RFR[10] JDK-8177017: com/oracle/security/ucrypto/TestAES.java fails intermittently

2017-06-21 Thread sha . jiang
Hi, According to JDK-8173708, the cases on CFB128 in test com/oracle/security/ucrypto/TestAES.java should be skipped on Solaris 11.2 and previous versions due to a Solaris bug. Please review the patch at: http://cr.openjdk.java.net/~jjiang/8177017/webrev.00/ Best regards, John Jiang

Re: How do I know which granted permission is not needed?

2017-06-21 Thread Weijun Wang
On 06/21/2017 11:29 PM, Sean Mullan wrote: Hmm. Just remove all granted permissions then, and grant them one by one until it runs w/o error? The test is meant to ensure that any future src code change will not accidentally "remove" a required permission. i.e. if perm A is needed today

Re: Support for CFRG (curve25519 etc) in Java/JCE

2017-06-21 Thread Anders Rundgren
On 2017-06-21 17:31, Adam Petcher wrote: On 6/21/2017 11:20 AM, Anders Rundgren wrote: Thanx, but at this stage I'm mainly concerned about the specification. Is the specification also supposed to be created in the issue above? There is a JEP in development for RFC 7748, and I expect the

Re: How do I know which granted permission is not needed?

2017-06-21 Thread Weijun Wang
On 06/21/2017 10:34 PM, Seán Coffey wrote: you're mostly likely aware of this debug option but the java.security.debug option allows 'access' which should give you alot more information about each permission check that's been made. Maybe it's a case of scanning the output for permissions not

Re: Support for CFRG (curve25519 etc) in Java/JCE

2017-06-21 Thread Anders Rundgren
On 2017-06-21 16:58, Seán Coffey wrote: This appears to be tracked via https://bugs.openjdk.java.net/browse/JDK-8171277 Thanx, but at this stage I'm mainly concerned about the specification. Is the specification also supposed to be created in the issue above? Regards, Anders

Re: Support for CFRG (curve25519 etc) in Java/JCE

2017-06-21 Thread Seán Coffey
This appears to be tracked via https://bugs.openjdk.java.net/browse/JDK-8171277 Regards, Sean. On 20/06/17 21:32, Anders Rundgren wrote: Hi List, I'm an long time user of Java and JCE. I've just begun looking into the recently standardized curve25519 crypto. Since I didn't find any JEP or

Re: How do I know which granted permission is not needed?

2017-06-21 Thread Seán Coffey
you're mostly likely aware of this debug option but the java.security.debug option allows 'access' which should give you alot more information about each permission check that's been made. Maybe it's a case of scanning the output for permissions not checked and seeing if they're really

Re: RFR 8181975: Run sun/security/pkcs11 tests on Mac

2017-06-21 Thread Seán Coffey
Looks fine to me. Regards, Sean. On 21/06/17 12:27, Bhanu Gopularam wrote: Hi all, Please review fix for following test bug: Bug Id - https://bugs.openjdk.java.net/browse/JDK-8181975 In test/sun/security/pkcs11/PKCS11Test.java updated path for nss-libs on MacOSX platform. Webrev -

Re: How do I know which granted permission is not needed?

2017-06-21 Thread Sean Mullan
On 6/21/17 3:05 AM, Weijun Wang wrote: Suppose I have a Java program running with a security manager and a policy file. There are quite a lot of permissions granted in the policy file but maybe not all of them are necessary. Is there a way I can find out which one is not needed? I don't

RFR 8181975: Run sun/security/pkcs11 tests on Mac

2017-06-21 Thread Bhanu Gopularam
Hi all, Please review fix for following test bug: Bug Id - https://bugs.openjdk.java.net/browse/JDK-8181975 In test/sun/security/pkcs11/PKCS11Test.java updated path for nss-libs on MacOSX platform. Webrev - http://cr.openjdk.java.net/~bgopularam/bhanu/8181975/webrev.00/ Thanks, Bhanu

How do I know which granted permission is not needed?

2017-06-21 Thread Weijun Wang
Suppose I have a Java program running with a security manager and a policy file. There are quite a lot of permissions granted in the policy file but maybe not all of them are necessary. Is there a way I can find out which one is not needed? I tried to write my own security manager to remember