Hi
In attempting to validate jar signing I am seeing warnings as such
displaying Invalid certificate chain
---
>jarsigner -verify -certs bcprov-jdk15on-1.66.jar
s 606774 Sat Jul 04 15:48:42 EDT 2020 META-INF/MANIFEST.MF
>>> Signer
X.509, CN=Legion of the
On Fri, 13 Nov 2020 04:57:12 GMT, Jamil Nimeh wrote:
> Hello all,
> This change brings in support for certificates with EdDSA keys (both Ed25519
> and Ed448) allowing those signature algorithms to be used both on the
> certificates themselves and used during the handshaking process for
On Wed, 2 Dec 2020 18:06:33 GMT, Xue-Lei Andrew Fan wrote:
>> I only used "!" for consistency with existing usage in P11Key.java:1080.
>> Is there a reason to avoid "!" other than maybe readability?
>
> Save a operation could get a little bit performance. Comparing to "if (!a)",
> "if (a)"
On Tue, 29 Sep 2020 20:22:55 GMT, Anthony Scarpino
wrote:
> 8253821: Improve ByteBuffer performance with GCM
This pull request has now been integrated.
Changeset: cc1915b3
Author:Anthony Scarpino
URL: https://git.openjdk.java.net/jdk/commit/cc1915b3
Stats: 2187 lines in 15
On Wed, 2 Dec 2020 04:58:13 GMT, Anthony Scarpino wrote:
>> The biggest part of this change is the addition of overlap protection and
>> the tests to verify it for GCM, as there were none in the open repo.
>> Additionally, GCMBufferTest had some significant changes to clean it up and
>>
On Wed, 2 Dec 2020 05:01:28 GMT, Anthony Scarpino wrote:
>> 8253821: Improve ByteBuffer performance with GCM
>
> Anthony Scarpino has updated the pull request incrementally with one
> additional commit since the last revision:
>
> comments v4
Marked as reviewed by valeriep (Reviewer).
On Sat, 21 Nov 2020 08:32:17 GMT, Christoph Langer wrote:
> There is a flaw in sun.security.ssl.SSLSocketImpl::close() which leads to
> leaking socket resources after JDK-8224829.
>
> The close method calls duplexCloseOutput() and duplexCloseInput(). In case of
> an exception in any of these
On Wed, 2 Dec 2020 18:42:36 GMT, Christoph Langer wrote:
>> test/jdk/sun/security/ssl/SSLSocketImpl/SSLSocketLeak.java line 37:
>>
>>> 35: * will not leave leaking socket file descriptors
>>> 36: * @library /test/lib
>>> 37: * @run main/othervm SSLSocketLeak
>>
>> See bellow
On Sun, 22 Nov 2020 18:27:56 GMT, Christoph Langer wrote:
>> There is a flaw in sun.security.ssl.SSLSocketImpl::close() which leads to
>> leaking socket resources after JDK-8224829.
>>
>> The close method calls duplexCloseOutput() and duplexCloseInput(). In case
>> of an exception in any of
On Wed, 2 Dec 2020 18:01:04 GMT, Xue-Lei Andrew Fan wrote:
>> Christoph Langer has updated the pull request incrementally with one
>> additional commit since the last revision:
>>
>> Small test improvement
>
> test/jdk/sun/security/ssl/SSLSocketImpl/SSLSocketLeak.java line 37:
>
>> 35: *
On Wed, 2 Dec 2020 17:49:10 GMT, Anthony Scarpino wrote:
>> src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11ECKeyFactory.java
>> line 303:
>>
>>> 301: } else {
>>> 302: point = decodePoint(attributes[0].getByteArray(),
>>> params.getCurve());
On Sun, 22 Nov 2020 18:27:56 GMT, Christoph Langer wrote:
>> There is a flaw in sun.security.ssl.SSLSocketImpl::close() which leads to
>> leaking socket resources after JDK-8224829.
>>
>> The close method calls duplexCloseOutput() and duplexCloseInput(). In case
>> of an exception in any of
On Wed, 2 Dec 2020 17:34:11 GMT, Xue-Lei Andrew Fan wrote:
>> I need a code review for this small code change. The code did not run the
>> data through the DER decoding class before setting it to the point when the
>> SunPKCS11 configuration had UseEcX963Encoding set to false.
>
>
On Wed, 2 Dec 2020 17:14:11 GMT, Jamil Nimeh wrote:
>> Hello all,
>> This change brings in support for certificates with EdDSA keys (both Ed25519
>> and Ed448) allowing those signature algorithms to be used both on the
>> certificates themselves and used during the handshaking process for
On Wed, 2 Dec 2020 17:08:11 GMT, Anthony Scarpino wrote:
> I need a code review for this small code change. The code did not run the
> data through the DER decoding class before setting it to the point when the
> SunPKCS11 configuration had UseEcX963Encoding set to false.
Marked as reviewed
> Hello all,
> This change brings in support for certificates with EdDSA keys (both Ed25519
> and Ed448) allowing those signature algorithms to be used both on the
> certificates themselves and used during the handshaking process for messages
> like CertificateVerify, ServerKeyExchange and so
I need a code review for this small code change. The code did not run the data
through the DER decoding class before setting it to the point when the
SunPKCS11 configuration had UseEcX963Encoding set to false.
-
Commit messages:
- Remove from problemlist
- Allow use of ASN.1 for
On Wed, 2 Dec 2020 15:33:20 GMT, Jamil Nimeh wrote:
>> SunEC's algorithm name for keys are always "EdDSA", but I know BC returns
>> "Ed25519" or "Ed448".
>
> Filed and took ownership of JDK-8257607 to address BC JCE provider issues for
> both XDH and EdDSA when used with SunJSSE.
Also,
On Wed, 2 Dec 2020 16:28:44 GMT, Kartik Ohri
wrote:
>> src/java.net.http/share/classes/jdk/internal/net/http/Http1HeaderParser.java
>> line 119:
>>
>>> 117: while (canContinueParsing(input)) {
>>> 118: switch (state) {
>>> 119: case INITIAL ->
On Wed, 2 Dec 2020 16:34:17 GMT, Kartik Ohri
wrote:
>> Hi!
>> Kindly review this patch to replace switch statements with switch
>> expressions (where it makes sense) in the http client modules. The rationale
>> is to improve readability of the code.
>> Regards,
>> Kartik
>
> Kartik Ohri has
On Wed, 2 Dec 2020 16:23:11 GMT, Daniel Fuchs wrote:
>> Kartik Ohri has refreshed the contents of this pull request, and previous
>> commits have been removed. The incremental views will show differences
>> compared to the previous content of the PR.
>
>
On Wed, 2 Dec 2020 16:26:43 GMT, Patrick Concannon
wrote:
>> Kartik Ohri has refreshed the contents of this pull request, and previous
>> commits have been removed. The incremental views will show differences
>> compared to the previous content of the PR.
>
>
On Wed, 2 Dec 2020 09:42:09 GMT, Kartik Ohri
wrote:
>> Hi!
>> Kindly review this patch to replace switch statements with switch
>> expressions (where it makes sense) in the http client modules. The rationale
>> is to improve readability of the code.
>> Regards,
>> Kartik
>
> Kartik Ohri has
On Wed, 2 Dec 2020 16:15:13 GMT, Chris Hegarty wrote:
>> Kartik Ohri has refreshed the contents of this pull request, and previous
>> commits have been removed. The incremental views will show differences
>> compared to the previous content of the PR.
>
> I think that the actual source changes
> Hi!
> Kindly review this patch to replace switch statements with switch expressions
> (where it makes sense) in the http client modules. The rationale is to
> improve readability of the code.
> Regards,
> Kartik
Kartik Ohri has updated the pull request incrementally with one additional
On Wed, 2 Dec 2020 09:42:09 GMT, Kartik Ohri
wrote:
>> Hi!
>> Kindly review this patch to replace switch statements with switch
>> expressions (where it makes sense) in the http client modules. The rationale
>> is to improve readability of the code.
>> Regards,
>> Kartik
>
> Kartik Ohri has
On Wed, 2 Dec 2020 09:42:09 GMT, Kartik Ohri
wrote:
>> Hi!
>> Kindly review this patch to replace switch statements with switch
>> expressions (where it makes sense) in the http client modules. The rationale
>> is to improve readability of the code.
>> Regards,
>> Kartik
>
> Kartik Ohri has
On Fri, 20 Nov 2020 20:05:09 GMT, Weijun Wang wrote:
>> src/java.base/share/classes/sun/security/ssl/JsseJce.java line 97:
>>
>>> 95: */
>>> 96: static final String SIGNATURE_EDDSA = "EdDSA";
>>> 97:
>>
>> Please update the copyright year.
>>
>> Is it possible that "ed25519" or
> Hi!
> Kindly review this patch to replace switch statements with switch expressions
> (where it makes sense) in the http client modules. The rationale is to
> improve readability of the code.
> Regards,
> Kartik
Kartik Ohri has refreshed the contents of this pull request, and previous
> Hi!
> Kindly review this patch to replace switch statements with switch expressions
> (where it makes sense) in the http client modules. The rationale is to
> improve readability of the code.
> Regards,
> Kartik
Kartik Ohri has updated the pull request incrementally with one additional
30 matches
Mail list logo