Re: RFR: 8236671: NullPointerException in JKS keystore [v2]

Thanks for the feedback Will. It would be useful if you can provide a testcase and/or add comments to JDK-8266351 on your experience. regards, Sean. On 30/04/2021 17:54, Will Sargent wrote: > KeyStore specification will be tightened up via

Re: RFR: 8263779: SSLEngine reports NEED_WRAP continuously without producing any further output [v2]

On Wed, 28 Apr 2021 00:12:44 GMT, Xue-Lei Andrew Fan wrote: >> src/java.base/share/classes/sun/security/ssl/SSLSocketImpl.java line 1694: >> >>> 1692: if (cause instanceof SocketException) { >>> 1693: try { >>> 1694: throw conContext.fatal(alert, cause); >>

RFR: 8266293: Key protection using PBEWithMD5AndDES fails with "java.security.InvalidAlgorithmParameterException: Salt must be 8 bytes long"

`PKCS12KeyStore` always uses a 20-byte salt in encryption but PBEWithMD5AndDES only accepts 8-byte salt. With this code change, the salt used for this algorithm will be 8 bytes. RFC 2898 only requires the salt to be at least 8 bytes, but I don't intend to modify the `PBES1Core.java` to accept

Re: RFR: 8264774: Implementation of Foreign Function and Memory API (Incubator) [v3]

On Fri, 30 Apr 2021 12:24:38 GMT, Maurizio Cimadamore wrote: > I've added `@CS` in the interface methods too. I've also added a stronger > test which creates method handles in one module (which doesn't have native > access) and then calls them from another module (which does NOT have native

Re: RFR: 8236671: NullPointerException in JKS keystore [v2]

> KeyStore specification will be tightened up via another bug record This would be super helpful, as one thing that confuses me is what the relationship is between a key entry and a key alias -- in particular, the existence alias doesn't seem to guarantee a valid entry that can be retrieved. In

[11u] RFR: 8153005: Upgrade the default PKCS12 encryption/MAC algorithms

Hi, JDK-8153005 is backported to 11.0.12-oracle. I'd like to backport it for parity. It doesn't apply cleanly. Bug: https://bugs.openjdk.java.net/browse/JDK-8153005 CSR covering 11u: https://bugs.openjdk.java.net/browse/JDK-8228481 Original change:

Re: RFR: 8241248: NullPointerException in sun.security.ssl.HKDF.extract(HKDF.java:93) [v2]

On Thu, 29 Apr 2021 15:58:28 GMT, Xue-Lei Andrew Fan wrote: >> Yes, I’ve made a test that calculates total time spent by server to receive >> "N" connections. Every server handshake is performed in a separate thread >> The client starts "T" threads. Every thread sends one initial connection and

Re: RFR: 8241248: NullPointerException in sun.security.ssl.HKDF.extract(HKDF.java:93) [v2]

> Hello All, > > Could you please review the fix for the JDK-8241248? > The issue happens during the TLSv1.3 handshake without server stateless > session resumption in case of server receives several parallel requests with > the same pre_shared_key. > The main idea of the fix is to remove

Re: RFR: 8264774: Implementation of Foreign Function and Memory API (Incubator) [v7]

> This PR contains the API and implementation changes for JEP-412 [1]. A more > detailed description of such changes, to avoid repetitions during the review > process, is included as a separate comment. > > [1] - https://openjdk.java.net/jeps/412 Maurizio Cimadamore has updated the pull

Integrated: 8266220: keytool still prompt for store password on a password-less pkcs12 file if -storetype pkcs12 is specified

On Wed, 28 Apr 2021 15:07:14 GMT, Weijun Wang wrote: > It's awkward that for a password-less pkcs12 keystore, `keytool -list` does > not prompt for a password but `keytool -list -storetype pkcs12` does. This pull request has now been integrated. Changeset: 48bb996a Author:Weijun Wang

Re: RFR: 8264774: Implementation of Foreign Function and Memory API (Incubator) [v3]

On Thu, 29 Apr 2021 18:18:00 GMT, Mandy Chung wrote: > I think the implementation does not support that. I will also need to look > into how this impacts JDK-8266010. As I suggest earlier, I'm fine to do this > as a follow up after integration. I've added `@CS` in the interface methods too.

Re: RFR: 8264774: Implementation of Foreign Function and Memory API (Incubator) [v6]

> This PR contains the API and implementation changes for JEP-412 [1]. A more > detailed description of such changes, to avoid repetitions during the review > process, is included as a separate comment. > > [1] - https://openjdk.java.net/jeps/412 Maurizio Cimadamore has updated the pull

Re: RFR: 8266220: keytool still prompt for store password on a password-less pkcs12 file if -storetype pkcs12 is specified [v2]

On Thu, 29 Apr 2021 17:51:17 GMT, Weijun Wang wrote: >> It's awkward that for a password-less pkcs12 keystore, `keytool -list` does >> not prompt for a password but `keytool -list -storetype pkcs12` does. > > Weijun Wang has updated the pull request incrementally with one additional > commit

Integrated: 8236671: NullPointerException in JKS keystore

On Tue, 20 Apr 2021 11:54:39 GMT, Sean Coffey wrote: > Trivial enough change. Improved the exception thrown from JceKeyStore also. This pull request has now been integrated. Changeset: 276a1bf7 Author:Sean Coffey URL:

Re: RFR: 8236671: NullPointerException in JKS keystore [v2]

On Wed, 28 Apr 2021 12:39:42 GMT, Sean Coffey wrote: >> Trivial enough change. Improved the exception thrown from JceKeyStore also. > > Sean Coffey has updated the pull request with a new target base due to a > merge or a rebase. The incremental webrev excludes the unrelated changes > brought

Re: RFR: 8266220: keytool still prompt for store password on a password-less pkcs12 file if -storetype pkcs12 is specified [v2]

On Thu, 29 Apr 2021 17:51:17 GMT, Weijun Wang wrote: >> It's awkward that for a password-less pkcs12 keystore, `keytool -list` does >> not prompt for a password but `keytool -list -storetype pkcs12` does. > > Weijun Wang has updated the pull request incrementally with one additional > commit