Hi Martin,
Your arguments are the reasons why we use the principle of least
privilege. It creates a headache for attackers, similar to the
developer who's enabled SM for the first time and must manually add
every required permission for their software to function (who thought
that was a
On Thu, 28 Apr 2022 04:44:43 GMT, Xue-Lei Andrew Fan wrote:
>>> > What does it refer to with 'it'? Is 'it' refer to the implementation
>>> > generated parameter values?
>>>
>>> 'It' refers to the parameters containing all of the parameter values
>>> including the supplied ones and
On Wed, 27 Apr 2022 23:35:19 GMT, Valerie Peng wrote:
>> With Signature class, there is a caveat for EdDSA, the supplied parameters
>> are set but null is being returned when getParameters() is called. This is
>> currently covered by the condition `if the underlying signature
>>
On Thu, 28 Apr 2022 04:41:20 GMT, Xue-Lei Andrew Fan wrote:
>> Besides this Signature-specific condition, there is the common condition
>> where provider cannot (or do not) generate default parameter values. {@code
>> null} is used as the catch-all result, but as you said, describe various
>>
On Wed, 27 Apr 2022 22:56:08 GMT, Weijun Wang wrote:
> please change them to use `othervm`.
Thanks for the catch. Updated to use othervm.
-
PR: https://git.openjdk.java.net/jdk/pull/8136
> Please review the update to remove finalizer method in the java.security.jgss
> module. It is one of the efforts to clean up the use of finalizer method in
> JDK.
Xue-Lei Andrew Fan has updated the pull request incrementally with one
additional commit since the last revision:
change to
On Tue, 26 Apr 2022 21:02:49 GMT, Weijun Wang wrote:
> Only numbers from the same modular fields can be involved in arithmetic
> calculations. Add `assert` to guarantee this.
>
> Also, found one broken case and rewrote it.
This pull request has now been integrated.
Changeset: c1173c24
On Sat, 16 Apr 2022 15:45:21 GMT, Xue-Lei Andrew Fan wrote:
> Please review this password cleanup enhancement in the PasswordCallback
> implementation. This is one of the effort to clean up the buffered passwords.
>
> The PasswordCallback.setPassword() clones the password, but is not
> https://bugs.openjdk.java.net/browse/JDK-8285504
>
> JDK-8273046 is the umbrella bug for this bug. The changes were too large for
> a single code review, so it was decided to split into smaller chunks. This is
> one such chunk:
>
> open/src/java.base/share/classes/java/net
Mark Powers has
On Wed, 27 Apr 2022 23:24:57 GMT, Stuart Marks wrote:
>> I said "keys maintained", omitting "by this map" to finesse the question of
>> if the SimpleEntry class *is* a map, or is used to implement a map, etc. I
>> can change it to include "by this map" if the map/entry distinction is okay
>>
On Thu, 28 Apr 2022 01:31:13 GMT, Joe Darcy wrote:
>> To enable more complete doclint checking (courtesy @jonathan-gibbons),
>> please review this PR to add type-level @param tags where they are missing.
>>
>> To the maintainers of java.util.concurrent, those changes could be separated
>> out
> To enable more complete doclint checking (courtesy @jonathan-gibbons), please
> review this PR to add type-level @param tags where they are missing.
>
> To the maintainers of java.util.concurrent, those changes could be separated
> out in another bug if that would ease maintenance of that
Hello,
> Correct, it does enable access to certificates and keys that require next
> (second) generation,
That’s strange, I am quite sure I tried CNG RSA and EC Keys after OpenJDK
claimed to support it. So maybe there is more than one condition to it (or the
handle just works transparently
On Tue, 26 Apr 2022 22:55:29 GMT, Bradford Wetmore wrote:
> Two new constant fields `MGF1ParameterSpec.SHA512_224` and
> `MGF1ParameterSpec.SHA512_256` didn't have `@since 11` tag added as part of
> [JDK-8146293](https://bugs.openjdk.java.net/browse/JDK-8146293).
>
> This bug addresses this
On Wed, 27 Apr 2022 23:30:22 GMT, Valerie Peng wrote:
>> Can you clarify what is the A and B that you are referring to? The way I
>> read it, it has more than 2 conditions... So, best to clarify the conditions
>> first.
>> I see your point with the wording suggestion at the end. Was a bit
On Wed, 27 Apr 2022 23:19:56 GMT, Valerie Peng wrote:
>>> What does it refer to with 'it'? Is 'it' refer to the implementation
>>> generated parameter values?
>>
>> 'It' refers to the parameters containing all of the parameter values
>> including the supplied ones and provider-generated ones
On Wed, 27 Apr 2022 23:04:47 GMT, Joe Darcy wrote:
>> src/java.base/share/classes/java/util/AbstractMap.java line 601:
>>
>>> 599: * {@code Map.entrySet().toArray}.
>>> 600: *
>>> 601: * @param the type of keys maintained
>>
>> Please update to match java.util.Map, which says
On Wed, 27 Apr 2022 10:55:22 GMT, Daniel Fuchs wrote:
>> Joe Darcy has updated the pull request with a new target base due to a merge
>> or a rebase. The incremental webrev excludes the unrelated changes brought
>> in by the merge/rebase. The pull request contains three additional commits
>>
On Wed, 27 Apr 2022 23:15:41 GMT, Valerie Peng wrote:
>> src/java.base/share/classes/java/security/Signature.java line 1014:
>>
>>> 1012: * {@code AlgorithmParameters}. If the required
>>> 1013: * parameters were not supplied and the underlying signature
>>> implementation
>>> 1014:
> To enable more complete doclint checking (courtesy @jonathan-gibbons), please
> review this PR to add type-level @param tags where they are missing.
>
> To the maintainers of java.util.concurrent, those changes could be separated
> out in another bug if that would ease maintenance of that
On Wed, 27 Apr 2022 05:25:42 GMT, Xue-Lei Andrew Fan wrote:
>> Valerie Peng has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> Undo un-intentional changes.
>
> src/java.base/share/classes/java/security/Signature.java line 1012:
>
>> 1010:
On Wed, 27 Apr 2022 10:54:00 GMT, Daniel Fuchs wrote:
>> To enable more complete doclint checking (courtesy @jonathan-gibbons),
>> please review this PR to add type-level @param tags where they are missing.
>>
>> To the maintainers of java.util.concurrent, those changes could be separated
>>
On Wed, 27 Apr 2022 01:39:27 GMT, Stuart Marks wrote:
>> To enable more complete doclint checking (courtesy @jonathan-gibbons),
>> please review this PR to add type-level @param tags where they are missing.
>>
>> To the maintainers of java.util.concurrent, those changes could be separated
>>
On Tue, 26 Apr 2022 21:02:49 GMT, Weijun Wang wrote:
> Only numbers from the same modular fields can be involved in arithmetic
> calculations. Add `assert` to guarantee this.
>
> Also, found one broken case and rewrote it.
Changes look good
-
Marked as reviewed by ascarpino
On Wed, 27 Apr 2022 22:54:47 GMT, Valerie Peng wrote:
>> RSASSA-PSS always requires a user-provided params.
>>
>> I think one thing we can guarantee is that the default/random values
>> generated by the impl will never overwrite the user-provided ones, they will
>> only be supplemented. Also,
On Wed, 27 Apr 2022 21:24:43 GMT, Xue-Lei Andrew Fan wrote:
>> Please review the update to remove finalizer method in the
>> java.security.jgss module. It is one of the efforts to clean up the use of
>> finalizer method in JDK.
>
> Xue-Lei Andrew Fan has updated the pull request incrementally
On Wed, 27 Apr 2022 15:10:42 GMT, Weijun Wang wrote:
>> I searched about "and/or" and it is said that "or" covers "and". So,
>> "and/or" should just be "or".
>>
>> I am on the fence for requiring provider to generate default parameters
>> (using provider-specific or random values). Could
On Wed, 27 Apr 2022 19:33:37 GMT, Mat Carter wrote:
>> And also, is there a ReleaseString missing?
>
> Thanks for the feedback, I'm going to incorporate that into the PR
> And also, is there a ReleaseString missing?
Yes an error when I "patched" my repo, but based on the feedback there will no
On Wed, 27 Apr 2022 19:33:10 GMT, Weijun Wang wrote:
>> src/jdk.crypto.mscapi/windows/native/libsunmscapi/security.cpp line 487:
>>
>>> 485: // Check if private key available - client authentication
>>> certificate
>>> 486: // must have private key available.
>>> 487:
> Two new constant fields `MGF1ParameterSpec.SHA512_224` and
> `MGF1ParameterSpec.SHA512_256` didn't have `@since 11` tag added as part of
> [JDK-8146293](https://bugs.openjdk.java.net/browse/JDK-8146293).
>
> This bug addresses this issue.
Bradford Wetmore has updated the pull request
On Wed, 27 Apr 2022 17:25:52 GMT, Weijun Wang wrote:
> I see you are still using the 1st version of the `Cleaners.java` test which
> runs on Windows. Please update to the current version (I've updated the code
> in place).
Oops, I missed it. Updated.
-
PR:
> Please review the update to remove finalizer method in the java.security.jgss
> module. It is one of the efforts to clean up the use of finalizer method in
> JDK.
Xue-Lei Andrew Fan has updated the pull request incrementally with one
additional commit since the last revision:
renew the
On Wed, 27 Apr 2022 19:35:04 GMT, Sean Mullan wrote:
>> Please review these changes to add DES/3DES/MD5 to
>> `jdk.security.legacyAlgorithms` security property, and to add the legacy
>> algorithm constraint checking to `keytool` commands that are associated with
>> secret key entries stored
On Wed, 27 Apr 2022 19:12:37 GMT, Mark Powers wrote:
>> No problem.
>
> JDK-6725221 is about obtaining boolean properties, so not an exact match. The
> suggested change is so easy, I'm going to do it.
sun.security.action.GetPropertyAction::privilegedGetProperty doesn't trim the
return value.
On Wed, 27 Apr 2022 19:48:01 GMT, Valerie Peng wrote:
>>> As for the 2nd sentence, it boils down whether we requires provider to
>>> generate default parameters and return it when parameter is required.
>>> Existing javadoc states that null is returned when parameter is not
>>> required.
On Tue, 26 Apr 2022 19:26:41 GMT, Sean Mullan wrote:
>> I have filed the PR for the Signature at:
>> https://github.com/openjdk/jdk/pull/8396
>> Best to get it done along with this one.
>
>> As for the 2nd sentence, it boils down whether we requires provider to
>> generate default parameters
On Tue, 19 Apr 2022 16:08:28 GMT, Hai-May Chao wrote:
> Please review these changes to add DES/3DES/MD5 to
> `jdk.security.legacyAlgorithms` security property, and to add the legacy
> algorithm constraint checking to `keytool` commands that are associated with
> secret key entries stored in
On Wed, 27 Apr 2022 02:26:48 GMT, Bernd wrote:
>> On Windows you can now access the local machine keystores using the strings
>> "Windows-MY-LOCALMACHINE" and "Windows-ROOT-LOCALMACHINE"; note the
>> application requires admin privileges.
>>
>> "Windows-MY" and "Windows-ROOT" remain
On Wed, 27 Apr 2022 02:33:24 GMT, Bernd wrote:
>> src/jdk.crypto.mscapi/windows/native/libsunmscapi/security.cpp line 419:
>>
>>> 417: __leave;
>>> 418: }
>>> 419: if ((pszCertStoreLocation =
>>> env->GetStringUTFChars(jCertStoreLocation, NULL))
>>
>> Would it be
On Tue, 12 Apr 2022 19:03:40 GMT, Mat Carter wrote:
> On Windows you can now access the local machine keystores using the strings
> "Windows-MY-LOCALMACHINE" and "Windows-ROOT-LOCALMACHINE"; note the
> application requires admin privileges.
>
> "Windows-MY" and "Windows-ROOT" remain
On Tue, 19 Apr 2022 16:08:28 GMT, Hai-May Chao wrote:
> Please review these changes to add DES/3DES/MD5 to
> `jdk.security.legacyAlgorithms` security property, and to add the legacy
> algorithm constraint checking to `keytool` commands that are associated with
> secret key entries stored in
On Tue, 26 Apr 2022 22:08:42 GMT, Weijun Wang wrote:
>> Perhaps as part of
>> [JDK-6725221](https://bugs.openjdk.java.net/browse/JDK-6725221)?
>
> No problem.
JDK-6725221 is about obtaining boolean properties, so not an exact match. The
suggested change is so easy, I'm going to do it.
On Tue, 26 Apr 2022 19:09:46 GMT, Weijun Wang wrote:
>> Mark Powers has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> Alan Bateman comments
>
> src/java.base/share/classes/javax/net/ssl/TrustManagerFactory.java line 81:
>
>> 79:
On Wed, 27 Apr 2022 17:10:28 GMT, Bradford Wetmore wrote:
>> Two new constant fields `MGF1ParameterSpec.SHA512_224` and
>> `MGF1ParameterSpec.SHA512_256` didn't have `@since 11` tag added as part of
>> [JDK-8146293](https://bugs.openjdk.java.net/browse/JDK-8146293).
>>
>> This bug addresses
On Wed, 27 Apr 2022 16:22:38 GMT, Xue-Lei Andrew Fan wrote:
>> Please review this password cleanup enhancement in the PasswordCallback
>> implementation. This is one of the effort to clean up the buffered
>> passwords.
>>
>> The PasswordCallback.setPassword() clones the password, but is not
David,
I understand the reasons behind seeing authorization checks at the runtime
layer as something that just adds, without any harm in the worst case (all
of this putting the maintenance cost and other arguments aside.)
My concern is more about the general security principles underpinning the
On Wed, 27 Apr 2022 07:48:44 GMT, Xue-Lei Andrew Fan wrote:
>> Please review the update to remove finalizer method in the
>> java.security.jgss module. It is one of the efforts to clean up the use of
>> finalizer method in JDK.
>
> Xue-Lei Andrew Fan has updated the pull request incrementally
On Tue, 26 Apr 2022 21:02:49 GMT, Weijun Wang wrote:
> Only numbers from the same modular fields can be involved in arithmetic
> calculations. Add `assert` to guarantee this.
>
> Also, found one broken case and rewrote it.
Please update bug with applicable noreg label.
-
PR:
On Wed, 27 Apr 2022 13:08:03 GMT, Sean Mullan wrote:
>> Bradford Wetmore has updated the pull request incrementally with one
>> additional commit since the last revision:
>>
>> Missed one minor codereview suggestion.
>
> src/java.base/share/classes/java/security/spec/MGF1ParameterSpec.java
> Two new constant fields `MGF1ParameterSpec.SHA512_224` and
> `MGF1ParameterSpec.SHA512_256` didn't have `@since 11` tag added as part of
> [JDK-8146293](https://bugs.openjdk.java.net/browse/JDK-8146293).
>
> This bug addresses this issue.
Bradford Wetmore has updated the pull request
> Two new constant fields `MGF1ParameterSpec.SHA512_224` and
> `MGF1ParameterSpec.SHA512_256` didn't have `@since 11` tag added as part of
> [JDK-8146293](https://bugs.openjdk.java.net/browse/JDK-8146293).
>
> This bug addresses this issue.
Bradford Wetmore has updated the pull request
On Tue, 26 Apr 2022 19:08:50 GMT, Weijun Wang wrote:
>> Mark Powers has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> Alan Bateman comments
>
> src/java.base/share/classes/javax/net/ssl/SSLSocketFactory.java line 96:
>
>> 94:
On Wed, 27 Apr 2022 15:22:08 GMT, Mark Powers wrote:
>> src/java.base/share/classes/javax/net/ssl/SSLSessionBindingEvent.java line
>> 37:
>>
>>> 35: * {@link SSLSession#putValue(String, Object)}
>>> 36: * or {@link SSLSession#removeValue(String)}, objects which
>>> 37: * implement the
> Please review this password cleanup enhancement in the PasswordCallback
> implementation. This is one of the effort to clean up the buffered passwords.
>
> The PasswordCallback.setPassword() clones the password, but is not registered
> for cleanup. An application could call clearPassword()
On Wed, 27 Apr 2022 16:02:04 GMT, Roger Riggs wrote:
>> Xue-Lei Andrew Fan has updated the pull request incrementally with one
>> additional commit since the last revision:
>>
>> remove trailing whitespace
>
> test/jdk/javax/security/auth/callback/PasswordCallback/CheckCleanerBound.java
>
On Wed, 27 Apr 2022 16:16:18 GMT, Daniel Jeliński wrote:
>> Please review this follow up to #8349.
>>
>> As JCK pointed out, `permits` is supposed to throw IAE on null input.
>> However, now that we're looking up the result in a `ConcurrentHashMap`, a
>> `NullPointerException` is thrown. This
On Wed, 27 Apr 2022 15:37:27 GMT, Xue-Lei Andrew Fan wrote:
> Maybe, the checking could be placed in permits() method (line 158-173) so
> that it follows the spec, and easier to check.
Good point!
-
PR: https://git.openjdk.java.net/jdk/pull/8427
> Please review this follow up to #8349.
>
> As JCK pointed out, `permits` is supposed to throw IAE on null input.
> However, now that we're looking up the result in a `ConcurrentHashMap`, a
> `NullPointerException` is thrown. This patch restores the original behavior.
>
> Verified that the
On Wed, 27 Apr 2022 16:02:05 GMT, Xue-Lei Andrew Fan wrote:
>> Please review this password cleanup enhancement in the PasswordCallback
>> implementation. This is one of the effort to clean up the buffered
>> passwords.
>>
>> The PasswordCallback.setPassword() clones the password, but is not
> Please review this password cleanup enhancement in the PasswordCallback
> implementation. This is one of the effort to clean up the buffered passwords.
>
> The PasswordCallback.setPassword() clones the password, but is not registered
> for cleanup. An application could call clearPassword()
On Wed, 27 Apr 2022 14:03:15 GMT, Daniel Jeliński wrote:
> Please review this follow up to #8349.
>
> As JCK pointed out, `permits` is supposed to throw IAE on null input.
> However, now that we're looking up the result in a `ConcurrentHashMap`, a
> `NullPointerException` is thrown. This
On Wed, 27 Apr 2022 14:03:15 GMT, Daniel Jeliński wrote:
> Please review this follow up to #8349.
>
> As JCK pointed out, `permits` is supposed to throw IAE on null input.
> However, now that we're looking up the result in a `ConcurrentHashMap`, a
> `NullPointerException` is thrown. This
On Wed, 27 Apr 2022 13:44:14 GMT, Sean Mullan wrote:
>> Xue-Lei Andrew Fan has updated the pull request incrementally with one
>> additional commit since the last revision:
>>
>> rename and split the test case
>
> test/jdk/javax/security/auth/callback/PasswordCallback/PasswordCleanup.java
>
> Please review this password cleanup enhancement in the PasswordCallback
> implementation. This is one of the effort to clean up the buffered passwords.
>
> The PasswordCallback.setPassword() clones the password, but is not registered
> for cleanup. An application could call clearPassword()
On Tue, 26 Apr 2022 18:46:02 GMT, Bradford Wetmore wrote:
>> Mark Powers has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> Alan Bateman comments
>
> src/java.base/share/classes/javax/net/ssl/SSLSessionBindingEvent.java line 37:
>
>> 35:
On Wed, 27 Apr 2022 12:57:20 GMT, Weijun Wang wrote:
>> src/jdk.crypto.ec/share/classes/sun/security/ec/ECDSAOperations.java line
>> 261:
>>
>>> 259: IntegerModuloP result = p1.asAffine().getX();
>>> 260: b2a(result, orderField, temp1);
>>> 261: return
On Tue, 26 Apr 2022 21:02:49 GMT, Weijun Wang wrote:
> Only numbers from the same modular fields can be involved in arithmetic
> calculations. Add `assert` to guarantee this.
>
> Also, found one broken case and rewrote it.
Marked as reviewed by xuelei (Reviewer).
-
PR:
On Wed, 27 Apr 2022 00:35:49 GMT, Valerie Peng wrote:
>> src/java.base/share/classes/java/security/Signature.java line 1015:
>>
>>> 1013: * parameters were not supplied and the underlying signature
>>> implementation
>>> 1014: * can generate the parameter values, it will be returned.
Please review this follow up to #8349.
As JCK pointed out, `permits` is supposed to throw IAE on null input. However,
now that we're looking up the result in a `ConcurrentHashMap`, a
`NullPointerException` is thrown. This patch restores the original behavior.
Verified that the JCK test passes
On Tue, 26 Apr 2022 16:04:14 GMT, Xue-Lei Andrew Fan wrote:
>> Please review this password cleanup enhancement in the PasswordCallback
>> implementation. This is one of the effort to clean up the buffered
>> passwords.
>>
>> The PasswordCallback.setPassword() clones the password, but is not
On Wed, 27 Apr 2022 12:48:29 GMT, Sean Mullan wrote:
>> This change improves the specification for the case when a
>> `PKIXRevocationChecker` is supplied as one of the `CertPathChecker`
>> parameters. Specifically, it makes it more clear that a
>> `PKIXRevocationChecker` overrides the default
On Tue, 26 Apr 2022 22:55:29 GMT, Bradford Wetmore wrote:
> Two new constant fields `MGF1ParameterSpec.SHA512_224` and
> `MGF1ParameterSpec.SHA512_256` didn't have `@since 11` tag added as part of
> [JDK-8146293](https://bugs.openjdk.java.net/browse/JDK-8146293).
>
> This bug addresses this
On Wed, 27 Apr 2022 06:28:27 GMT, Xue-Lei Andrew Fan wrote:
>> Only numbers from the same modular fields can be involved in arithmetic
>> calculations. Add `assert` to guarantee this.
>>
>> Also, found one broken case and rewrote it.
>
>
> This change improves the specification for the case when a
> `PKIXRevocationChecker` is supplied as one of the `CertPathChecker`
> parameters. Specifically, it makes it more clear that a
> `PKIXRevocationChecker` overrides the default revocation checking mechanism
> of a PKIX service
On Wed, 27 Apr 2022 06:44:37 GMT, Xue-Lei Andrew Fan wrote:
>> This change improves the specification for the case when a
>> `PKIXRevocationChecker` is supplied as one of the `CertPathChecker`
>> parameters. Specifically, it makes it more clear that a
>> `PKIXRevocationChecker` overrides the
On Tue, 26 Apr 2022 22:24:26 GMT, Joe Darcy wrote:
> To enable more complete doclint checking (courtesy @jonathan-gibbons), please
> review this PR to add type-level @param tags where they are missing.
>
> To the maintainers of java.util.concurrent, those changes could be separated
> out in
On Tue, 26 Apr 2022 22:24:26 GMT, Joe Darcy wrote:
> To enable more complete doclint checking (courtesy @jonathan-gibbons), please
> review this PR to add type-level @param tags where they are missing.
>
> To the maintainers of java.util.concurrent, those changes could be separated
> out in
Hi Bernd, Vitaly,
Amazon Corretto [1] also includes the fixes for CVE-2018-25032. This
is our statement:
"Based upon our analysis, OpenJDK/Corretto is not affected by
CVE-2018-25032, because the zlib "memLevel" parameter is not settable
and is fixed at 8, and the usage of the Z_FIXED strategy is
> Please review the update to remove finalizer method in the java.security.jgss
> module. It is one of the efforts to clean up the use of finalizer method in
> JDK.
Xue-Lei Andrew Fan has updated the pull request incrementally with one
additional commit since the last revision:
Correct test
On Wed, 27 Apr 2022 07:11:16 GMT, Xue-Lei Andrew Fan wrote:
> Can you try out this test?
Awesome! Thank you!
-
PR: https://git.openjdk.java.net/jdk/pull/8136
On Tue, 26 Apr 2022 15:43:09 GMT, Weijun Wang wrote:
> Can you try out this test?
>
> ```
> diff --git a/test/jdk/sun/security/krb5/auto/Cleaners.java
> b/test/jdk/sun/security/krb5/auto/Cleaners.java
> new file mode 100644
> index 000..43f06cb9f60
> --- /dev/null
> +++
> Please review the update to remove finalizer method in the java.security.jgss
> module. It is one of the efforts to clean up the use of finalizer method in
> JDK.
Xue-Lei Andrew Fan has updated the pull request incrementally with one
additional commit since the last revision:
final pName
On Thu, 7 Apr 2022 20:17:28 GMT, Xue-Lei Andrew Fan wrote:
>> Please review the update to remove finalizer method in the SunJSSE provider
>> implementation. It is one of the efforts to clean up the use of finalizer
>> method in JDK.
>
> Xue-Lei Andrew Fan has updated the pull request
On Mon, 18 Apr 2022 13:35:25 GMT, Sean Mullan wrote:
> This change improves the specification for the case when a
> `PKIXRevocationChecker` is supplied as one of the `CertPathChecker`
> parameters. Specifically, it makes it more clear that a
> `PKIXRevocationChecker` overrides the default
On Tue, 26 Apr 2022 21:02:49 GMT, Weijun Wang wrote:
> Only numbers from the same modular fields can be involved in arithmetic
> calculations. Add `assert` to guarantee this.
>
> Also, found one broken case and rewrote it.
src/jdk.crypto.ec/share/classes/sun/security/ec/ECDSAOperations.java
On Tue, 26 Apr 2022 17:51:45 GMT, Valerie Peng wrote:
>> This is to update the method javadoc of
>> java.security.Signature.getParameters() with the missing `@throws
>> UnsupportedOperationException`. In addition, the wording on the returned
>> parameters are updated to match those in Cipher
86 matches
Mail list logo