This fix adds an EC private key range check for the scalar value to be within
the range [1, n-1] (n being the order of the generator) for the SunEC ECDSA
Signature algorithms and ECDH KeyAgreement algorithms. While the SunEC
KeyGenerator for EC keys will not generate private keys that sit
On Tue, 31 Aug 2021 12:05:48 GMT, Sean Mullan wrote:
>> Line 186 is correct in that the underlying Cipher block size must be
>> 128-bit. However, the KW/KWP processing affected the input size requirement
>> into 8-byte blocks, thus the overall cipher block size is now 8 instead of
>> 16
It looks like an unintended behavior change to me. It looks reasonable to
change the behavior back.
Xuelei
> On Aug 25, 2021, at 2:59 AM, Volker Simonis wrote:
>
> Hi,
>
> I'd like to resurrect this old discussion which seems to have got lost.
>
> David has analyzed and described the
> This is the continuation of JDK-8233884, JDK-8271456, and JDK-8272120.
>
> In many places standard charsets are looked up via their names, for example:
> absolutePath.getBytes("UTF-8");
>
> This could be done more efficiently(up to x20 time faster) with use of
>
On Wed, 25 Aug 2021 19:00:06 GMT, Weijun Wang wrote:
> This code change collects all key types and runs `chooseClientAlias` only
> once.
This pull request has now been integrated.
Changeset: 3d657eb0
Author:Weijun Wang
URL:
On Mon, 30 Aug 2021 19:13:04 GMT, Sean Mullan wrote:
>
>
> Has bug been filed against NSS for ignoring the IV?
I've just filed https://bugzilla.mozilla.org/show_bug.cgi?id=1728419
-
PR: https://git.openjdk.java.net/jdk/pull/5236
On Tue, 24 Aug 2021 01:33:42 GMT, Valerie Peng wrote:
> Could someone help review this straight forward change? During the
> interoperability testing with PKCS11 KW/KWP support, it is noticed that
> SunJCE provider used the wrong block size (AES: 16) when padding is needed
> for KW mode. With
This change will disable JARs signed with algorithms using SHA-1 by default,
and treat them as unsigned. This applies to the algorithms used to digest,
sign, and optionally timestamp the JAR. It also applies to the signature and
digest algorithms of the certificates in the certificate chain of
On Tue, 31 Aug 2021 02:08:48 GMT, Weijun Wang wrote:
>> This change modifies the default value of the `java.security.manager` system
>> property from "allow" to "disallow". This means unless it's explicitly set
>> to "allow", any call to `System.setSecurityManager()` would throw an UOE.
>>
>>
On Tue, 31 Aug 2021 02:08:48 GMT, Weijun Wang wrote:
>> This change modifies the default value of the `java.security.manager` system
>> property from "allow" to "disallow". This means unless it's explicitly set
>> to "allow", any call to `System.setSecurityManager()` would throw an UOE.
>>
>>
On Tue, 31 Aug 2021 00:09:10 GMT, Valerie Peng wrote:
>> src/java.base/share/classes/com/sun/crypto/provider/KeyWrapCipher.java line
>> 237:
>>
>>> 235: @Override
>>> 236: protected int engineGetBlockSize() {
>>> 237: return 8;
>>
>> Line 186 still says:
>>
>> `* symmetric
On Tue, 31 Aug 2021 02:08:48 GMT, Weijun Wang wrote:
>> This change modifies the default value of the `java.security.manager` system
>> property from "allow" to "disallow". This means unless it's explicitly set
>> to "allow", any call to `System.setSecurityManager()` would throw an UOE.
>>
>>
12 matches
Mail list logo