On Mon, 9 May 2022 19:38:36 GMT, Daniel Jeliński wrote:
> When a TLS server resumes a session from a stateless session ticket, it
> populates the `SSLSessionImpl`'s `localCerts` and `peerCerts` fields with
> certificates deserialized from the session ticket. These certificates are
> often the
On Wed, 11 May 2022 22:49:02 GMT, Anthony Scarpino
wrote:
>> src/java.base/share/classes/javax/net/ssl/SSLEngine.java line 677:
>>
>>> 675: * @see #unwrap(ByteBuffer, ByteBuffer[], int, int)
>>> 676: *
>>> 677: * @implNote The data in {@code src} may be modified during the
>
On Mon, 9 May 2022 19:38:36 GMT, Daniel Jeliński wrote:
> When a TLS server resumes a session from a stateless session ticket, it
> populates the `SSLSessionImpl`'s `localCerts` and `peerCerts` fields with
> certificates deserialized from the session ticket. These certificates are
> often the
> This change refactors the PBES2Core and PKCS12PBECipherCore classes in SunJCE
> provider as requested in the bug record. Functionality should remain the same
> with a clearer and simplified code/control flow with less lines of code.
> This should improve readability and maintenance. I enhance
On Wed, 11 May 2022 23:45:00 GMT, Weijun Wang wrote:
>> Valerie Peng has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> Changed to extend various CipherSpi implementations.
>
> src/java.base/share/classes/com/sun/crypto/provider/PKCS12PBECi
> This change refactors the PBES2Core and PKCS12PBECipherCore classes in SunJCE
> provider as requested in the bug record. Functionality should remain the same
> with a clearer and simplified code/control flow with less lines of code.
> This should improve readability and maintenance. I enhance
On Wed, 11 May 2022 15:55:40 GMT, Mat Carter wrote:
> @christophbrejla - my goal is to backport to latest (18 or 19), 17 and 11
Then please add the versions to the "Fix Version(s)" field of the CSR. There
are also some questions waiting for you in the comment there.
-
PR: https://
On Wed, 11 May 2022 22:35:32 GMT, Weijun Wang wrote:
> Add missing OIDs for 2 secret key algorithms. These will be used when storing
> secret keys in a PKCS12 keystore. Like DES and DESede, the OIDs were
> originally defined for CBC mode cipher algorithms, they are reused here for
> key algori
On Thu, 12 May 2022 00:21:34 GMT, Valerie Peng wrote:
>> This is to update the method javadoc of
>> java.security.Signature.getParameters() with the missing `@throws
>> UnsupportedOperationException`. In addition, the wording on the returned
>> parameters are updated to match those in Cipher a
On Wed, 11 May 2022 22:35:32 GMT, Weijun Wang wrote:
> Add missing OIDs for 2 secret key algorithms. These will be used when storing
> secret keys in a PKCS12 keystore. Like DES and DESede, the OIDs were
> originally defined for CBC mode cipher algorithms, they are reused here for
> key algori
> This is to update the method javadoc of
> java.security.Signature.getParameters() with the missing `@throws
> UnsupportedOperationException`. In addition, the wording on the returned
> parameters are updated to match those in Cipher and CipherSpi classes.
>
> CSR will be filed later.
>
> Th
On Wed, 11 May 2022 22:02:42 GMT, Valerie Peng wrote:
>> This change refactors the PBES2Core and PKCS12PBECipherCore classes in
>> SunJCE provider as requested in the bug record. Functionality should remain
>> the same with a clearer and simplified code/control flow with less lines of
>> code.
> This code change allows one entering "." at a distinguished name prompt to
> skip a sub-component when running `keytool -genkeyapir`. Several new resource
> strings are added.
>
> There is no detailed description in `keytool.html`, so I think there's no
> need to update it.
>
> I'll file a C
On Wed, 11 May 2022 00:31:23 GMT, Bradford Wetmore wrote:
>> Hi,
>>
>> I need a review of this fix to allow a read-only 'src' buffer to be used
>> with SSLEngine.unwrap(). A temporary read-write buffer is created in the
>> SSLCipher operation when a read-only buffer is passed. If the 'src' is
On Wed, 11 May 2022 21:55:45 GMT, Weijun Wang wrote:
> This code change allows one entering "." at a distinguished name prompt to
> skip a sub-component when running `keytool -genkeyapir`. Several new resource
> strings are added.
>
> There is no detailed description in `keytool.html`, so I th
On Wed, 11 May 2022 22:37:18 GMT, Jamil Nimeh wrote:
>> This code change allows one entering "." at a distinguished name prompt to
>> skip a sub-component when running `keytool -genkeyapir`. Several new
>> resource strings are added.
>>
>> There is no detailed description in `keytool.html`, so
On Wed, 11 May 2022 21:55:45 GMT, Weijun Wang wrote:
> This code change allows one entering "." at a distinguished name prompt to
> skip a sub-component when running `keytool -genkeyapir`. Several new resource
> strings are added.
>
> There is no detailed description in `keytool.html`, so I th
On Wed, 11 May 2022 05:52:38 GMT, Xue-Lei Andrew Fan wrote:
>> Hi,
>>
>> I need a review of this fix to allow a read-only 'src' buffer to be used
>> with SSLEngine.unwrap(). A temporary read-write buffer is created in the
>> SSLCipher operation when a read-only buffer is passed. If the 'src' i
On Wed, 11 May 2022 21:55:45 GMT, Weijun Wang wrote:
> This code change allows one entering "." at a distinguished name prompt to
> skip a sub-component when running `keytool -genkeyapir`. Several new resource
> strings are added.
>
> There is no detailed description in `keytool.html`, so I th
Add missing OIDs for 2 secret key algorithms. These will be used when storing
secret keys in a PKCS12 keystore. Like DES and DESede, the OIDs were originally
defined for CBC mode cipher algorithms, they are reused here for key algorithms.
OpenSSL uses the same OIDs for cipher algorithms.
1 3 6
On Mon, 9 May 2022 23:48:24 GMT, Bradford Wetmore wrote:
>> Hi,
>>
>> I need a review of this fix to allow a read-only 'src' buffer to be used
>> with SSLEngine.unwrap(). A temporary read-write buffer is created in the
>> SSLCipher operation when a read-only buffer is passed. If the 'src' is
On Tue, 10 May 2022 20:38:31 GMT, Sean Mullan wrote:
>> Valerie Peng has updated the pull request with a new target base due to a
>> merge or a rebase. The incremental webrev excludes the unrelated changes
>> brought in by the merge/rebase. The pull request contains five additional
>> commits
> Anyone can help review this javadoc update? The main change is the wording
> for the method javadoc of
> Cipher.getParameters()/CipherSpi.engineGetParameters(). The original wording
> is somewhat restrictive and request is to broaden this to accommodate more
> scenarios such as when null can
On Mon, 9 May 2022 23:15:40 GMT, Bradford Wetmore wrote:
>> Hi,
>>
>> I need a review of this fix to allow a read-only 'src' buffer to be used
>> with SSLEngine.unwrap(). A temporary read-write buffer is created in the
>> SSLCipher operation when a read-only buffer is passed. If the 'src' is
On Tue, 10 May 2022 20:42:55 GMT, Sean Mullan wrote:
>> Valerie Peng has updated the pull request with a new target base due to a
>> merge or a rebase. The incremental webrev excludes the unrelated changes
>> brought in by the merge/rebase. The pull request contains four additional
>> commits
> This change refactors the PBES2Core and PKCS12PBECipherCore classes in SunJCE
> provider as requested in the bug record. Functionality should remain the same
> with a clearer and simplified code/control flow with less lines of code.
> This should improve readability and maintenance. I enhance
This code change allows one entering "." at a distinguished name prompt to skip
a sub-component when running `keytool -genkeyapir`. Several new resource
strings are added.
There is no detailed description in `keytool.html`, so I think there's no need
to update it.
I'll file a CSR to describe t
On Wed, 11 May 2022 14:57:16 GMT, Claes Redestad wrote:
> #8599 would add a new warning. This address the conversions in the
> microbenchmark component by means of making the types precise or adding
> explicit casts. There's quite a few changes in the ByteBuffers benchmarks,
> but the real cha
On Wed, 11 May 2022 16:39:18 GMT, Aleksey Shipilev wrote:
> > Thanks for reviewing. I'll let the GHA tests complete and integrate this
> > tomorrow if all is clear.
>
> I don't think GHA builds any microbenchmarks (because JMH is not enabled
> there), so there is no point to wait for those.
G
On Wed, 11 May 2022 04:05:27 GMT, Weijun Wang wrote:
>> It's possible, more refactoring would be needed and not necessarily less
>> lines of code. With your suggested change, the caller has to explicitly
>> destroy the derived key after the cipher.engineInit() call. This would be
>> repeated i
On Wed, 11 May 2022 16:30:41 GMT, Roger Riggs wrote:
>> PR#8599 8244681: proposes to add compiler warnings for possible lossy
>> conversions
>> From the CSR:
>>
>> "If the type of the right-hand operand of a compound assignment is not
>> assignment compatible with the type of the variable, a c
On Wed, 11 May 2022 16:30:41 GMT, Roger Riggs wrote:
>> PR#8599 8244681: proposes to add compiler warnings for possible lossy
>> conversions
>> From the CSR:
>>
>> "If the type of the right-hand operand of a compound assignment is not
>> assignment compatible with the type of the variable, a c
On Wed, 11 May 2022 16:00:42 GMT, Claes Redestad wrote:
> Thanks for reviewing. I'll let the GHA tests complete and integrate this
> tomorrow if all is clear.
I don't think GHA builds any microbenchmarks (because JMH is not enabled
there), so there is no point to wait for those.
-
On Wed, 11 May 2022 15:50:40 GMT, Claes Redestad wrote:
>> #8599 would add a new warning. This address the conversions in the
>> microbenchmark component by means of making the types precise or adding
>> explicit casts. There's quite a few changes in the ByteBuffers benchmarks,
>> but the real
> PR#8599 8244681: proposes to add compiler warnings for possible lossy
> conversions
> From the CSR:
>
> "If the type of the right-hand operand of a compound assignment is not
> assignment compatible with the type of the variable, a cast is implied and
> possible lossy conversion may silently
On Wed, 11 May 2022 15:50:40 GMT, Claes Redestad wrote:
>> #8599 would add a new warning. This address the conversions in the
>> microbenchmark component by means of making the types precise or adding
>> explicit casts. There's quite a few changes in the ByteBuffers benchmarks,
>> but the real
On Mon, 9 May 2022 19:38:36 GMT, Daniel Jeliński wrote:
> When a TLS server resumes a session from a stateless session ticket, it
> populates the `SSLSessionImpl`'s `localCerts` and `peerCerts` fields with
> certificates deserialized from the session ticket. These certificates are
> often the
On Wed, 11 May 2022 15:50:40 GMT, Claes Redestad wrote:
>> #8599 would add a new warning. This address the conversions in the
>> microbenchmark component by means of making the types precise or adding
>> explicit casts. There's quite a few changes in the ByteBuffers benchmarks,
>> but the real
On Tue, 10 May 2022 18:55:50 GMT, Mat Carter wrote:
>> On Windows you can now access the local machine keystores using the strings
>> "Windows-MY-LOCALMACHINE" and "Windows-ROOT-LOCALMACHINE"; note the
>> application requires admin privileges.
>>
>> "Windows-MY" and "Windows-ROOT" remain uncha
On Tue, 10 May 2022 23:17:54 GMT, Mat Carter wrote:
>> test/jdk/sun/security/mscapi/AllTypes.java line 60:
>>
>>> 58: return true;
>>> 59: } catch (IOException ioe) {
>>> 60: if
>>> (ioe.getMessage().trim().endsWith("java.security.KeyStoreException: Access
>>> i
> On Windows you can now access the local machine keystores using the strings
> "Windows-MY-LOCALMACHINE" and "Windows-ROOT-LOCALMACHINE"; note the
> application requires admin privileges.
>
> "Windows-MY" and "Windows-ROOT" remain unchanged, however given these
> original keystore strings mapp
On Wed, 11 May 2022 15:21:51 GMT, Aleksey Shipilev wrote:
>> Claes Redestad has updated the pull request incrementally with one
>> additional commit since the last revision:
>>
>> Copyrights, consistently use the exact accumulator type
>
> test/micro/org/openjdk/bench/vm/compiler/PointerBench
On Wed, 11 May 2022 15:47:29 GMT, Claes Redestad wrote:
>> #8599 would add a new warning. This address the conversions in the
>> microbenchmark component by means of making the types precise or adding
>> explicit casts. There's quite a few changes in the ByteBuffers benchmarks,
>> but the real
> #8599 would add a new warning. This address the conversions in the
> microbenchmark component by means of making the types precise or adding
> explicit casts. There's quite a few changes in the ByteBuffers benchmarks,
> but the real change is in the template as these are generated.
>
> I've r
On Wed, 11 May 2022 14:57:16 GMT, Claes Redestad wrote:
> #8599 would add a new warning. This address the conversions in the
> microbenchmark component by means of making the types precise or adding
> explicit casts. There's quite a few changes in the ByteBuffers benchmarks,
> but the real cha
#8599 would add a new warning. This address the conversions in the
microbenchmark component by means of making the types precise or adding
explicit casts. There's quite a few changes in the ByteBuffers benchmarks, but
the real change is in the template as these are generated.
I've run through a
On Wed, 11 May 2022 05:53:21 GMT, Xue-Lei Andrew Fan wrote:
>> Hi,
>>
>> May I have this simple example update in the KeyStore specification?
>>
>> Password protection should be destroyed in the example code in KeyStore
>> specification. Otherwise, applications may just copy and past the code,
On Tue, 10 May 2022 23:01:33 GMT, Roger Riggs wrote:
>> PR#8599 8244681: proposes to add compiler warnings for possible lossy
>> conversions
>> From the CSR:
>>
>> "If the type of the right-hand operand of a compound assignment is not
>> assignment compatible with the type of the variable, a c
48 matches
Mail list logo
