Re: RFR: 8358159: Empty mode/padding in cipher transformations [v5]

2025-06-09 Thread Amit Kumar
On Sat, 7 Jun 2025 20:07:45 GMT, Varada M wrote: >> Omitting the mode/padding in a transformation string eg: "AES/ /NoPadding" >> throws NoSuchAlgorithmException. >> This patch restores the behavior by ensuring that empty mode or padding >> strings are interpreted as null. >> >> Testing done f

Re: RFR: 8349946: Cipher javadoc could describe AEAD reuse better

2025-06-09 Thread Anthony Scarpino
On Thu, 22 May 2025 19:30:44 GMT, Koushik Muthukrishnan Thirupattur wrote: > The class documentation in javax.crypto.Cipher could better describe AEAD and > reuse. The current class description example is outdated as GCM encryption > does not allow resets. The doc should state that reset() may

Re: RFR: 8349946: Cipher javadoc could describe AEAD reuse better

2025-06-09 Thread Anthony Scarpino
On Sat, 7 Jun 2025 05:24:40 GMT, Sebastian Stenzel wrote: >> The class documentation in javax.crypto.Cipher could better describe AEAD >> and reuse. The current class description example is outdated as GCM >> encryption does not allow resets. The doc should state that reset() may not >> be pos

Re: RFR: 8273042: TLS Certificate Compression

2025-06-09 Thread Artur Barashev
On Wed, 23 Feb 2022 20:15:24 GMT, Xue-Lei Andrew Fan wrote: > Hi, > > Please review the implementation of RFC 8879, TLS Certificate Compression, in > JDK. The TLS Certificate Compression standard is an essential part for QUIC > connections and performance improvement for TLS connections. Mor

Re: RFR: 8358159: Empty mode/padding in cipher transformations [v5]

2025-06-09 Thread Valerie Peng
On Sat, 7 Jun 2025 20:07:45 GMT, Varada M wrote: >> Omitting the mode/padding in a transformation string eg: "AES/ /NoPadding" >> throws NoSuchAlgorithmException. >> This patch restores the behavior by ensuring that empty mode or padding >> strings are interpreted as null. >> >> Testing done f

Re: CFV: New Security Group Member: Martin Balao

2025-06-09 Thread Kevin Driver
Vote: yes [image001.png] Kevin Driver Java Security Libraries On Jun 6, 2025, at 7:29 AM, Sean Mullan wrote: (correcting subject title) I hereby nominate Martin Balao to Membership in the Security Group. Martin joined the Red Hat Java Platform team in 2017 as its security expert, leading all

Integrated: 8358731: Remove jdk.internal.access.JavaAWTAccess.java

2025-06-09 Thread Phil Race
On Fri, 6 Jun 2025 18:35:53 GMT, Phil Race wrote: > The fix for JDK-8344235: Revisit SecurityManager usage in java.logging after > JEP 486 and JEP 491 integration > removed use of AppContext from java/util/logging/LogManager.java. > That was the only place in the JDK that used > jdk.internal.ac