On Fri, 9 Apr 2021 04:55:14 GMT, Xue-Lei Andrew Fan wrote:
> To improve the readability, it would be nice to check the TLS extensions
> total length while parsing.
>
> No new regression test, trial update.
src/java.base/share/classes/sun/security/ssl/SSLExtensions.java line 68:
> 66:
To improve the readability, it would be nice to check the TLS extensions total
length while parsing.
No new regression test, trial update.
-
Commit messages:
- 8264948: Check for TLS extensions total length
Changes: https://git.openjdk.java.net/jdk/pull/3405/files
Webrev: https:
On Wed, 31 Mar 2021 06:30:01 GMT, Hai-May Chao wrote:
> Please review the changes that adds the -signer option to keytool -genkeypair
> command. As key agreement algorithms do not have a signing algorithm, the
> specified signer's private key will be used to sign and generate a key
> agreement
> Hi,
>
> I'd like to propose a fix for JDK-8261355 [1].
>
> The scheme used for holding data and padding while performing encryption
> operations is almost the same than the existing one for decryption. The only
> difference is that encryption does not require a block-sized buffer to be
> alw
Ouch, missed that. Good to go.
Thanks,
Paul
-Original Message-
From: "Doerr, Martin"
Date: Thursday, April 8, 2021 at 2:53 AM
To: "Hohensee, Paul" , "Langer, Christoph"
, jdk-updates-dev ,
security-dev
Cc: "Lindenmaier, Goetz"
Subject: RE: [11u] RFR: 8226374: Restrict TLS signature
On Thu, 8 Apr 2021 01:06:47 GMT, Weijun Wang wrote:
> This code change does not intend to support multiple byte tags. Instead, it
> aims to fail more gracefully when such a tag is encountered. For `DerValue`
> constructors from an encoding (type I), an `IOException` will be thrown since
> it's
> This code change does not intend to support multiple byte tags. Instead, it
> aims to fail more gracefully when such a tag is encountered. For `DerValue`
> constructors from an encoding (type I), an `IOException` will be thrown since
> it's already in the throws clause. For constructors from t
On Thu, 8 Apr 2021 17:18:50 GMT, Jamil Nimeh wrote:
>> I don't want to go on reading the following bytes to find out what the
>> intended tag number is, because that somehow shows I do understand the
>> encoding _a lot_ but still don't want to support it (well, actually I only
>> understand _a
On Thu, 8 Apr 2021 16:59:54 GMT, Weijun Wang wrote:
>> src/java.base/share/classes/sun/security/util/DerValue.java line 225:
>>
>>> 223: DerValue(byte tag, byte[] buffer, int start, int end, boolean
>>> allowBER) {
>>> 224: if ((tag & 0x1f) == 0x1f) {
>>> 225: throw new
On Thu, 8 Apr 2021 17:10:13 GMT, Weijun Wang wrote:
>> src/java.base/share/classes/sun/security/util/DerValue.java line 322:
>>
>>> 320: tag = buf[pos++];
>>> 321: if ((tag & 0x1f) == 0x1f) {
>>> 322: throw new IOException("Tag number over 30 is not
>>> supported");
On Thu, 8 Apr 2021 16:58:24 GMT, Jamil Nimeh wrote:
>> Weijun Wang has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> update exception wordings
>
> src/java.base/share/classes/sun/security/util/DerValue.java line 322:
>
>> 320: tag
On Sat, 3 Apr 2021 22:09:55 GMT, Alex Blewitt
wrote:
> 8264681: Use the blessed modifier order in java.security
The rest looks fine, but I would double-check all the copyrights to see if you
are modifying any other 3rd-party code than the ones I commented on. Best to
leave that code as-is and
On Thu, 8 Apr 2021 15:53:10 GMT, Xue-Lei Andrew Fan wrote:
>> Weijun Wang has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> update exception wordings
>
> src/java.base/share/classes/sun/security/util/DerValue.java line 225:
>
>> 223:
> This code change does not intend to support multiple byte tags. Instead, it
> aims to fail more gracefully when such a tag is encountered. For `DerValue`
> constructors from an encoding (type I), an `IOException` will be thrown since
> it's already in the throws clause. For constructors from t
On Thu, 8 Apr 2021 13:57:37 GMT, Weijun Wang wrote:
>> This code change does not intend to support multiple byte tags. Instead, it
>> aims to fail more gracefully when such a tag is encountered. For `DerValue`
>> constructors from an encoding (type I), an `IOException` will be thrown
>> since
On Thu, 8 Apr 2021 13:57:37 GMT, Weijun Wang wrote:
>> This code change does not intend to support multiple byte tags. Instead, it
>> aims to fail more gracefully when such a tag is encountered. For `DerValue`
>> constructors from an encoding (type I), an `IOException` will be thrown
>> since
On Thu, 8 Apr 2021 03:46:07 GMT, Xue-Lei Andrew Fan wrote:
>> Weijun Wang has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> make sure test fails before code change
>
> src/java.base/share/classes/sun/security/util/DerValue.java line 322:
>
> This code change does not intend to support multiple byte tags. Instead, it
> aims to fail more gracefully when such a tag is encountered. For `DerValue`
> constructors from an encoding (type I), an `IOException` will be thrown since
> it's already in the throws clause. For constructors from t
Hi Paul and Christoph,
thank you for the review and the approval.
I've added the blank line.
In addition, I've reviewed the whole change again and found a copy & paste bug
in my webrev.00:
SECT283_K1(0x0009, "sect283k1", true,
NamedGroupSpec.NAMED_GROUP_ECDHE,
Prot
19 matches
Mail list logo