> In the SignatureUtil implementation, the checkName() requires
> case-insensitive input for "OID". However, the method is called before the
> case conversion, for example:
>
> sigName = checkName(sigName).toUpperCase(Locale.ENGLISH);
>
> This update also clean up redundant calls
On Wed, 23 Feb 2022 23:53:39 GMT, Weijun Wang wrote:
>> Xue-Lei Andrew Fan has updated the pull request incrementally with one
>> additional commit since the last revision:
>>
>> udpate return state as well
>
> src/java.base/share/classes/sun/security/util/SignatureUtil.java line 51:
>
>> 49
On Wed, 23 Feb 2022 23:41:36 GMT, Xue-Lei Andrew Fan wrote:
>> In the SignatureUtil implementation, the checkName() requires
>> case-insensitive input for "OID". However, the method is called before the
>> case conversion, for example:
>>
>> sigName = checkName(sigName).toUpperCa
> In the SignatureUtil implementation, the checkName() requires
> case-insensitive input for "OID". However, the method is called before the
> case conversion, for example:
>
> sigName = checkName(sigName).toUpperCase(Locale.ENGLISH);
>
> This update also clean up redundant calls
On Wed, 23 Feb 2022 22:41:10 GMT, Valerie Peng wrote:
>> In the SignatureUtil implementation, the checkName() requires
>> case-insensitive input for "OID". However, the method is called before the
>> case conversion, for example:
>>
>> sigName = checkName(sigName).toUpperCase(Loc
String.toUpperCase() is used in SSLCipher.java for debugging logging, which is
not necessary. See also comment in [this
PR](https://github.com/openjdk/jdk/pull/7583).
-
Commit messages:
- 8282320: Remove case conversion for debugging log in SSLCipher
Changes: https://git.openjdk.j
On Wed, 23 Feb 2022 19:25:10 GMT, Xue-Lei Andrew Fan wrote:
> In the SignatureUtil implementation, the checkName() requires
> case-insensitive input for "OID". However, the method is called before the
> case conversion, for example:
>
> sigName = checkName(sigName).toUpperCase(Lo
Hi,
Please review the implementation of RFC 8879, TLS Certificate Compression, in
JDK. The TLS Certificate Compression standard is an essential part for QUIC
connections and performance improvement for TLS connections. More details,
please refer to the [JEP](https://bugs.openjdk.java.net/brow
In the SignatureUtil implementation, the checkName() requires case-insensitive
input for "OID". However, the method is called before the case conversion, for
example:
sigName = checkName(sigName).toUpperCase(Locale.ENGLISH);
This update also clean up redundant calls to the checkN
On Wed, 23 Feb 2022 16:08:49 GMT, Xue-Lei Andrew Fan wrote:
> In the TlsChannelBinding.java implementation, the string operation is placed
> before the case conversion. The behavior may be not expected.
>
>
> String hashAlg = serverCertificate.getSigAlgName().
> - replace("SHA
On Wed, 23 Feb 2022 16:08:49 GMT, Xue-Lei Andrew Fan wrote:
> In the TlsChannelBinding.java implementation, the string operation is placed
> before the case conversion. The behavior may be not expected.
>
>
> String hashAlg = serverCertificate.getSigAlgName().
> - replace("SHA
On Wed, 23 Feb 2022 17:54:35 GMT, Valerie Peng wrote:
> Just wondering, have other JSSE source code been checked for same problem?
Thank you for the review.
I checked the JSSE implementation code, this is the only one I found so far. I
will check other components, and see if there is anything
On Wed, 23 Feb 2022 16:08:49 GMT, Xue-Lei Andrew Fan wrote:
> In the TlsChannelBinding.java implementation, the string operation is placed
> before the case conversion. The behavior may be not expected.
>
>
> String hashAlg = serverCertificate.getSigAlgName().
> - replace("SHA
On Fri, 4 Feb 2022 12:42:39 GMT, Lance Andersen wrote:
> Hi all,
>
> Please review the attached patch to address
>
> - That JarFile::getInputStream did not check for a null ZipEntry passed as a
> parameter
> - Have Zip/JarFile::getInputStream throw a ZipException in the event that an
> unexpe
In the TlsChannelBinding.java implementation, the string operation is placed
before the case conversion. The behavior may be not expected.
String hashAlg = serverCertificate.getSigAlgName().
- replace("SHA", "SHA-").toUpperCase(Locale.ENGLISH);
+ toUpperCase(Locale.ENGLI
On Wed, 23 Feb 2022 00:05:58 GMT, Xue-Lei Andrew Fan wrote:
> The String.toUpperCase() or String.toLowerCase() method is locale sensitive,
> and may produce unexpected results if used for strings that are intended to
> be interpreted locale independently. The use of the two methods had been
>
On Wed, 23 Feb 2022 14:51:45 GMT, Roger Riggs wrote:
> Locale.ROOT is preferred for locale independent uppercase and lowercase().
Yes, as the Locale.English has been used a lot. It may worthy another
enhancement to use Locale.ROOT in a separate PR.
> BTW, for the strings written to the SSLLog
On Wed, 23 Feb 2022 00:05:58 GMT, Xue-Lei Andrew Fan wrote:
> The String.toUpperCase() or String.toLowerCase() method is locale sensitive,
> and may produce unexpected results if used for strings that are intended to
> be interpreted locale independently. The use of the two methods had been
>
On Wed, 23 Feb 2022 00:05:58 GMT, Xue-Lei Andrew Fan wrote:
> The String.toUpperCase() or String.toLowerCase() method is locale sensitive,
> and may produce unexpected results if used for strings that are intended to
> be interpreted locale independently. The use of the two methods had been
>
On Tue, 22 Feb 2022 22:05:32 GMT, Lance Andersen wrote:
>> Hi all,
>>
>> Please review the attached patch to address
>>
>> - That JarFile::getInputStream did not check for a null ZipEntry passed as a
>> parameter
>> - Have Zip/JarFile::getInputStream throw a ZipException in the event that an
The last replace seems a bit strange, I would expect it should first normalize
the case and then the hyphen, otherwise it won’t match the replace?
Looks to me like not using toUpperCase in the trace messages would be more
efficient and produces shorter code.
Isn’t it customary to use the ROOT l
21 matches
Mail list logo
