, Artur Barashev wrote:
>> Bradford Wetmore has updated the pull request incrementally with one
>> additional commit since the last revision:
>>
>> Moved too fast
>
> test/jdk/javax/net/ssl/ExtendedSSLSession/TLSKeyExporters.java line 324:
>
>> 322: ser
> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE
> respectively.
>
> CSR is underway.
>
> Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK
> API (jck:api/java_security jck:api/javax_crypto jck:api/javax_net
> jck:api/javax_security jck:ap
On Tue, 15 Apr 2025 18:02:43 GMT, Koushik Muthukrishnan Thirupattur
wrote:
>> java.security.debug is a widely used debug system property for JDK security
>> libs. It's time to capture details about this property via javadoc.
>>
>> > src="https://github.com/user-attachments/assets/555f034a-57fb
On Fri, 14 Mar 2025 21:58:47 GMT, Valerie Peng wrote:
> As part of [https://bugs.openjdk.org/browse/JDK-8301553](JDK-8301553),
> SunPKCS11 provider added support for PBE SecretKeyFactories for
> `HmacPBESHAxxx` and `PBEWithHmacSHAxxxAndAES_yyy`. These impls produce keys
> whose encoding contai
On Mon, 14 Apr 2025 12:54:31 GMT, Nibedita Jena wrote:
>> Session resumption without server side state was added under
>> [JDK-8211018](https://bugs.openjdk.org/browse/JDK-8211018).
>> While it is TLSv1.2 session resumption, the client hello message is being
>> parsed in SSLSessionImpl for each
> Hi all,
>
> I need a code review of the PEM API. Privacy-Enhanced Mail (PEM) is a format
> for encoding and decoding cryptographic keys and certificates. It will be
> integrated into JDK24 as a Preview Feature. Preview features does not
> permanently define the API and it is subject to cha
On Mon, 28 Apr 2025 14:48:34 GMT, Weijun Wang wrote:
>> Add 2 `MessageDigest` algorithms.
>
> Weijun Wang has updated the pull request incrementally with one additional
> commit since the last revision:
>
> test alias usage
Marked as reviewed by mullan (Reviewer).
-
PR Review:
On Thu, 1 May 2025 10:31:20 GMT, Mikhail Yankelevich
wrote:
>> * Changed the test to use scratch directory
>> * Cleaned up the imports
>
> Mikhail Yankelevich has updated the pull request incrementally with one
> additional commit since the last revision:
>
> changed file creation to use Uti
55 matches
Mail list logo
