On Thu, 11 Jul 2024 20:42:24 GMT, Ben Perez wrote:
>> 8322133: getParameterSpec(ECGenParameterSpec.class) on EC
>> AlgorithmParameters does not return standard names
>
> Ben Perez has updated the pull request incrementally with one additional
> commit since the last revision:
>
> fixed typo
On Thu, 25 Jul 2024 19:29:05 GMT, Kevin Driver wrote:
>> Introduce an API for Key Derivation Functions (KDFs), which are
>> cryptographic algorithms for deriving additional keys from a secret key and
>> other data. See [JEP 478](https://openjdk.org/jeps/478).
>>
>> Work was begun in [another P
On Thu, 25 Jul 2024 19:29:05 GMT, Kevin Driver wrote:
>> Introduce an API for Key Derivation Functions (KDFs), which are
>> cryptographic algorithms for deriving additional keys from a secret key and
>> other data. See [JEP 478](https://openjdk.org/jeps/478).
>>
>> Work was begun in [another P
On Fri, 26 Jul 2024 20:01:23 GMT, Kevin Driver wrote:
>> Introduce an API for Key Derivation Functions (KDFs), which are
>> cryptographic algorithms for deriving additional keys from a secret key and
>> other data. See [JEP 478](https://openjdk.org/jeps/478).
>>
>> Work was begun in [another P
On Fri, 26 Jul 2024 20:01:23 GMT, Kevin Driver wrote:
>> Introduce an API for Key Derivation Functions (KDFs), which are
>> cryptographic algorithms for deriving additional keys from a secret key and
>> other data. See [JEP 478](https://openjdk.org/jeps/478).
>>
>> Work was begun in [another P
On Fri, 31 May 2024 23:15:26 GMT, Mark Powers wrote:
>> https://bugs.openjdk.org/browse/JDK-4966250
>
> Mark Powers has updated the pull request incrementally with one additional
> commit since the last revision:
>
> Joe Darcy's comment
Looks good. Please add a noreg-doc label to the bug and
On Fri, 2 Aug 2024 19:19:54 GMT, Kevin Driver wrote:
>> Introduce an API for Key Derivation Functions (KDFs), which are
>> cryptographic algorithms for deriving additional keys from a secret key and
>> other data. See [JEP 478](https://openjdk.org/jeps/478).
>>
>> Work was begun in [another PR
On Thu, 1 Aug 2024 21:05:08 GMT, Weijun Wang wrote:
>> I was trying to convey that deriveKey|Data are not like doFinal in that they
>> can be called more than once on a single instance. Is there a different way
>> to word this? Or is it not important to mention here?
>
> Not sure. Maybe your se
On Fri, 2 Aug 2024 19:19:54 GMT, Kevin Driver wrote:
>> Introduce an API for Key Derivation Functions (KDFs), which are
>> cryptographic algorithms for deriving additional keys from a secret key and
>> other data. See [JEP 478](https://openjdk.org/jeps/478).
>>
>> Work was begun in [another PR
On Tue, 30 Jul 2024 16:04:25 GMT, Kevin Driver wrote:
>> src/java.base/share/classes/javax/crypto/spec/HKDFParameterSpec.java line
>> 328:
>>
>>> 326: }
>>> 327:
>>> 328: private Extract(List ikms, List salts) {
>>
>> Should it throw an exception if either or both of the lists
On Mon, 5 Aug 2024 19:01:30 GMT, Jamil Nimeh wrote:
> This proposed enhancement adds logging to the OCSPTimeout test, which is
> intermittently failing and difficult to reproduce. The hope is that with
> extra logging enabled that additional clues as to the cause of these rare
> failures will
On Thu, 1 Aug 2024 22:29:21 GMT, Weijun Wang wrote:
>> I disagree. I think this is a helpful bit of info for the developer who may
>> be surprised later by an `Exception`.
>
> OK. As long as the exception does not cover it.
You should be careful putting the word "must" in an API specification -
On Sat, 3 Aug 2024 00:43:20 GMT, Valerie Peng wrote:
>> Kevin Driver has updated the pull request with a new target base due to a
>> merge or a rebase. The incremental webrev excludes the unrelated changes
>> brought in by the merge/rebase. The pull request contains 16 additional
>> commits si
On Tue, 6 Aug 2024 15:15:03 GMT, Jamil Nimeh wrote:
>> This proposed enhancement adds logging to the OCSPTimeout test, which is
>> intermittently failing and difficult to reproduce. The hope is that with
>> extra logging enabled that additional clues as to the cause of these rare
>> failures
On Mon, 12 Aug 2024 15:44:11 GMT, Mark Powers wrote:
>> https://bugs.openjdk.org/browse/JDK-8336665
>
> Mark Powers has updated the pull request incrementally with one additional
> commit since the last revision:
>
> copyright and unnecessary initialization
src/java.base/share/classes/sun/se
On Mon, 12 Aug 2024 21:20:18 GMT, Martin Balao wrote:
> We've not made a decision in regards to proposing this enhancement to old
> releases. With that said, I wouldn't consider anything older than 21u. If
> necessary, we can make backport-specific adjustments to the CSR and be more
> conserva
On Sat, 24 Aug 2024 05:12:42 GMT, Julian Waters wrote:
>> snprintf has been available for all officially and unofficially supported
>> compilers for Windows, Visual Studio since version 2015 and gcc since, well,
>> forever. snprintf is conforming to C99 since the start when compiling using
>>
On Wed, 21 Aug 2024 17:50:26 GMT, Francisco Ferrari Bihurriet
wrote:
>> The implementation of this proposal is based on the requirements,
>> specification and design choices described in the [JDK-8319332] ticket and
>> its respective CSR [JDK-8319333]. What follows are implementation notes
>>
On Fri, 16 Aug 2024 23:35:47 GMT, Valerie Peng wrote:
>> Addressed in
>> https://github.com/openjdk/jdk/pull/20301/commits/c6f491cd05c76088e6431b2ba9d4ab42b29e4055.
>> Please indicate if this is resolved.
>
> Yes.
> However I still question the current naming convention of using HmacXXX with
>
On Mon, 19 Aug 2024 21:37:29 GMT, Kevin Driver wrote:
>> How about the "may" => "should" change?
>
> Addressed in
> https://github.com/openjdk/jdk/pull/20301/commits/48395b86ba8e1cda663ae326e06ae2556f4b905a.
> Please indicate if this is resolved.
I think "cannot be null" or "must not be null"
On Mon, 26 Aug 2024 14:40:46 GMT, Sean Mullan wrote:
>> Francisco Ferrari Bihurriet has updated the pull request incrementally with
>> one additional commit since the last revision:
>>
>> Document list of reserved keys in
>> java.security.Security
On Fri, 23 Aug 2024 21:48:44 GMT, Kevin Driver wrote:
>> Introduce an API for Key Derivation Functions (KDFs), which are
>> cryptographic algorithms for deriving additional keys from a secret key and
>> other data. See [JEP 478](https://openjdk.org/jeps/478).
>>
>> Work was begun in [another P
On Fri, 23 Aug 2024 21:48:44 GMT, Kevin Driver wrote:
>> Introduce an API for Key Derivation Functions (KDFs), which are
>> cryptographic algorithms for deriving additional keys from a secret key and
>> other data. See [JEP 478](https://openjdk.org/jeps/478).
>>
>> Work was begun in [another P
On Fri, 23 Aug 2024 21:48:44 GMT, Kevin Driver wrote:
>> Introduce an API for Key Derivation Functions (KDFs), which are
>> cryptographic algorithms for deriving additional keys from a secret key and
>> other data. See [JEP 478](https://openjdk.org/jeps/478).
>>
>> Work was begun in [another P
On Fri, 23 Aug 2024 21:48:44 GMT, Kevin Driver wrote:
>> Introduce an API for Key Derivation Functions (KDFs), which are
>> cryptographic algorithms for deriving additional keys from a secret key and
>> other data. See [JEP 478](https://openjdk.org/jeps/478).
>>
>> Work was begun in [another P
On Mon, 26 Aug 2024 17:54:18 GMT, Weijun Wang wrote:
>> Kevin Driver has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> code review comments and test renaming
>
> src/java.base/share/classes/javax/crypto/spec/HKDFParameterSpec.java line 282
On Fri, 16 Aug 2024 21:03:11 GMT, Kevin Driver wrote:
>> If that's the case, then I think the `ikms` and `salts` method should
>> specify that an empty List may be returned and under what conditions, as it
>> is an edge case. For example, "Returns an empty list if there are no salt
>> values".
On Fri, 16 Aug 2024 21:04:22 GMT, Kevin Driver wrote:
>> Well, I am not too sure if we should state it this way as we have no way to
>> tell if the KDF parameters are valid or not since KDF class is not coded
>> with algorithm-specific knowledge to validate it. How about we just simply
>> stat
On Fri, 16 Aug 2024 21:04:02 GMT, Kevin Driver wrote:
>> Ignore my suggestion. I'm convinced now that unless specified we should
>> consider the return value non nullable. Sorry.
>
> Addressed in
> https://github.com/openjdk/jdk/pull/20301/commits/c6f491cd05c76088e6431b2ba9d4ab42b29e4055.
> Pl
On Tue, 13 Aug 2024 15:19:30 GMT, Kevin Driver wrote:
>> src/java.base/share/classes/javax/crypto/KDF.java line 458:
>>
>>> 456: * @param alg
>>> 457: * the algorithm of the resultant {@code SecretKey} object
>>> 458: * @param kdfParameterSpec
>>
>> I think this parameter sho
On Thu, 29 Aug 2024 14:15:38 GMT, Weijun Wang wrote:
>> Resolved in
>> https://github.com/openjdk/jdk/pull/20301/commits/a65dc9da044297c313e02d698255bad915dc0a10.
>
> Personally I don't like the "mutate" word. But your sentence is quite
> complete now, so I don't have a strong opinion now.
`KD
On Wed, 28 Aug 2024 20:37:57 GMT, Kevin Driver wrote:
>> Every time HKDF-Expand is used in either TLS 1.3 or HPKE, there is always a
>> non-empty info. Even if the original RFC says this argument is optional, I
>> don't think it's useful to provide a one-argument overloaded method.
>
> Agreed.
On Thu, 1 Aug 2024 04:13:24 GMT, Anthony Scarpino wrote:
>> Hi all,
>>
>> I need a code review of the PEM API. Privacy-Enhanced Mail (PEM) is a
>> format for encoding and decoding cryptographic keys and certificates. It
>> will be integrated into JDK24 as a Preview Feature. Preview features
On Tue, 27 Aug 2024 14:49:40 GMT, Fernando Guallini
wrote:
> The test sun/security/validator/samedn.sh failed once due to the following
> reason:
>
> `Caused by: java.security.cert.CertificateNotYetValidException: NotBefore:
> Tue Aug 06 14:41:13 GMT 2024`
>
> This test generates several cer
On Tue, 30 Jul 2024 18:59:42 GMT, Anthony Scarpino
wrote:
>> The current spec says "or null if not specified", so it's actually OK if one
>> is not specified -- if I understand correctly -- through the constructor
>> that take an algorithm argument. You might actually need to update the spec
On Fri, 30 Aug 2024 20:25:26 GMT, Mark Powers wrote:
>> Please review this change to distrust TLS server certificates issued after
>> October 31, 2024 and anchored by Entrust Root CAs. This change is in line
>> with similar plans recently announced by Google and Mozilla. TLS server
>> certific
On Fri, 30 Aug 2024 20:25:26 GMT, Mark Powers wrote:
>> Please review this change to distrust TLS server certificates issued after
>> October 31, 2024 and anchored by Entrust Root CAs. This change is in line
>> with similar plans recently announced by Google and Mozilla. TLS server
>> certific
On Mon, 2 Sep 2024 21:47:25 GMT, Mark Powers wrote:
>> Please review this change to distrust TLS server certificates issued after
>> October 31, 2024 and anchored by Entrust Root CAs. This change is in line
>> with similar plans recently announced by Google and Mozilla. TLS server
>> certifica
On Thu, 5 Sep 2024 15:43:29 GMT, Viktor Klang wrote:
>> Kevin Driver has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> change impl class to use byte arrays rather than SecretKey objects where
>> possible
>
> src/java.base/share/classes/ja
On Fri, 30 Aug 2024 23:26:12 GMT, Kevin Driver wrote:
>> Introduce an API for Key Derivation Functions (KDFs), which are
>> cryptographic algorithms for deriving additional keys from a secret key and
>> other data. See [JEP 478](https://openjdk.org/jeps/478).
>>
>> Work was begun in [another P
On Fri, 30 Aug 2024 23:26:12 GMT, Kevin Driver wrote:
>> Introduce an API for Key Derivation Functions (KDFs), which are
>> cryptographic algorithms for deriving additional keys from a secret key and
>> other data. See [JEP 478](https://openjdk.org/jeps/478).
>>
>> Work was begun in [another P
On Fri, 16 Aug 2024 16:13:17 GMT, Weijun Wang wrote:
>> Francisco Ferrari Bihurriet has updated the pull request incrementally with
>> one additional commit since the last revision:
>>
>> Code review and additional changes
>>
>> Throw an IllegalArgumentException exception if Security.get
On Fri, 23 Aug 2024 21:48:44 GMT, Kevin Driver wrote:
>> Introduce an API for Key Derivation Functions (KDFs), which are
>> cryptographic algorithms for deriving additional keys from a secret key and
>> other data. See [JEP 478](https://openjdk.org/jeps/478).
>>
>> Work was begun in [another P
On Fri, 6 Sep 2024 18:45:42 GMT, Kevin Driver wrote:
>> Introduce an API for Key Derivation Functions (KDFs), which are
>> cryptographic algorithms for deriving additional keys from a secret key and
>> other data. See [JEP 478](https://openjdk.org/jeps/478).
>>
>> Work was begun in [another PR
On Thu, 5 Sep 2024 22:34:41 GMT, Kevin Driver wrote:
>> src/java.base/share/classes/javax/crypto/KDF.java line 89:
>>
>>> 87: * the {@code deriveKey} or {@code deriveData} method is called, and a
>>> provider
>>> 88: * is chosen that supports the parameters passed to the {@code
>>> deriveKey
On Fri, 6 Sep 2024 18:45:42 GMT, Kevin Driver wrote:
>> Introduce an API for Key Derivation Functions (KDFs), which are
>> cryptographic algorithms for deriving additional keys from a secret key and
>> other data. See [JEP 478](https://openjdk.org/jeps/478).
>>
>> Work was begun in [another PR
On Sun, 8 Sep 2024 16:52:17 GMT, Alan Bateman wrote:
>> Kevin Driver has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> updated comments around locking mechanism
>
> src/java.base/share/classes/javax/crypto/KDF.java line 413:
>
>> 411:
On Fri, 6 Sep 2024 18:45:42 GMT, Kevin Driver wrote:
>> Introduce an API for Key Derivation Functions (KDFs), which are
>> cryptographic algorithms for deriving additional keys from a secret key and
>> other data. See [JEP 478](https://openjdk.org/jeps/478).
>>
>> Work was begun in [another PR
On Fri, 6 Sep 2024 18:45:42 GMT, Kevin Driver wrote:
>> Introduce an API for Key Derivation Functions (KDFs), which are
>> cryptographic algorithms for deriving additional keys from a secret key and
>> other data. See [JEP 478](https://openjdk.org/jeps/478).
>>
>> Work was begun in [another PR
On Tue, 13 Aug 2024 20:49:35 GMT, Rajan Halade wrote:
> Updated VerifyCACerts test to check if BasicConstraints lists "CA:true" and
> KeyUsage, if included, asserts the keyCertSign bit.
test/jdk/sun/security/lib/cacerts/VerifyCACerts.java line 405:
> 403: boolean[] keyUsageBits = c
On Tue, 13 Aug 2024 15:30:09 GMT, Mark Powers wrote:
>> https://bugs.openjdk.org/browse/JDK-8336665
>
> Mark Powers has updated the pull request incrementally with one additional
> commit since the last revision:
>
> comment from Sean
src/java.base/share/classes/sun/security/x509/X509CRLImpl
On Wed, 11 Sep 2024 23:06:40 GMT, Kevin Driver wrote:
>> Introduce an API for Key Derivation Functions (KDFs), which are
>> cryptographic algorithms for deriving additional keys from a secret key and
>> other data. See [JEP 478](https://openjdk.org/jeps/478).
>>
>> Work was begun in [another P
On Wed, 11 Sep 2024 23:06:40 GMT, Kevin Driver wrote:
>> Introduce an API for Key Derivation Functions (KDFs), which are
>> cryptographic algorithms for deriving additional keys from a secret key and
>> other data. See [JEP 478](https://openjdk.org/jeps/478).
>>
>> Work was begun in [another P
On Wed, 11 Sep 2024 21:50:52 GMT, Kevin Driver wrote:
>> src/java.base/share/classes/com/sun/crypto/provider/HkdfKeyDerivation.java
>> line 148:
>>
>>> 146: // JDK 17
>>> 147: // Also, JEP 305 came out in JDK 14, so we can't declare a
>>> variable
>>> 148: // in instanc
On Fri, 13 Sep 2024 22:06:17 GMT, Kevin Driver wrote:
>> I still think appending to or creating a list is implementation detail.
>
> I can see your point; however, we are not saying "_L_ist of values", so we
> are discussing it in an abstract manner. Let's leave it "as-is", since it can
> be in
On Thu, 16 Jun 2022 07:08:20 GMT, Johannes Kuhn wrote:
> * This adds additional permissions to the jdk.random module
> (`RuntimePermission "accessClassInPackage.jdk.internal.util.random"`)
> * The annotations of the provider classes are now parsed early.
> This avoids putting the parts that
Thanks, looking into the issue and will get back to you.
--Sean
On 6/16/22 4:09 PM, Lothar Kimmeringer wrote:
Hi,
I've had the pronblem that mails, I've sent to the list, got lost in
transmission. The reason is that I've used Thunderbird's "Write to"
and "Respond to" List function that appears
This should be fixed now. Let us know if you see any more problems.
--Sean
On 6/16/22 5:22 PM, Sean Mullan wrote:
Thanks, looking into the issue and will get back to you.
--Sean
On 6/16/22 4:09 PM, Lothar Kimmeringer wrote:
Hi,
I've had the pronblem that mails, I've sent to the
On Tue, 14 Jun 2022 19:07:24 GMT, Jayashree Huttanagoudar
wrote:
> Could you please review the changes?
> This patch is to address :
> https://bugs.openjdk.org/browse/JDK-8215916?jql=labels%20%3D%20starter-bug
src/java.base/share/classes/javax/security/auth/login/LoginContext.java line
887:
Yes, I see the same issue. Please file a bug. It is trying to retrieve a
CRL from the CA's LDAP repository and not finding an entry. Use of LDAP
URLs for fetching CRLs is somewhat rare in my experience (usually it
uses HTTP). It could be an issue with the CA's configuration, or it
could possibl
On Fri, 24 Jun 2022 18:27:05 GMT, Andrey Turbanov wrote:
> Update code checks both non-null and instance of a class in security classes.
> The checks and explicit casts could also be replaced with pattern matching
> for the instanceof operator.
>
> See similar cleanup in java.base -
> [JDK-825
On Wed, 6 Jul 2022 15:12:06 GMT, Andrey Turbanov wrote:
>> src/java.base/share/classes/sun/security/provider/certpath/RevocationChecker.java
>> line 491:
>>
>>> 489: break;
>>> 490: case "SSLServer":
>>> 491: result = (t instanceof IOException);
>>
>
I haven't had time to look at this in detail yet. I would like a couple
more weeks to review the draft.
Thanks,
Sean
On 7/6/22 10:36 AM, xueleifan(XueleiFan) wrote:
https://bugs.openjdk.java.net/browse/JDK-8281710
Could I get the JEP reviewed by adding his/her name to the “Reviewed By”
On Fri, 1 Jul 2022 17:31:06 GMT, Weijun Wang wrote:
> Add null-checks in all `LoginModule` implementations. It's possible that an
> application calls `logout` after a login failure, where most internal
> variables for principals and credentials are null and removing a null from
> the `Subject`
On Fri, 1 Jul 2022 17:31:06 GMT, Weijun Wang wrote:
> Add null-checks in all `LoginModule` implementations. It's possible that an
> application calls `logout` after a login failure, where most internal
> variables for principals and credentials are null and removing a null from
> the `Subject`
On Mon, 11 Jul 2022 19:49:13 GMT, Weijun Wang wrote:
>> src/jdk.security.auth/share/classes/com/sun/security/auth/module/UnixLoginModule.java
>> line 289:
>>
>>> 287: subject.getPrincipals().remove(GIDPrincipal);
>>> 288: }
>>> 289: if (supplementaryGroups != null) {
On Tue, 12 Jul 2022 17:38:38 GMT, Weijun Wang wrote:
>> Why isn't it sufficient to just call logout once per each login module?
>
> I meant to make the test more real. When there are multiple login modules,
> the principals and credentials sets could be different. For example, the
> `privateCre
On Fri, 1 Jul 2022 08:06:10 GMT, Сергей Цыпанов wrote:
> In case we read all bytes from an `InputStream` we don't need wrapping with
> `BufferedInputStream` as the bytes are not written into internal buffer. With
> removal of redundant buffer we save 8 kB of allocated memory.
This is in securi
On Fri, 1 Jul 2022 08:06:10 GMT, Сергей Цыпанов wrote:
> In case we read all bytes from an `InputStream` we don't need wrapping with
> `BufferedInputStream` as the bytes are not written into internal buffer. With
> removal of redundant buffer we save 8 kB of allocated memory.
Marked as reviewe
On Sat, 16 Jul 2022 13:46:58 GMT, Weijun Wang wrote:
>> Add null-checks in all `LoginModule` implementations. It's possible that an
>> application calls `logout` after a login failure, where most internal
>> variables for principals and credentials are null and removing a null from
>> the `Sub
On Fri, 22 Jul 2022 17:59:51 GMT, Mark Powers wrote:
> https://bugs.openjdk.org/browse/JDK-8290887
src/java.base/share/classes/sun/security/ssl/TrustManagerFactoryImpl.java line
108:
> 106: }
> 107:
> 108: /*
I think you can also remove the `import java.io.*` on line 28 now that this
On Fri, 22 Jul 2022 02:15:44 GMT, longxu0509 wrote:
> this patch fixes several wording in sun.security.ec
Marked as reviewed by mullan (Reviewer).
-
PR: https://git.openjdk.org/jdk/pull/9606
On Fri, 22 Jul 2022 02:15:44 GMT, longxu0509 wrote:
> this patch fixes several wording in sun.security.ec
I think "noreg-trivial" is a more appropriate label for this bug than
"noreg-cleanup". "noreg-cleanup", as defined in the [OpenJDK Developer's
Guide](https://openjdk.org/guide/) is:
"Chan
On Tue, 26 Jul 2022 15:07:03 GMT, Mark Powers wrote:
>> https://bugs.openjdk.org/browse/JDK-8290887
>
> Mark Powers has updated the pull request incrementally with one additional
> commit since the last revision:
>
> second iteration
Marked as reviewed by mullan (Reviewer).
-
P
On Thu, 28 Jul 2022 20:24:53 GMT, Bradford Wetmore wrote:
>> Kevin Driver has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> formatting
>
> src/java.base/share/classes/com/sun/crypto/provider/HmacMD5KeyGenerator.java
> line 93:
>
>> 91:
On Thu, 28 Jul 2022 20:54:08 GMT, Sean Mullan wrote:
>> src/java.base/share/classes/com/sun/crypto/provider/HmacMD5KeyGenerator.java
>> line 93:
>>
>>> 91:
>>> 92: if (keysize <= 0) {
>>> 93: throw new IllegalArgumentExc
On Wed, 27 Jul 2022 20:24:19 GMT, Mark Powers wrote:
> https://bugs.openjdk.org/browse/JDK-8290975
src/java.base/share/classes/javax/security/auth/PrivateCredentialPermission.java
line 130:
> 128: * @serial
> 129: */
> 130: private final boolean testing = false;
This should real
On Thu, 4 Aug 2022 20:21:44 GMT, Mark Powers wrote:
>> First constructor doesn't set defaultName (or inputName), so there will be a
>> error "might not have been initialized".
>
> I verified the error message happens when `defaultName` is final.
Yes but `defaultName` (like `prompt`) should neve
On Thu, 4 Aug 2022 17:03:37 GMT, Bradford Wetmore wrote:
>> src/java.base/share/classes/javax/security/auth/callback/TextInputCallback.java
>> line 46:
>>
>>> 44: * @since 1.4
>>> 45: */
>>> 46: private final String prompt;
>>
>> I think you can also mark `defaultText` final.
>
>
On Fri, 5 Aug 2022 21:49:01 GMT, Mark Powers wrote:
>> https://bugs.openjdk.org/browse/JDK-8290975
>
> Mark Powers has updated the pull request incrementally with one additional
> commit since the last revision:
>
> comment applies to two files
Marked as reviewed by mullan (Reviewer).
-
On Wed, 10 Aug 2022 14:22:43 GMT, Sean Coffey wrote:
>> src/java.base/share/classes/java/security/Security.java line 52:
>>
>>> 50: * @implNote If the master security properties file is missing, the JDK
>>> 51: * implementation will throw an {@code InternalError} when initializing
>>> the
>>>
On Thu, 11 Aug 2022 10:37:27 GMT, Alan Bateman wrote:
>> Sean Coffey has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> Incorporate review comments
>
> src/java.base/share/classes/java/security/Security.java line 52:
>
>> 50: * @implNote
On Fri, 12 Aug 2022 10:31:17 GMT, Sean Mullan wrote:
>> src/java.base/share/classes/java/security/Security.java line 52:
>>
>>> 50: * @implNote If this property file fails to load, the JDK
>>> implementation will
>>> 51: * throw an unspecified erro
On Thu, 11 Aug 2022 07:13:34 GMT, Sean Coffey wrote:
>> In the broken case where the conf/security/java.security configuration file
>> doesn't exist, the JDK should throw an Error.
>>
>> CSR in progress.
>
> Sean Coffey has updated the pull request incrementally with one additional
> commit s
On Fri, 12 Aug 2022 11:38:34 GMT, Sean Coffey wrote:
>> In the broken case where the conf/security/java.security configuration file
>> doesn't exist, the JDK should throw an Error.
>>
>> CSR in progress.
>
> Sean Coffey has updated the pull request incrementally with one additional
> commit s
On Thu, 18 Aug 2022 14:05:38 GMT, Weibing Xiao wrote:
>> Log the debugging info for server cipher suites when setting javax.net.debug
>> == ssl, handshake.
>
> Weibing Xiao has updated the pull request incrementally with one additional
> commit since the last revision:
>
> add or remove the
On Wed, 24 Aug 2022 20:45:29 GMT, Eric Caspole wrote:
>> Add a JMH for ProtectionDomain related to current work on JDK-8292375. Also,
>> add the InMemoryJavaCompiler to the JMH jar, to generate the classes needed
>> for this test and will be useful for future class loading JMH too.
>
> Eric Cas
On Mon, 22 Aug 2022 21:45:39 GMT, Mark Powers wrote:
> https://bugs.openjdk.org/browse/JDK-8291509
Some initial comments so far.
src/java.base/share/classes/sun/security/jca/ProviderList.java line 129:
> 127: int j = 0;
> 128: for (ProviderConfig config : providerList.configs)
On Thu, 25 Aug 2022 18:44:54 GMT, Mark Powers wrote:
>> src/java.base/share/classes/sun/security/jca/ProviderList.java line 129:
>>
>>> 127: int j = 0;
>>> 128: for (ProviderConfig config : providerList.configs) {
>>> 129: if
>>> (!Objects.requireNonNull(config.getPr
On Thu, 25 Aug 2022 15:07:27 GMT, Sean Mullan wrote:
>> https://bugs.openjdk.org/browse/JDK-8291509
>
> src/java.base/share/classes/sun/security/jca/Providers.java line 104:
>
>> 102: * Start JAR verification. This sets a special provider list for
>> 103:
On Thu, 25 Aug 2022 18:45:10 GMT, Mark Powers wrote:
>> src/java.base/share/classes/sun/security/jca/Providers.java line 212:
>>
>>> 210:
>>> 211: // Change the thread local provider list. Use only if the current
>>> thread
>>> 212: // is already using a thread local list, and you want
On Thu, 25 Aug 2022 18:44:59 GMT, Mark Powers wrote:
>> src/java.base/share/classes/sun/security/jca/ProviderList.java line 679:
>>
>>> 677: private final String algorithm;
>>> 678: private final String provider;
>>> 679: private String[] alternateNames = null;
>>
>> sho
On Thu, 25 Aug 2022 16:00:54 GMT, Rajan Halade wrote:
> This fix adds Certigna root CA to cacerts trust store.
Can we change the issue title to "Add Certigna Root CA" since only one root is
being added?
-
PR: https://git.openjdk.org/jdk/pull/10030
On Thu, 25 Aug 2022 16:00:54 GMT, Rajan Halade wrote:
> This fix adds Certigna root CA to cacerts trust store.
Marked as reviewed by mullan (Reviewer).
-
PR: https://git.openjdk.org/jdk/pull/10030
John, David, Franco,
Thank you for your interest in helping define a new KEM API for Java. We
agree that KEMs are an important mechanism and expect them to become
more prevalent in the future. We also agree that there are challenges
associated with retrofitting the current APIs (KeyGenerator,
On Fri, 26 Aug 2022 18:30:36 GMT, Rajan Halade wrote:
>> This fix adds Certigna root CA to cacerts trust store.
>
> Rajan Halade has updated the pull request with a new target base due to a
> merge or a rebase. The incremental webrev excludes the unrelated changes
> brought in by the merge/reba
On Mon, 29 Aug 2022 21:48:18 GMT, Mark Powers wrote:
>> https://bugs.openjdk.org/browse/JDK-8291509
>
> Mark Powers has updated the pull request incrementally with one additional
> commit since the last revision:
>
> white space
src/java.base/share/classes/sun/security/pkcs/PKCS7.java line 1
On Mon, 29 Aug 2022 21:48:18 GMT, Mark Powers wrote:
>> https://bugs.openjdk.org/browse/JDK-8291509
>
> Mark Powers has updated the pull request incrementally with one additional
> commit since the last revision:
>
> white space
A few more comments.
src/java.base/share/classes/sun/security/
On Mon, 29 Aug 2022 13:56:28 GMT, Eric Caspole wrote:
>> Add a JMH for ProtectionDomain related to current work on JDK-8292375. Also,
>> add the InMemoryJavaCompiler to the JMH jar, to generate the classes needed
>> for this test and will be useful for future class loading JMH too.
>
> Eric Cas
On Fri, 2 Sep 2022 18:48:32 GMT, Mark Powers wrote:
>> https://bugs.openjdk.org/browse/JDK-8291509
>
> Mark Powers has updated the pull request incrementally with one additional
> commit since the last revision:
>
> white space
reviewed up to certpath dir.
src/java.base/share/classes/sun/se
1 - 100 of 1365 matches
Mail list logo
