The change does not seem to be related to your description, and the description
does not match the shown exception. In fact the example stacktrace contains the
authority value twice and your change adds a diagnostic which is not really
helpful for the case of the underscore? I would not be too s
Hello,
> Correct, it does enable access to certificates and keys that require next
> (second) generation,
That’s strange, I am quite sure I tried CNG RSA and EC Keys after OpenJDK
claimed to support it. So maybe there is more than one condition to it (or the
handle just works transparently reg
Hello Vitaly,
(Personal answer not affiliated with OpenJDK members)
I had also asked about this before, but there was no answer (which is however
not surprising, since it is the policy of OpenJDK and Oracle to not comment on
unfixed security issues).
My hope was, that by reporting it before th
Hello Michael,
thanks for the pointer, interesting read.
I think the key takeaway from that discussion is, that the Wycheproof Testcases
would have catched this problem and should probably be added to the OpenJDK
tests. (I wonder, does Google not run those in qualification builds?)
The disc
Just to add to the discussion some more, as I understand it the new (Graal
based?) multi language environment running inside a Oracle database is exactly
what others want to do here: multimtenant untrusted code execution inside a
bigger application.
There are a number of complications here, fir
Hello,
I dont agree with the statement that this can be solved on higher level.
(Unless higher level means move away from existing architectures which is
perfectly fine for some workloads but not for all)
IMHO Infrastructure to enforce on lower level is needed either for traditional
sandboxing
Hello,
For multiple connections session- or ticket reuse would be much more efficient.
In fact I think cert compression looks like the wrong solution. Having a
immutable certificate download Chain would be a cool alternative solution -
especially with future large postquantumcrypto certificates
://bernd.eckenfels.net
From: Wei-Jun Wang
Sent: Monday, April 11, 2022 8:45:12 PM
To: Mat Carter
Cc: Bernd Eckenfels ; [email protected]
Subject: Re: Proposal: Extend Windows KeyStore support to include access to the
local machine location
Sorry for the late
Hello,
I think this proposal be very powerful, it allows completely new models (like
custom sandboxed VMs) while still removing many of the complicated classes.
I am all for it, but it does limit the actual work saved since the doPriveleged
and checkPermission sites are the thing which is the a
BTW, since this is Windows specific anyway and since we have also a combining
virtual Keystore, why not allow a new naming scheme which allows to access any
of the Keystores? like “Windows-ROOT/ADdressbook”?
Gruss
Bernd
--
http://bernd.eckenfels.net
Von: securit
://bernd.eckenfels.net
Von: Anthony Scarpino
Gesendet: Monday, March 28, 2022 6:31:29 AM
An: Anders Rundgren
Cc: Bernd Eckenfels ; [email protected]
Betreff: Re: [Internet]Re: "Pluggable" key serialization in JCE/JCA
Thanks for all the info. We
Just for completeness, the standard for key transport in JOSE is JWK (RFC7517).
In COSE it is a COSE_Key(Set) as defined in RFC8152 sect13.
BTW the most widely used CBOR/COSE application are probably the QR codes around
Covid and Vaccination certificates of the EU.
Gruss
Bernd
--
http://bernd.e
The last replace seems a bit strange, I would expect it should first normalize
the case and then the hyphen, otherwise it won’t match the replace?
Looks to me like not using toUpperCase in the trace messages would be more
efficient and produces shorter code.
Isn’t it customary to use the ROOT l
hem and why
nobody mentioned them in the log4shell discussions yet.
Gruss
Bernd
--
http://bernd.eckenfels.net
Von: security-dev im Auftrag von Bernd
Eckenfels
Gesendet: Monday, December 13, 2021 7:28:53 AM
An: [email protected]
Betreff: Why no
Hello,
I can understand that ldapcontext.lookup() still has to use unsafe
deserialisation for legacy reasons (JMS factories etc). But it would be really
good if there would be a bit more infra like a killswitch or url-prefix filter
JNDI for those who don’t need that.
It was a rather damaging m
Rick if you fear an attacker can modify and install a JAR with a broken
signature which you don’t trust anyway, what should stop the attacker to
provide a valid but untrusted signature or no checksums at all? It might be a
undesirable change for your case but I see no trustmodel where you would
This should also answer your other Question, if you Register a Provider (like bouncycastle) it should actually provide such curves via the JCE interface. I am not Aware of Bugs in this area (but on the other Hand besides some stupid EA-agency requirements for brainpool curves nobody in their Right
Hello, sorry for being unpopular, but I just hate it to waste developer
resources,
I realy think this deprecation message should be re-considered, it broke a lot
of things, the amount of work to implement a caching solution feels like a
waste of time and on top of it, there is no clear replacem
Is it possible to redirect those vm messages with unified logging or vm-error
files or similar command line flags to the launcher to keep stdout/stderr clean?
Gruss
Bernd
--
http://bernd.eckenfels.net
Von: security-dev im Auftrag von Sean
Mullan
Gesendet: Monda
Hello,
I have to agree with Peter here, we do remove a very valuable asset of the JVM
platform. It might not easy to be used and not the most popular technology, but
after all it was in the DNA of Java. In this JEP/Discussion there is not a
single hesitation to remove it. Please tell me you tr
Just to add another point to this. Today it is quite hard to use operating
system facilities like chroot/jails, security tokens, seteuid, dropping
priveledges or switching Security tokens which would allow to limit or escalate
priveledges in an OS enforced manor. If we would have a bit more supp
It is nest to post the verbatim error message and maybe also the URL to
reproduce. But if you notice a sudden change in behavior and the cert is not
expired, then it’s likely a server-side change. Did you try to connect with
browser and OpenSSl cli?
You can debug JSSE connections but the except
Hello,
I like the API, it is useful, however not enough to replace the defaultCharset
once the Change to UTF8 is done. You still need a way to query the platforms
file encoding (especially on Windows).
Also I wonder if the Javadoc needs to discuss platform aspects of console,
especially System
Hello,
I agree with the need for such a facility.
Instead, or in addition to a key log a session handshake listener with access
to the handshake result (and the master key) would also be useful for auditing,
renegotiation limiting and key logging. It can even be used for things like
priming in
Hello,
Actually, in HTML was a separator, and in xhtml it should enclose
paragraphs. However I was under the impression Javadoc always used the
separator style (it would be strange to start the first sentence in Javadoc
with . Is this doccheck enforcing a new policy?
This officially Oracle gu
Hello,
I wanted to mention again, that all those System property configurations are
good, especially to resolve the update pains, but not really useful if you want
to make configurations on a per-connection base. If you have to support
multiple partners it can be a real pain to setup a common f
Hello Alan, I don’t think this is a Java vulnerability (but something Java
application programmers have to deal with), that’s why I sent it to the mailing
list (for lack of better channels).
Still there is a lesson to learn, we have two different windows file Name
parsing behaviors in the openj
BTW stupid - somewhat related - question, why does the nonce to be parsed out
of a DER blob, shouldn’t there be an getter on the Parameter Spec object? Many
protocols would need the raw array, is there a matching spec - or should we add
one?
Gruss
Bernd
--
http://bernd.eckenfels.net
___
Hello,
It is a bit unfortunate but the JCE Codesigning Roots are not part of the
cacerts file. They are hardcoded in the Oracle JDK and not present in OpenJDK
as far as I understand it.
It is documented here, that those CAs are not available for general deployments:
https://www.oracle.com/java/
Hello,
Not sure if it is needed to implement a new RandumGenerator interface instead
of extending SecureRandom, but the extensions and the discovery mechanism looks
good.
One thing I am wondering about is if reseed() and reseed(Param) should be part
of the new RandomGenerator interface as well
Hello,
I would agree with this request, my usecase would be to use a HSM, where I
typically don’t want to import keys but generate them safely on the HSM so not
even admins have access to the key material ever (besides maybe having a key
handle to wrap it). Isn’t that what the KeyGen interface
I agree with that statement as an author of applications which have to connect
to a wide range of external systems with a wide range of libraries and
components. It should be configurable as a parameter on socket, session or
factory level.
I find a new API is more than welcome, especially if it
Jamil, just a folllw up, I noticed in the bug comets that there are multiple
conditions where boringSSL fails, seems like OpenJSSE somehow does not trigger
the fingerprint match w/ and w/o status request.
Gruss
Bernd
--
http://bernd.eckenfels.net
Von: Bernd
Hello Jamil,
Thanks for responding, you are correct, this system property resolves my
problem (on both the Oracle as well as Azure JRE).
There is however something fishy going on. With the OpenJSSE provider (as
provided by Zulu) the default for this option seems to be =true, as the
extension i
Hello,
Just a little update, after implementing a jarsigner -verify after each sign
operation and by retrying signatures when it fails, we could resolve the
problem, when signing 50 jars one or two failed with NullPointer and worked
after immediate retry.
Gruss
Bernd
--
https://bernd.eckenfels
Note that many browsers also download certs from the AIA and even "well known"
mechanisms. It won't help to access more truststores, that would be a function
you need to prove directly. Also the dynamic installation from Windows Updates
or offline from crypt32.dll is not triggered when only brow
Hello,
JCE implements the AESWrap cipher, but it's does not offer the KWP mode of NIST
800-38F. KW and KWP use the same wrapping algorithm W which is also used by
AESWrap, however do to different initialisation vectors the existing
implementation can not be used to implement the padded wrapping
Hello,
The change seems reasonable, but should there maybe a method to refresh
temporary keys used for those session tokens - I.e. "invalidate all" and link
to that so specific implementations are encourages to offer such an API.
Gruss
Bernd
--
http://bernd.eckenfels.net
___
LdapCtxt:
2568 /**
2569 * Sets the read timeout value
2570 */
2571 private void setChannelBindingType(String cbTypeProp) {
Not sure if that javadoc is the right one? And I also wonder if enforcing the
timeout is needed, and if yes if it should be documented why. Was not obv
Not completely sure about which of the involved apIs have what possible
extensions. Maybe we can somehow make two mechanisms one which is the
compatible default and one would be the rfc compliant method. Then SASL can be
configured and use different mechanism names with a new propert? That would
Hello,
I would agree with the interpretation that the NPE is not mandatory.
But even if we keep it, the actual problem in addAll() should be fixed? There
is no point in calling contains(null) on a SecureSet, right?
Gruss
Bernd
--
http://bernd.eckenfels.net
Von:
Hello Valerie.
In MacKAT 121 you would get a NPE if the catch prints the skip message,
probably needs an additional return; guard?
The BAOS default length change in parse() was not immediately clear to me?
(Maybe next s. Base64?)
BTW It is good to see that you also add truncated SHA512 variant
Hello Sean,
Are the separate entries for 3DES and DES needed or can they also be collapsed?
BTW i am always unsre about the interactions of setting the Protocol and the
enabled ciphers so I am in the habit to set the protocols before using
getEnabled or setting enabled ciphers. I guess it makes
Just a small addition, cause I found some more details (but still not enough).
there seems to be some precedence for tls-server-endpoint instead, which would
be I guess a bit easier to produce:
https://blogs.msdn.microsoft.com/openspecification/2013/03/26/ntlm-and-channel-binding-hash-aka-extend
could actually happen by extending GSS-SPNEGO, but that
would really be a strange layering of multiple security mechanisms.
Gruss
Bernd
--
http://bernd.eckenfels.net
Von: Weijun Wang
Gesendet: Dienstag, Februar 18, 2020 3:18 PM
An: Bernd Eckenfels
Cc: security-
an additional check condition if the new APIs are enough to
handle that.
Gruss
Bernd
--
http://bernd.eckenfels.net
Von: Michael Osipov <[email protected]>
Gesendet: Sunday, February 16, 2020 11:02:16 AM
An: Weijun Wang
Cc: Bernd Eckenfels ; securi
Von: Michael Osipov <[email protected]>
Gesendet: Sonntag, Januar 19, 2020 11:15 AM
An: Bernd Eckenfels
Cc: [email protected]
Betreff: Re: LDAP Channel Binding
Am 2020-01-19 um 08:02 schrieb Bernd Eckenfels:
> You said it is confusing, but the bug you mentioned
r 19, 2020 11:15 AM
An: Bernd Eckenfels
Cc: [email protected]
Betreff: Re: LDAP Channel Binding
Am 2020-01-19 um 08:02 schrieb Bernd Eckenfels:
> You said it is confusing, but the bug you mentioned is only a valid
> feature request, it does not talk about failing binds. I would
Von: Michael Osipov <[email protected]>
Gesendet: Saturday, January 18, 2020 9:39:08 PM
An: Bernd Eckenfels ; [email protected]
Betreff: Re: LDAP Channel Binding
Am 2020-01-16 um 11:32 schrieb Bernd Eckenfels:
> Hello,
>
> Some updates
Hello,
Some updates:
Microsoft moved their automatic update of the LDAP policies in Windows Server
updates to March 2020 (but still recommend to activate it earlier).
And I did some tests: when you turn on the mandatory LDAP Signing, then simple
binds or Digest-md5 binds over LDAP are rejected
versible (and a new password must be set).
Next will be testing with TLS (and channel binding) once I get the LDAP
certificate set up for this.
--
http://bernd.eckenfels.net
Von: Michael Osipov <[email protected]>
Gesendet: Mittwoch, Dezember 18, 2019 6:37 P
Here is a related bug
https://bugs.openjdk.java.net/browse/JDK-8208301 for ADFS.
Gruss
Bernd
--
http://bernd.eckenfels.net
Von: Bernd Eckenfels
Gesendet: Mittwoch, Dezember 18, 2019 4:29 AM
An: [email protected]
Betreff: Microsoft LDAP Channel
-kerberos/pull/92
Gruss
Bernd
--
http://bernd.eckenfels.net
Von: Michael Osipov <[email protected]>
Gesendet: Mittwoch, Dezember 18, 2019 6:37 PM
An: Bernd Eckenfels; [email protected]
Betreff: Re: Microsoft LDAP Channel Binding
Am 2019-12-18 um
Hello,
Microsoft just released an Security Advisory, announcing that upcoming Windows
Server Versions will turn on mandatory TLS Channel Binding (and turn off simple
binds with mandatory SASL signing) on LDAP Servers.
They also reminded Administrators to install the KB patch and turn the harden
Hello,
While it is probably a good thing to not use ECB I can imagine you actually
need it to implement single-block operations, so I am not sure if it’s a good
idea if any general purpose JVM does not provide AES/ECB or RSA/ECB? (Maybe a
new raw single block mode instead?)
For example TLS1.2
It would make sense to no longer calculate and print the timestamp in the debug
log if we don’t want it to be relied upon. This would be less missleading (and
mopst likely the shifting logic can be removed?)
--
http://bernd.eckenfels.net
Von: security-dev im A
0. After
> this brainpool support is integrated, it'll be easier to re-evaluate
> these.
>
>
> As for PKCS11, Tobias tested this against a 3rd party PKCS11 library and
> the result is positive if I recall correctly.
>
>
> Thanks,
> Valerie
>
>
> On
Also the `is*` prefix would point to a boolean, that’s maybe a cleaner data
type than a case sensitive string?
--
http://bernd.eckenfels.net
Von: security-dev im Auftrag von Xuelei
Fan
Gesendet: Montag, Juli 1, 2019 6:44 PM
An: [email protected]
B
Max, would it make sense to specify ` -csp "Microsoft Software Key Storage
Provider"` to make sure it stores the key in a CNG KSP? (I am not sure what the
default provider is). Also maybe make the key non-exportable to make sure
key-handles are actually used for the operations?
Gruss
Bernd
--
, April 18, 2019 10:34 AM
An: Bernd Eckenfels; [email protected]
Cc: [email protected]
Betreff: Re: Refresh cacert File?
Hi,
On Wed, 2019-04-17 at 22:43 +, Bernd Eckenfels wrote:
> hello,
>
> I think it was discussed on security-dev before but did not result
hello,
I think it was discussed on security-dev before but did not result in some
action as far as I understand it. Currently the „cacert“ file shipped with 8u
upstream builds is a bit outdated. It contains multiple expired certificates
and misses latest additions.
Also I noted there are mult
Just to state the obvious, the LD_PRELOAD risk does not go away when you don’t
use the feature. I think this scan result should be ignored (at best). It is
more a weakness of the Linux bintools/ld and not your extension.
(In normal usage there is no risk as an attacker who can modify the environ
Hello,
There are a few places where a synchronized method is freed up w/o new lock,
which is generally a good thing but I wonder if there is a justification
available why it is no problem (DTLSInputRecord vs. DTLSOutputRecord).
Is the DCL In EphemeralKepair Safe, I am not sure how arrays and no
Just to add another aspect to the discussion, there are at least 3 DLLs out
there which implement this functionality (Microsoft’s JDBC driver, jTDS driver
and Waffle) + commercial solutions as we have heared. All of them are used to
allow authenticating the current user against services (mostly
view Request, JDK-8163326, The default enabled cipher suites
should prefer forward secrecy
Hi,
I extended this CSR to cover more update, and update per the comments.
Please let me know your concerns by the end of March 21, 2019.
Thanks,
Xuelei
On 3/6/2019 3:41 PM, Bernd Eckenfels wrote:
> I am no
, the FIPS
provisions are more sad in that case…)
Gruss
Bernd
--
http://bernd.eckenfels.net
Von: Jamil Nimeh
Gesendet: Donnerstag, 14. März 2019 18:16
An: Bernd Eckenfels; OpenJDK Dev list
Betreff: Re: AW: RFR 8218723: SecretKeyFactory.getInstance( algo_,
provider_)ignoresthe provider argument
a JCE PBKDF2 on a JVM where BC FIPS
has higher prio would be wrong anyway.
I thin I havent seen what the case for the init falure in BC MAC was, is this
also key related?
Gruss
Bernd
--
http://bernd.eckenfels.net
Von: Jamil Nimeh
Gesendet: Donnerstag, 14. März 2019 17:18
An: Bernd Eckenfels
Looking at the patch it seems obvious that this functionality was intentional
at least for having a PKCS11 MAC. Do we really want to removbe that Option and
if yes des it require some form of aproval?
(I think the change is good in General but that case Needs to be decided).
Since this is relae
I am not clear on what would „preferred in current default context“ mean. Does
that mean it preferred the PFS ciphers anyway.. for suggested order in client
handshake? as server? And what would be the non-Default context. Is this „TLS“
context?
Gruss
Bernd
--
http://bernd.eckenfels.net
___
The OpenJDK JCA does not do provider signature checking. So you can install
your own providers and don’t need to sign them.
Gruss
Bernd
--
http://bernd.eckenfels.net
Von: security-dev im Auftrag von David
Penick
Gesendet: Montag, Februar 4, 2019 11:18 AM
An: s
Hello Sean,
Maybe you also want to change comment and name of the SUPPORTE_DDEFAULT Array
to „SUPPORTED_LIMITED“ since Unlimited is now Default?
private final static String[] ENABLED_DEFAULT
….
// supported ciphersuites using default JCE policy jurisdiction files
// AES/256 unavail
In a related matter, are the existing tests reliable to detect the Situation
(at least for the Default runtime/compiler behavior). i.e. are the testcases
covering stack Evaluation in a compiled context where EA would elimiiminate it?
Gruss
Bernd
--
http://bernd.eckenfels.net
Von: dean.l...@ora
Maybe a comment should point to the description of this pattern (if it
applies): https://www.oracle.com/technetwork/java/seccodeguide-139067.html#4-5
Gruss
Bernd
Gruss
Bernd
--
http://bernd.eckenfels.net
Von: security-dev im Auftrag von
Valerie Peng
Gesendet:
Actually I was referring to the property name in the issue, did not notice that
the description differs from the patch, sorry.
Gruss
Bernd
--
http://bernd.eckenfels.net
Woha, having a specific property named after an brand looks awfully specific
and even hostile. (Yes it can be removed in a future version when all existing
certs are expected to expire, but having code patches distributed for such
policy enforcement does look like a heavy gun)
Won’t it be a bet
Hello,
and to partially answer myself: the UnlockDiagnostics is needed for Java 9+
Gruss
Bernd
--
http://bernd.eckenfels.net
Von: Anthony Scarpino
Gesendet: Montag, 3. Dezember 2018 21:37
An: Bernd Eckenfels; [email protected]
Betreff: Re: AES ctr benchmark performance
Very slow
Gesendet: Montag, 3. Dezember 2018 21:37
An: Bernd Eckenfels; [email protected]
Betreff: Re: AES ctr benchmark performance
Very slow.. Roughly 181k ops/sec vs 6100 ops/sec, for 16k datasize.
As far as why there is a switch, mostly debugging or possible bugs in
hotspot that cause the
Quick Question, why did you Need to switch it on and out of curiosity how do
the times look like when you switch NI off?
Greetings
Bernd
--
http://bernd.eckenfels.net
Von: Anthony Scarpino
Gesendet: Montag, 3. Dezember 2018 21:13
An: Kasper Janssens; [email protected]
Betreff: Re: A
Hello,
What is the purpose of setting some of them to 0 twice? (It’s a new array which
should be all-0 anyway.)
+ for (int i = 1; i < 9 ; i++) {
+subkeyHtbl[2*i] = 0;
+subkeyHtbl[2*i+1] = 0;
+}
Also, is the subkeyH no longer be needed (or can be redesigned t
nicer validation reports without relying on the
message or Stacktraces.
Gruss
Bernd
--
http://bernd.eckenfels.net
Von: Seán Coffey
Gesendet: Freitag, November 16, 2018 5:15 PM
An: Bernd Eckenfels; [email protected]
Betreff: Re: RFR: 8213952: Relax DNSName
You could also add (a..b, false) and (.a, false), (a., false) to the testcases.
I noticed that there are different types of Exception messages (DNS name,
DNSName, DNS Name or name constrained, DNS name and SAN), would be good if all
of them have the same keyword?
Gruss
Bernd
--
http://bernd.eck
Hello,
I would agree ignoring an (conflicting) option adds confusion. When specifying
a curve is a new feature we don’t need to worry about beeing compatible,
therefore I would forbid mixing curve names and keysize at all (even when the
size matches).
I guess we cannot remove the option to on
http://cr.openjdk.java.net/~dlong/8212605/webrev.1/src/java.base/share/classes/java/security/AccessController.java.udiff.html
In checkContext should the security manager be null checked first instead of
last to optimize for the typical case? (If the side effects in that expression
are desired it
Thats very cool!
Maybe this is the right thread to discuss the future of the sun.security.x509
package.
Currently your implementation will only work if that package is exported. The
Depth of implementation of those classes however would be a nice Addition to an
(optional?) API.
Gruss
Bernd
-
It might not apply to this specific default but in the past DSA was often
chosen (over RSA) as a default as it was regarded as less suspicious to been
understood as an encryption capable algorithm (as opposed to RSA). But of
course that thinking was never correct and the justification for interp
What are the Hashes, signatures algorithms and key Sizes? Maybe one of the
newer security properties turning those off? Does it have a timestamp?
Gruss
Bernd
--
http://bernd.eckenfels.net
Von: -2123340816m Auftrag von
Gesendet: Freitag, Oktober 5, 2018 10:13 PM
An
Hello,
I think I missed it, but where is the conversion on BigInteger branching on key
material? Isn’t this only branching on effective constant values?
Or are you concerned about Spectre-type problems?
Besides that I totally agree on the idea of having a more secure implementation
which can b
There is another way, by reusing the existing security manager property with a
new keyword („default“ is already a well known value) one could implement the
stable suppression of the SM without actually needing a new property. It also
avoids unclear meaning of denied but specified SM:
java.secu
Hallo Sean,
The change looks fine to me, but if you have to roll another version maybe you
could add a comment on this line to explain its purpose. Since this line is
changed in the patch it would be a good time:
System.java:350
sm.checkPackageAccess("java.lang");
Is that some kind of warm-
I would expect you can actually store the key on a PKCS11 backed Keystore, what
would be the natural API (although it’s hard for the provider to implement it
if it can’t use temporary handles like this)
Gruss
Bernd
--
http://bernd.eckenfels.net
Von: -989298816m
Hello,
What also should be mentioned is that the old CAPI clients cannot access CNG
Keys. Which is especially a pity since only the new keys benefit from the
cryptographic process isolation (not to mention the confusion that it’s hard to
see which provide hosts them)
Gruss
Bernd
Gruss
Bernd
-
Just a FYI under Linux when you read from urandom the Linux kernel will always
XOR with random bytes generated with x64 rdrand instruction
(arch_get_random_lomg() - if supported). Since it is a XOR it does not have to
trust the quality of this black box hardware implementation.
I would not impl
Hello,
not a Reviewer, but some Questions on the CSR:
- Are there other CSRs for including in TLS?
- I also wonder if PKI (CA Signatures) will work out of the box then (OID
aliases?)
- Does PKCS11 require additional changes? (especially for the Government use
mentioned in the justification HSMs
Hello,
according to Snyk’s Zip Slip vulnerability report (the issue with file Name
traversal by extracted Archives) was also sent to Oracle and since
Java.util.zip.ZipEntry is a low-Level api the proper Action is changes to the
documentation.
https://github.com/snyk/zip-slip-vulnerability
I w
Jamil, I was wandering if you have performance test numbers to share yet? Do
you have an internal acceptance criteria for it? Do we expect it to beat
unaccelerated AES256-GCM or come close to CBC performance?
Gruss
Bernd
--
http://bernd.eckenfels.net
From: securi
You probably don’t want to hear that, but now is a good time to convert this
JNLP App into a stand alone Installer (possibly with updater).that will not
only allow you to ship a pre-configured and matching JRE, but it will also
solve the problem that you do not get javaws updates starting on Jan
Hello,
Is the following comment correct, it looks like it should read „with NUL
terminator“ instead?
// without a NULL terminator
Greetings
Bernd
Gruss
Bernd
--
http://bernd.eckenfels.net
From: security-dev on behalf of Weijun
Wang
Sent: Friday, April 27, 20
Hello,
I noticed that the OASIS draft for extending PKCS#11 with SHA-3 also specifies
new Mechanisms for SHAKE128/256. They introduce them as Key Derivation
functions.
I wonder if this would also be the way to introduce this into JCA, at the
moment XOFs have been a non-goal of JEP287, but ther
Hello Yogesh,
I am not sure it is a good method to learn from those test cases, I would start
from here:
https://docs.oracle.com/javase/tutorial/security/
But here you go, some of the openjdk included Tests for various security
aspects:
http://hg.openjdk.java.net/jdk/jdk/file/422615764e12/tes
I always thought the logic is ‚case insensitive substring of canonical name‘,
so it also works with things like ‚DHE‘ in ciphers. In that case ‚SHA‘ would
match SHA-1 as well as SHA-xxx.
Gruss
Bernd
--
http://bernd.eckenfels.net
From: security-dev on behalf of S
1 - 100 of 220 matches
Mail list logo
