On Tue, 19 Oct 2021 20:32:21 GMT, Sean Mullan wrote:
>> This fix improves the exception message to better indicate when the key (and
>> not the signature algorithm) is restricted. This change also includes a few
>> other improvements:
>>
>> - The constraints checking in `AlgorithmChecker.check
Add `KeyStore::getAttributes` so that one can get the attributes of an entry
without retrieving the entry first. This is especially useful for a private key
entry which can only be retrieved with a password.
-
Commit messages:
- 8225181: KeyStore should have a getAttributes method
On Sat, 9 Oct 2021 19:41:51 GMT, Joe Darcy wrote:
> Analogous to other recent cleanups like JDK-8274393, suppress warnings for
> serialization-related issues in the windows mscapi code.
This pull request has now been integrated.
Changeset: 926966be
Author:Joe Darcy
URL:
https://git
On Fri, 17 Sep 2021 23:22:21 GMT, Valerie Peng wrote:
> Anyone has time to review this RFE for adding AES cipher with KW, KWP modes
> support to SunPKCS11 provider?
>
> The main changes are in only one new class, i.e. P11KeyWrapCipher.java, which
> is the CipherSpi impl for the native PKCS11 k
On Thu, 14 Oct 2021 13:36:19 GMT, Weijun Wang wrote:
> The cacerts file is now a password-less PKCS12 file. This make sure old code
> that uses a JKS KeyStore object can continuously load it using a null
> password (in fact, any password) and see all certificates inside.
This pull request has
> This fix improves the exception message to better indicate when the key (and
> not the signature algorithm) is restricted. This change also includes a few
> other improvements:
>
> - The constraints checking in `AlgorithmChecker.check()` has been improved.
> If the `AlgorithmConstraints` are
> The cacerts file is now a password-less PKCS12 file. This make sure old code
> that uses a JKS KeyStore object can continuously load it using a null
> password (in fact, any password) and see all certificates inside.
Weijun Wang has updated the pull request incrementally with one additional
c
On Tue, 19 Oct 2021 18:49:11 GMT, Sean Mullan wrote:
>> Weijun Wang has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> use a standard name
>
> make/jdk/src/classes/build/tools/generatecacerts/GenerateCacerts.java line 54:
>
>> 52: publ
On Tue, 19 Oct 2021 19:48:23 GMT, Weijun Wang wrote:
>> The cacerts file is now a password-less PKCS12 file. This make sure old code
>> that uses a JKS KeyStore object can continuously load it using a null
>> password (in fact, any password) and see all certificates inside.
>
> Weijun Wang has
On Sat, 9 Oct 2021 19:41:51 GMT, Joe Darcy wrote:
> Analogous to other recent cleanups like JDK-8274393, suppress warnings for
> serialization-related issues in the windows mscapi code.
Looks fine. Thanks!
-
Marked as reviewed by valeriep (Reviewer).
PR: https://git.openjdk.java.
On Tue, 19 Oct 2021 17:15:48 GMT, Anthony Scarpino
wrote:
>> Right, it's really just about using consistent message digest names so that
>> it can match for example, "SHA-1" and also "SHA1withRSA". I'll change the
>> name to something else.
>
> Was the reason for this change that hashName("RSA
On Tue, 19 Oct 2021 15:48:57 GMT, Sean Mullan wrote:
>> src/java.base/share/classes/sun/security/util/AlgorithmDecomposer.java line
>> 196:
>>
>>> 194: static String canonicalName(String algorithm) {
>>> 195: return CANONICAL_NAME.getOrDefault(algorithm, algorithm);
>>> 196: }
>
On Tue, 19 Oct 2021 13:28:26 GMT, Aleksei Efimov wrote:
>> This change implements a new service provider interface for host name and
>> address resolution, so that java.net.InetAddress API can make use of
>> resolvers other than the platform's built-in resolver.
>>
>> The following API classes
On Tue, 19 Oct 2021 13:10:15 GMT, Weijun Wang wrote:
>> Hai-May Chao has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> Updated comment in test
>
> Approved the PR. Thanks. I have a small comment on the CSR.
@wangweij Updated the CSR with
> It'd be useful to have a -version option for keytool and jarsigner. Many
> other JDK tools already have a -version option. This is to add -version
> option to keytool and jarsigner like jar command does.
>
> CSR review:
> https://bugs.openjdk.java.net/browse/JDK-8275174
Hai-May Chao has updat
On Tue, 19 Oct 2021 13:10:15 GMT, Weijun Wang wrote:
>> Hai-May Chao has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> Updated comment in test
>
> Approved the PR. Thanks. I have a small comment on the CSR.
@wangweij Thanks for reviewing
On Thu, 5 Aug 2021 20:10:44 GMT, Weijun Wang wrote:
> New `Subject` APIs `current()` and `callAs()` are created to be replacements
> of `getSubject()` and `doAs()` since the latter two methods are now
> deprecated for removal.
>
> In this implementation, by default, `current()` returns the sam
On Wed, 18 Aug 2021 15:01:12 GMT, Sean Mullan wrote:
>> New `Subject` APIs `current()` and `callAs()` are created to be replacements
>> of `getSubject()` and `doAs()` since the latter two methods are now
>> deprecated for removal.
>>
>> In this implementation, by default, `current()` returns t
On Thu, 5 Aug 2021 20:10:44 GMT, Weijun Wang wrote:
> New `Subject` APIs `current()` and `callAs()` are created to be replacements
> of `getSubject()` and `doAs()` since the latter two methods are now
> deprecated for removal.
>
> In this implementation, by default, `current()` returns the sam
New `Subject` APIs `current()` and `callAs()` are created to be replacements of
`getSubject()` and `doAs()` since the latter two methods are now deprecated for
removal.
In this implementation, by default, `current()` returns the same value as
`getSubject(AccessController.getCurrent())` and `cal
On Tue, 19 Oct 2021 15:26:52 GMT, Sean Mullan wrote:
>> src/java.base/share/classes/sun/security/util/AlgorithmDecomposer.java line
>> 48:
>>
>>> 46:"SHA-384", "SHA384", "SHA-512", "SHA512", "SHA-512/224",
>>> 47:"SHA512/224", "SHA-512/256", "SHA512/256");
>>> 48
On Tue, 19 Oct 2021 14:34:25 GMT, Weijun Wang wrote:
>> This fix improves the exception message to better indicate when the key (and
>> not the signature algorithm) is restricted. This change also includes a few
>> other improvements:
>>
>> - The constraints checking in `AlgorithmChecker.check
On Wed, 13 Oct 2021 13:42:25 GMT, Sean Mullan wrote:
> This fix improves the exception message to better indicate when the key (and
> not the signature algorithm) is restricted. This change also includes a few
> other improvements:
>
> - The constraints checking in `AlgorithmChecker.check()` h
On Sun, 17 Oct 2021 21:39:06 GMT, Mark Sheppard wrote:
> I think that a hostname is constant while a host is up, but it can be
> changed, and when changed a host restart is required. I don't think it is
> quite as dynamic as has been suggested, but I open to correction.
It is possible to chang
On Fri, 15 Oct 2021 17:19:26 GMT, Daniel Fuchs wrote:
>> Aleksei Efimov has updated the pull request incrementally with two
>> additional commits since the last revision:
>>
>> - Add @since tags to new API classes
>> - Add checks and test for empty stream resolver results
>
> test/lib/jdk/tes
On Fri, 15 Oct 2021 17:09:46 GMT, Daniel Fuchs wrote:
>> Aleksei Efimov has updated the pull request incrementally with two
>> additional commits since the last revision:
>>
>> - Add @since tags to new API classes
>> - Add checks and test for empty stream resolver results
>
> test/jdk/java/ne
> This change implements a new service provider interface for host name and
> address resolution, so that java.net.InetAddress API can make use of
> resolvers other than the platform's built-in resolver.
>
> The following API classes are added to `java.net.spi` package to facilitate
> this:
> -
On Fri, 15 Oct 2021 14:25:02 GMT, Daniel Fuchs wrote:
>> Aleksei Efimov has updated the pull request incrementally with two
>> additional commits since the last revision:
>>
>> - Add @since tags to new API classes
>> - Add checks and test for empty stream resolver results
>
> src/java.base/sh
On Tue, 19 Oct 2021 06:26:17 GMT, Hai-May Chao wrote:
>> It'd be useful to have a -version option for keytool and jarsigner. Many
>> other JDK tools already have a -version option. This is to add -version
>> option to keytool and jarsigner like jar command does.
>>
>> CSR review:
>> https://bu
On Tue, 19 Oct 2021 06:26:17 GMT, Hai-May Chao wrote:
>> It'd be useful to have a -version option for keytool and jarsigner. Many
>> other JDK tools already have a -version option. This is to add -version
>> option to keytool and jarsigner like jar command does.
>>
>> CSR review:
>> https://bu
30 matches
Mail list logo
