On Tue, 13 May 2025 17:41:32 GMT, Bradford Wetmore wrote:
>> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE
>> respectively.
>>
>> CSR is underway.
>>
>> Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK
>> API (jck:api/java_security jck:
On Tue, 13 May 2025 09:27:37 GMT, Anthony Scarpino
wrote:
>> Hi all,
>>
>> I need a code review of the PEM API. Privacy-Enhanced Mail (PEM) is a
>> format for encoding and decoding cryptographic keys and certificates. It
>> will be integrated into JDK24 as a Preview Feature. Preview featur
> Hi all,
>
> I need a code review of the PEM API. Privacy-Enhanced Mail (PEM) is a format
> for encoding and decoding cryptographic keys and certificates. It will be
> integrated into JDK24 as a Preview Feature. Preview features does not
> permanently define the API and it is subject to cha
On Tue, 13 May 2025 21:45:32 GMT, Anthony Scarpino
wrote:
>> Hi all,
>>
>> I need a code review of the PEM API. Privacy-Enhanced Mail (PEM) is a
>> format for encoding and decoding cryptographic keys and certificates. It
>> will be integrated into JDK24 as a Preview Feature. Preview featur
On Sun, 11 May 2025 19:02:55 GMT, Anthony Scarpino
wrote:
>> Hi all,
>>
>> I need a code review of the PEM API. Privacy-Enhanced Mail (PEM) is a
>> format for encoding and decoding cryptographic keys and certificates. It
>> will be integrated into JDK24 as a Preview Feature. Preview featur
On Tue, 13 May 2025 21:45:32 GMT, Anthony Scarpino
wrote:
>> Hi all,
>>
>> I need a code review of the PEM API. Privacy-Enhanced Mail (PEM) is a
>> format for encoding and decoding cryptographic keys and certificates. It
>> will be integrated into JDK24 as a Preview Feature. Preview featur
On Tue, 13 May 2025 19:46:27 GMT, Sean Mullan wrote:
>> Anthony Scarpino has updated the pull request incrementally with one
>> additional commit since the last revision:
>>
>> comments on the 11th
>
> src/java.base/share/classes/java/security/PEMDecoder.java line 464:
>
>> 462: *
>> 46
On Fri, 14 Feb 2025 16:43:32 GMT, Ben Perez wrote:
> It turns out that initializing a multidimensional array with `int[][] a = new
> int[rows][cols]` is slower than allocating each column in a loop. Since we do
> a lot of large multidimensional array allocations in ML-DSA, the optimized
> init
On Wed, 2 Apr 2025 21:43:19 GMT, Valerie Peng wrote:
> This PR removes the internal JSSE HKDF impl and changes to use the KDF API
> for the HKDF support from JCA/JCE providers.
>
> This is just code refactoring. Known-answer regression test for the internal
> JSSE HKDF impl is removed as the t
On Tue, 13 May 2025 05:13:42 GMT, Bradford Wetmore wrote:
>> src/java.base/share/classes/javax/net/ssl/ExtendedSSLSession.java line 254:
>>
>>> 252: *
>>> 253: * @return a byte array of size {@code length} that contains the
>>> EKM
>>> 254: * material, or null if the deri
On Tue, 13 May 2025 05:32:34 GMT, Bradford Wetmore wrote:
>> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE
>> respectively.
>>
>> CSR is underway.
>>
>> Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK
>> API (jck:api/java_security jck:
On Tue, 13 May 2025 05:32:34 GMT, Bradford Wetmore wrote:
>> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE
>> respectively.
>>
>> CSR is underway.
>>
>> Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK
>> API (jck:api/java_security jck:
On Tue, 13 May 2025 05:32:34 GMT, Bradford Wetmore wrote:
>> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE
>> respectively.
>>
>> CSR is underway.
>>
>> Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK
>> API (jck:api/java_security jck:
On Tue, 13 May 2025 03:56:25 GMT, Hai-May Chao wrote:
> It is nice to refactor the common code for algorithm constraints checking
> into a new class, `X509KeyManagerConstraints.java`, used by both
> `SunX509KeyManagerImpl` and `X509KeyManagerImpl`. However, it looks like a
> new system propert
On Fri, 9 May 2025 15:13:18 GMT, Sean Mullan wrote:
>> Anthony Scarpino has updated the pull request incrementally with three
>> additional commits since the last revision:
>>
>> - comments
>> - toString update
>> - non-sealed
>>Better X509 KeyPair parsing
>
> src/java.base/share/classes
On Mon, 12 May 2025 19:19:32 GMT, Sean Mullan wrote:
>> I'm assuming there is no more issues here.
>
> There is still a small issue. On line 228, a clone of the array is now being
> done when it doesn't have to. The previous code called the internal
> `getArrayS0` method which did not do a clon
On Mon, 12 May 2025 22:03:47 GMT, Sean Mullan wrote:
>> I would probably just say "cryptographic objects that implement
>> `DEREncodable`"
>
> Also change "may" to "can". "May" sounds like it is optional.
ok
-
PR Review Comment: https://git.openjdk.org/jdk/pull/17543#discussion_r2
On Mon, 12 May 2025 22:09:14 GMT, Sean Mullan wrote:
>> Anthony Scarpino has updated the pull request incrementally with one
>> additional commit since the last revision:
>>
>> comments on the 11th
>
> src/java.base/share/classes/java/security/PEMEncoder.java line 61:
>
>> 59: * or by encod
On Fri, 9 May 2025 23:46:27 GMT, Weijun Wang wrote:
>> Anthony Scarpino has updated the pull request incrementally with three
>> additional commits since the last revision:
>>
>> - comments
>> - toString update
>> - non-sealed
>>Better X509 KeyPair parsing
>
> src/java.base/share/classes
> Hi all,
>
> I need a code review of the PEM API. Privacy-Enhanced Mail (PEM) is a format
> for encoding and decoding cryptographic keys and certificates. It will be
> integrated into JDK24 as a Preview Feature. Preview features does not
> permanently define the API and it is subject to cha
On Mon, 12 May 2025 22:20:23 GMT, Sean Mullan wrote:
>> I think specifying the fields that are encoded makes it clear what is not in
>> the encoding.
>
> I would have expected the leading data to be encoded. Why is the leading data
> not encoded?
Ok. I added a comment to explicitly say no.
I
On Thu, 8 May 2025 21:19:10 GMT, Valerie Peng wrote:
>> This PR removes the internal JSSE HKDF impl and changes to use the KDF API
>> for the HKDF support from JCA/JCE providers.
>>
>> This is just code refactoring. Known-answer regression test for the internal
>> JSSE HKDF impl is removed as
On Tue, 13 May 2025 12:26:54 GMT, Sean Mullan wrote:
>> I was following the SecretKey.getEncoded() style. I see now that
>> KDF.deriveData() does do UOE.
>>
>> I could go either way on this. I do need to make this consistent, I have
>> TLSv1.3 using KDF style, and TLSv1-TLSv1.2 using the n
On Tue, 13 May 2025 09:27:37 GMT, Anthony Scarpino
wrote:
>> Hi all,
>>
>> I need a code review of the PEM API. Privacy-Enhanced Mail (PEM) is a
>> format for encoding and decoding cryptographic keys and certificates. It
>> will be integrated into JDK24 as a Preview Feature. Preview featur
On Tue, 13 May 2025 09:27:37 GMT, Anthony Scarpino
wrote:
>> Hi all,
>>
>> I need a code review of the PEM API. Privacy-Enhanced Mail (PEM) is a
>> format for encoding and decoding cryptographic keys and certificates. It
>> will be integrated into JDK24 as a Preview Feature. Preview featur
On Tue, 13 May 2025 02:21:57 GMT, Anthony Scarpino
wrote:
>> src/java.base/share/classes/java/security/PEMEncoder.java line 129:
>>
>>> 127: * Returns a new instance of {@code PEMEncoder}.
>>> 128: *
>>> 129: * @return new {@code PEMEncoder} instance
>>
>> "new" sounds like it i
On Fri, 9 May 2025 16:24:39 GMT, Anthony Scarpino wrote:
>> src/java.base/share/classes/java/security/PEMEncoder.java line 216:
>>
>>> 214: /**
>>> 215: * Returns a new immutable PEMEncoder instance configured to the
>>> default
>>> 216: * encryption algorithm and a given password
On Tue, 13 May 2025 09:27:37 GMT, Anthony Scarpino
wrote:
>> Hi all,
>>
>> I need a code review of the PEM API. Privacy-Enhanced Mail (PEM) is a
>> format for encoding and decoding cryptographic keys and certificates. It
>> will be integrated into JDK24 as a Preview Feature. Preview featur
On Tue, 13 May 2025 09:27:37 GMT, Anthony Scarpino
wrote:
>> Hi all,
>>
>> I need a code review of the PEM API. Privacy-Enhanced Mail (PEM) is a
>> format for encoding and decoding cryptographic keys and certificates. It
>> will be integrated into JDK24 as a Preview Feature. Preview featur
On Wed, 7 May 2025 16:34:24 GMT, Sean Mullan wrote:
>> I added the exception
>
> `SecretKeyFactory.getInstance()` will throw `NullPointerException` if the
> property is undefined. You would need to add a try/catch block for NPE
> specifically, which you don't have right now.
This is still an i
On Tue, 13 May 2025 09:20:07 GMT, Anthony Scarpino
wrote:
>> src/java.base/share/classes/sun/security/x509/X509Key.java line 147:
>>
>>> 145: * X509Key. Useful for PKCS8v2.
>>> 146: */
>>> 147: public static X509Key parse(byte[] encoded) throws IOException
>>
>> Isn't this the s
On Sat, 10 May 2025 19:39:14 GMT, Anthony Scarpino
wrote:
>> src/java.base/share/classes/java/security/PEMDecoder.java line 191:
>>
>>> 189: }
>>> 190: case Pem.CERTIFICATE, Pem.X509_CERTIFICATE -> {
>>> 191: CertificateFactory cf = getCertFac
On Sun, 11 May 2025 19:02:55 GMT, Anthony Scarpino
wrote:
>> Hi all,
>>
>> I need a code review of the PEM API. Privacy-Enhanced Mail (PEM) is a
>> format for encoding and decoding cryptographic keys and certificates. It
>> will be integrated into JDK24 as a Preview Feature. Preview featur
On Mon, 12 May 2025 19:42:15 GMT, Volkan Yazici wrote:
>> Document preconditions on certain `JavaLangAccess` methods that use
>> operations either unsafe and/or without range checks.
>
> Volkan Yazici has updated the pull request with a new target base due to a
> merge or a rebase. The incremen
> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE
> respectively.
>
> CSR is underway.
>
> Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK
> API (jck:api/java_security jck:api/javax_crypto jck:api/javax_net
> jck:api/javax_security jck:ap
On Mon, 12 May 2025 09:05:10 GMT, Ferenc Rakoczi wrote:
>> By using the AVX-512 vector registers the speed of the computation of the
>> ML-KEM algorithms (key generation, encapsulation, decapsulation) can be
>> approximately doubled.
>
> Ferenc Rakoczi has updated the pull request incrementally
On Tue, 13 May 2025 16:49:36 GMT, Ben Perez wrote:
>> It turns out that initializing a multidimensional array with `int[][] a =
>> new int[rows][cols]` is slower than allocating each column in a loop. Since
>> we do a lot of large multidimensional array allocations in ML-DSA, the
>> optimized
On Wed, 7 May 2025 11:17:19 GMT, Volkan Yazici wrote:
>> src/java.base/share/classes/jdk/internal/access/JavaLangAccess.java line 302:
>>
>>> 300: * WARNING: This method does not perform any bound checks.
>>> 301: */
>>> 302: int countPositives(byte[] ba, int off, int len);
>>
>>
On Tue, 13 May 2025 15:51:12 GMT, Alan Bateman wrote:
>> Volkan Yazici has updated the pull request with a new target base due to a
>> merge or a rebase. The incremental webrev excludes the unrelated changes
>> brought in by the merge/rebase. The pull request contains nine additional
>> commit
> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE
> respectively.
>
> CSR is underway.
>
> Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK
> API (jck:api/java_security jck:api/javax_crypto jck:api/javax_net
> jck:api/javax_security jck:ap
> It turns out that initializing a multidimensional array with `int[][] a = new
> int[rows][cols]` is slower than allocating each column in a loop. Since we do
> a lot of large multidimensional array allocations in ML-DSA, the optimized
> initialization improves performance by roughly 10%.
Ben
On Tue, 13 May 2025 05:32:34 GMT, Bradford Wetmore wrote:
>> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE
>> respectively.
>>
>> CSR is underway.
>>
>> Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK
>> API (jck:api/java_security jck:
> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE
> respectively.
>
> CSR is underway.
>
> Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK
> API (jck:api/java_security jck:api/javax_crypto jck:api/javax_net
> jck:api/javax_security jck:ap
43 matches
Mail list logo
