On Fri, 10 Jun 2022 23:49:45 GMT, Hai-May Chao wrote:
> Please review the small fix in comment.
This pull request has now been integrated.
Changeset: f7a4be75
Author: Hai-May Chao
URL:
https://git.openjdk.org/jdk/commit/f7a4be75fbe9e703dea94459285c72094d4d8646
Stats: 1 line i
On Fri, 10 Jun 2022 23:53:37 GMT, Jie Fu wrote:
>> Please review the small fix in comment.
>
> Looks good and trivial.
> Thanks.
@DamonFool @wangweij Thanks for the review!
-
PR: https://git.openjdk.org/jdk/pull/9135
Please review the small fix in comment.
-
Commit messages:
- 8288270: Tier1 build failures after JDK-8287178
Changes: https://git.openjdk.org/jdk/pull/9135/files
Webrev: https://webrevs.openjdk.java.net/?repo=jdk=9135=00
Issue: https://bugs.openjdk.org/browse/JDK-8288270
On Fri, 10 Jun 2022 17:31:56 GMT, Rajan Halade wrote:
>> Hai-May Chao has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> Fixed copyright
>
> test/jdk/javax/crypto/CryptoPermissions/InconsistentEntries.
> Please review a small fix in CryptoPolicyParser class that it should not pass
> “processedPermissions” parameter by value.
> Ran MACH5 tier1 and tier2 without failures.
Hai-May Chao has updated the pull request incrementally with one additional
commit since the last revision:
Ma
> Please review a small fix in CryptoPolicyParser class that it should not pass
> “processedPermissions” parameter by value.
> Ran MACH5 tier1 and tier2 without failures.
Hai-May Chao has updated the pull request incrementally with one additional
commit since the last revision:
On Thu, 9 Jun 2022 21:00:55 GMT, Sean Mullan wrote:
>> Hai-May Chao has updated the pull request incrementally with two additional
>> commits since the last revision:
>>
>> - Inconsistent entries test
>> - Inconsistent entries test
>
> src/
On Tue, 7 Jun 2022 20:52:33 GMT, Hai-May Chao wrote:
>> Please review a small fix in CryptoPolicyParser class that it should not
>> pass “processedPermissions” parameter by value.
>> Ran MACH5 tier1 and tier2 without failures.
>
> Hai-May Chao has updated the pull reques
> Please review a small fix in CryptoPolicyParser class that it should not pass
> “processedPermissions” parameter by value.
> Ran MACH5 tier1 and tier2 without failures.
Hai-May Chao has updated the pull request incrementally with two additional
commits since the last
Please review a small fix in CryptoPolicyParser class that it should not pass
“processedPermissions” parameter by value.
Ran MACH5 tier1 and tier2 without failures.
-
Commit messages:
- 8286779: javax.crypto.CryptoPolicyParser#isConsistent always returns 'true'
Changes:
On Thu, 19 May 2022 02:01:55 GMT, Weijun Wang wrote:
>> Let ECDSA's `engineGetParameters()` always return null. At the same time,
>> remove the remembered `sigParams` field. One behavior change is that after
>> calling `setParameter()`, one can call `init()` again with a key using
>>
On Wed, 18 May 2022 22:27:18 GMT, Weijun Wang wrote:
>> Let ECDSA's `engineGetParameters()` always return null. At the same time,
>> remove the remembered `sigParams` field. One behavior change is that after
>> calling `setParameter()`, one can call `init()` again with a key using
>>
On Tue, 17 May 2022 19:56:22 GMT, Weijun Wang wrote:
> Let ECDSA's `engineGetParameters()` always return null. At the same time,
> remove the remembered `sigParams` field. One behavior change is that after
> calling `setParameter()`, one can call `init()` again with a key using
> different
On Sat, 14 May 2022 01:51:34 GMT, Hai-May Chao wrote:
> Please review the small change to add RC2 and ARCFOUR to
> jdk.security.legacyAlgorithms. So it enables keytool -genseckey, -list, and
> -importkeystore commands to warn users when RC2 or ARCFOUR algorithm is used.
This pull re
On Mon, 16 May 2022 17:17:24 GMT, Sean Mullan wrote:
>> Please review the small change to add RC2 and ARCFOUR to
>> jdk.security.legacyAlgorithms. So it enables keytool -genseckey, -list, and
>> -importkeystore commands to warn users when RC2 or ARCFOUR algorithm is used.
>
> Marked as
On Sat, 14 May 2022 01:51:34 GMT, Hai-May Chao wrote:
> Please review the small change to add RC2 and ARCFOUR to
> jdk.security.legacyAlgorithms. So it enables keytool -genseckey, -list, and
> -importkeystore commands to warn users when RC2 or ARCFOUR algorithm is used.
CSR is
Please review the small change to add RC2 and ARCFOUR to
jdk.security.legacyAlgorithms. So it enables keytool -genseckey, -list, and
-importkeystore commands to warn users when RC2 or ARCFOUR algorithm is used.
-
Commit messages:
- 8286090: Add RC2/RC4 to
On Wed, 11 May 2022 22:35:32 GMT, Weijun Wang wrote:
> Add missing OIDs for 2 secret key algorithms. These will be used when storing
> secret keys in a PKCS12 keystore. Like DES and DESede, the OIDs were
> originally defined for CBC mode cipher algorithms, they are reused here for
> key
On Wed, 11 May 2022 21:55:45 GMT, Weijun Wang wrote:
> This code change allows one entering "." at a distinguished name prompt to
> skip a sub-component when running `keytool -genkeyapir`. Several new resource
> strings are added.
>
> There is no detailed description in `keytool.html`, so I
On Tue, 19 Apr 2022 16:08:28 GMT, Hai-May Chao wrote:
> Please review these changes to add DES/3DES/MD5 to
> `jdk.security.legacyAlgorithms` security property, and to add the legacy
> algorithm constraint checking to `keytool` commands that are associated with
> secret key en
On Thu, 28 Apr 2022 13:47:05 GMT, Sean Mullan wrote:
>> Changes requested by mullan (Reviewer).
>
>> @seanjmullan Since we use symmetric keys to encrypt entries and add
>> integrity check, should this enhancement cover them as well? For example, if
>> a PKCS12 keystore is created with
On Tue, 3 May 2022 14:54:21 GMT, Hai-May Chao wrote:
>> src/java.base/share/classes/sun/security/tools/keytool/Main.java line 2196:
>>
>>> 2194:
>>> 2195: try {
>>> 2196: SecretKey secKey = (SecretKey) keyStore.getKey(alias,
re update.” from the existing
> warnings for the asymmetric keys/certificates.
> Will also file a CSR.
Hai-May Chao has updated the pull request incrementally with one additional
commit since the last revision:
Updated comment and getKeys()
-
Changes:
- all: https://git.o
On Wed, 4 May 2022 16:29:09 GMT, Sean Mullan wrote:
>> Hai-May Chao has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> Skip alg constraint check for PBE secret key entry
>
> src/java.base/share/classes/sun/se
On Mon, 25 Apr 2022 14:23:17 GMT, Xue-Lei Andrew Fan wrote:
>> Hi,
>>
>> Could I have the simple update reviewed?
>>
>> In the PKCS12 key store implementation, the PBEKeySpec.clearPassword()
>> should be called in a finally try block. Otherwise, the password cleanup
>> could be interrupted
re update.” from the existing
> warnings for the asymmetric keys/certificates.
> Will also file a CSR.
Hai-May Chao has updated the pull request incrementally with one additional
commit since the last revision:
Skip alg constraint check for PBE secret key entry
-
Changes:
re update.” from the existing
> warnings for the asymmetric keys/certificates.
> Will also file a CSR.
Hai-May Chao has updated the pull request incrementally with one additional
commit since the last revision:
Revert changes to StorePasswords.java
-
Changes:
- all: ht
On Tue, 3 May 2022 17:51:43 GMT, Weijun Wang wrote:
> Since `keytool -importpass` always uses `KeyFactory.getInstance("PBE")` to
> generate the secret key, and "PBE" is an alias of "PBEwithMD5andDES" inside
> the SunJCE security provider, its `getAlgorithm` is always `PBEwithMD5andDES`.
>
>
On Mon, 2 May 2022 15:08:17 GMT, Sean Mullan wrote:
>> Hai-May Chao has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> Updated spec in java.security
>
> src/java.base/share/classes/sun/security/tools/keytool/M
re update.” from the existing
> warnings for the asymmetric keys/certificates.
> Will also file a CSR.
Hai-May Chao has updated the pull request incrementally with one additional
commit since the last revision:
Update per review comments
-
Changes:
- all: https://git.o
On Mon, 2 May 2022 22:38:18 GMT, Weijun Wang wrote:
>> Hai-May Chao has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> Updated spec in java.security
>
> test/jdk/sun/security/tools/keytool/WeakSecret
On Fri, 29 Apr 2022 19:18:06 GMT, Sean Mullan wrote:
>> Hai-May Chao has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> Removed RC2 changes
>
> src/java.base/share/conf/security/java.security line 644:
re update.” from the existing
> warnings for the asymmetric keys/certificates.
> Will also file a CSR.
Hai-May Chao has updated the pull request incrementally with one additional
commit since the last revision:
Updated spec in java.security
-
Changes:
- all: https://git.o
re update.” from the existing
> warnings for the asymmetric keys/certificates.
> Will also file a CSR.
Hai-May Chao has updated the pull request incrementally with one additional
commit since the last revision:
Removed RC2 changes
-
Changes:
- all: https://git.openjdk.j
re update.” from the existing
> warnings for the asymmetric keys/certificates.
> Will also file a CSR.
Hai-May Chao has updated the pull request incrementally with one additional
commit since the last revision:
Removed bugid and updated property spec
-
Changes:
- all: ht
On Thu, 28 Apr 2022 06:46:35 GMT, Hai-May Chao wrote:
>> Please review these changes to add DES/3DES/MD5 to
>> `jdk.security.legacyAlgorithms` security property, and to add the legacy
>> algorithm constraint checking to `keytool` commands that are associated with
>> s
On Thu, 28 Apr 2022 13:25:13 GMT, Sean Mullan wrote:
>> Hai-May Chao has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> SecretKeyConstraintsParameters subclass created and property description
>> update
On Wed, 27 Apr 2022 19:35:04 GMT, Sean Mullan wrote:
>> Hai-May Chao has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> SecretKeyConstraintsParameters subclass created and property description
>> updated
&
On Wed, 27 Apr 2022 21:04:59 GMT, Weijun Wang wrote:
>> Changes requested by mullan (Reviewer).
>
> @seanjmullan Since we use symmetric keys to encrypt entries and add integrity
> check, should this enhancement cover them as well? For example, if a PKCS12
> keystore is created with
re update.” from the existing
> warnings for the asymmetric keys/certificates.
> Will also file a CSR.
Hai-May Chao has updated the pull request incrementally with one additional
commit since the last revision:
SecretKeyConstraintsParameters subclass created and property descripti
On Wed, 27 Apr 2022 19:34:04 GMT, Sean Mullan wrote:
>> Hai-May Chao has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> SecretKeyConstraintsParameters subclass created and property description
>> updated
&
On Wed, 27 Apr 2022 12:48:29 GMT, Sean Mullan wrote:
>> This change improves the specification for the case when a
>> `PKIXRevocationChecker` is supplied as one of the `CertPathChecker`
>> parameters. Specifically, it makes it more clear that a
>> `PKIXRevocationChecker` overrides the default
On Tue, 26 Apr 2022 22:55:29 GMT, Bradford Wetmore wrote:
> Two new constant fields `MGF1ParameterSpec.SHA512_224` and
> `MGF1ParameterSpec.SHA512_256` didn't have `@since 11` tag added as part of
> [JDK-8146293](https://bugs.openjdk.java.net/browse/JDK-8146293).
>
> This bug addresses this
Please review these changes to add DES/3DES/MD5 to
`jdk.security.legacyAlgorithms` security property, and to add the legacy
algorithm constraint checking to `keytool` commands that are associated with
secret key entries stored in the keystore. These `keytool` commands are
-genseckey,
On Fri, 25 Mar 2022 15:34:23 GMT, Weijun Wang wrote:
> Some spec cleanup.
Marked as reviewed by hchao (Committer).
-
PR: https://git.openjdk.java.net/jdk/pull/7961
On Fri, 25 Mar 2022 05:11:18 GMT, Valerie Peng wrote:
> Max, can you please help review this fix? It updates the two jarsigner tests
> which are added to the main trunk during the code review of JDK-8267319.
>
> Mach5 run succeeds.
> Thanks,
> Valerie
Marked as reviewed by hchao (Committer).
On Mon, 14 Mar 2022 17:41:28 GMT, Hai-May Chao wrote:
> When a named curve is disabled in `jdk.disabled.namedCurves` property which
> is included in `jdk.jar.disabledAlgorithms` and
> `jdk.certpath.disabledAlgorithms`, `jarsigner` should display the disabled
> named curve as a r
On Tue, 15 Mar 2022 01:16:59 GMT, Weijun Wang wrote:
>> When a named curve is disabled in `jdk.disabled.namedCurves` property which
>> is included in `jdk.jar.disabledAlgorithms` and
>> `jdk.certpath.disabledAlgorithms`, `jarsigner` should display the disabled
>> named curve as a result of
> clarifies why an EC key is disabled in its warning and verbose output.
Hai-May Chao has updated the pull request incrementally with one additional
commit since the last revision:
Check curve in jdk.security.legacyAlgorithms, and update testcase
-
Changes:
On Mon, 14 Mar 2022 17:41:28 GMT, Hai-May Chao wrote:
> When a named curve is disabled in `jdk.disabled.namedCurves` property which
> is included in `jdk.jar.disabledAlgorithms` and
> `jdk.certpath.disabledAlgorithms`, `jarsigner` should display the disabled
> named curve as a r
When a named curve is disabled in `jdk.disabled.namedCurves` property which is
included in `jdk.jar.disabledAlgorithms` and `jdk.certpath.disabledAlgorithms`,
`jarsigner` should display the disabled named curve as a result of its disabled
algorithm constraint checking. This clarifies why an EC
On Tue, 22 Feb 2022 22:00:05 GMT, Hai-May Chao wrote:
> This fixes jarsigner to enforce checking against algorithm constraint
> properties so when the signature algorithms parameters use disabled or legacy
> algorithms, it will emit warnings accordingly. If the algorithm used in
>
signed.
Hai-May Chao has updated the pull request incrementally with one additional
commit since the last revision:
No need to do toUpperCase
-
Changes:
- all: https://git.openjdk.java.net/jdk/pull/7582/files
- new: https://git.openjdk.java.net/jdk/pull/7582/files/d2cd7e
On Thu, 3 Mar 2022 19:35:21 GMT, Weijun Wang wrote:
>> Hai-May Chao has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> Removed unused string
>
> src/jdk.jartool/share/classes/sun/security/tools/jarsigner/Main
signed.
Hai-May Chao has updated the pull request incrementally with one additional
commit since the last revision:
Use algname in output
-
Changes:
- all: https://git.openjdk.java.net/jdk/pull/7582/files
- new: https://git.openjdk.java.net/jdk/pull/7582/files/2a73d1ef..d2cd7
signed.
Hai-May Chao has updated the pull request incrementally with one additional
commit since the last revision:
Removed unused string
-
Changes:
- all: https://git.openjdk.java.net/jdk/pull/7582/files
- new: https://git.openjdk.java.net/jdk/pull/7582/files/516d8bf0..2a73d
On Wed, 2 Mar 2022 19:54:13 GMT, Weijun Wang wrote:
>> What does it look like now? Also, you might need to create a mapping in
>> `Resources.java` because "using" should only be shown when system language
>> is English.
>
> Also, what if it's another algorithm using another type of parameters?
signed.
Hai-May Chao has updated the pull request incrementally with two additional
commits since the last revision:
- Updated -verbose output
- Updated -verbose output
-
Changes:
- all: https://git.openjdk.java.net/jdk/pull/7582/files
- new: https://git.openjdk.java.net/j
On Wed, 2 Mar 2022 16:20:53 GMT, Weijun Wang wrote:
>> Hai-May Chao has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> Removed unneeded import and updated -verbose output
>
> src/jdk.jartool/share/classe
signed.
Hai-May Chao has updated the pull request incrementally with one additional
commit since the last revision:
Removed unneeded import and updated -verbose output
-
Changes:
- all: https://git.openjdk.java.net/jdk/pull/7582/files
- new: https://git.openjdk.java.net/jdk/pul
On Wed, 2 Mar 2022 15:30:22 GMT, Sean Mullan wrote:
>> Hai-May Chao has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> Removed unneeded import and updated -verbose output
>
> src/jdk.jartool/share/classe
On Fri, 4 Feb 2022 01:19:51 GMT, Weijun Wang wrote:
>> The option means there is no need to provide a password when loading a
>> keystore. In some places in jarsigner and keytool, even with the option
>> specified, password is still prompted for or warnings are still shown.
>
> Weijun Wang has
This fixes jarsigner to enforce checking against algorithm constraint
properties so when the signature algorithms parameters use disabled or legacy
algorithms, it will emit warnings accordingly. If the algorithm used in
parameters is disabled, jarsigner treats the jar as unsigned.
On Tue, 22 Feb 2022 20:18:19 GMT, Hai-May Chao wrote:
> This fixes jarsigner to enforce checking against algorithm constraint
> properties so when the signature algorithms parameters use disabled or legacy
> algorithms, it will emit warnings accordingly. If the algorithm used in
>
This fixes jarsigner to enforce checking against algorithm constraint
properties so when the signature algorithms parameters use disabled or legacy
algorithms, it will emit warnings accordingly. If the algorithm used in
parameters is disabled, jarsigner treats the jar as unsigned.
On Tue, 8 Feb 2022 17:13:53 GMT, Hai-May Chao wrote:
> This is to fix `DomainKeyStore::engineAliases` to take into account that
> there may be empty keystore(s) within the collection of keystores of a domain
> keystore.
This pull request has now been integrated.
Changeset: 178b96
> This is to fix `DomainKeyStore::engineAliases` to take into account that
> there may be empty keystore(s) within the collection of keystores of a domain
> keystore.
Hai-May Chao has updated the pull request incrementally with one additional
commit since the last revision:
Testcas
On Tue, 8 Feb 2022 23:03:41 GMT, Weijun Wang wrote:
>> This is to fix `DomainKeyStore::engineAliases` to take into account that
>> there may be empty keystore(s) within the collection of keystores of a
>> domain keystore.
>
> Looks good to me.
>
> Do you want to play with text blocks in the
This is to fix `DomainKeyStore::engineAliases` to take into account that there
may be empty keystore(s) within the collection of keystores of a domain
keystore.
-
Commit messages:
- 8265765: DomainKeyStore may stop enumerating aliases if a constituting
KeyStore is empty
Changes:
On Fri, 4 Feb 2022 23:02:21 GMT, Xue-Lei Andrew Fan wrote:
> Please review this trivial code clean up, for a little bit better performance.
Marked as reviewed by hchao (Committer).
Looks good to me.
-
PR: https://git.openjdk.java.net/jdk/pull/7356
On Tue, 1 Feb 2022 21:54:29 GMT, Sean Mullan wrote:
> This fixes a bootstrapping issue if a custom system class loader is set with
> the `-Djava.system.class.loader` option and the custom class loader is inside
> a signed JAR. In order to load the custom class loader, the runtime must
>
On Thu, 3 Feb 2022 18:32:42 GMT, Weijun Wang wrote:
>> Add the `-providerPath` option to jarsigner to be consistent with keytool.
>
> Weijun Wang has updated the pull request incrementally with one additional
> commit since the last revision:
>
> no need to append to null
Marked as reviewed
On Thu, 3 Feb 2022 18:32:42 GMT, Weijun Wang wrote:
>> Add the `-providerPath` option to jarsigner to be consistent with keytool.
>
> Weijun Wang has updated the pull request incrementally with one additional
> commit since the last revision:
>
> no need to append to null
Code change looks
On Wed, 12 Jan 2022 02:15:45 GMT, Hai-May Chao wrote:
> `keytool` currently uses a simpler scheme in `DisabledAlgorithmConstraints`
> class when performing algorithm constraints checks. This change is to enhance
> `keytool` to make use of the ne
On Wed, 26 Jan 2022 14:30:22 GMT, Sean Mullan wrote:
>> Hai-May Chao has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> Reformat denyAfter date in exception message to -MM-DD
>
> Marked as reviewed by mu
On Wed, 26 Jan 2022 05:56:31 GMT, Hai-May Chao wrote:
>> Done. Removed the extra info (-MM-DD form) from the exception message
>> that was set in `DisabledAlgorithmConstraints` class, and re-formated the
>> `denyAfterDate` into -MM-DD
On Wed, 26 Jan 2022 14:30:13 GMT, Sean Mullan wrote:
>> Hai-May Chao has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> Reformat denyAfter date in exception message to -MM-DD
>
> src/java.base/share/clas
; and `checkKey` parameters. For the keyusage in the EE certificate of a
> certificate chains, set the variant accordingly when calling
> `CertPathConstraintsParameters` constructor.
Hai-May Chao has updated the pull request incrementally with one additional
commit since the last rev
On Wed, 26 Jan 2022 05:45:58 GMT, Hai-May Chao wrote:
>> src/java.base/share/classes/sun/security/util/DisabledAlgorithmConstraints.java
>> line 759:
>>
>>> 757: "denyAfter constraint check failed: " +
>>> algor
On Tue, 25 Jan 2022 22:40:36 GMT, Sean Mullan wrote:
>> Hai-May Chao has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> Revert to get denyAfter from exception and reload caks
>
> src/java.base/s
; and `checkKey` parameters. For the keyusage in the EE certificate of a
> certificate chains, set the variant accordingly when calling
> `CertPathConstraintsParameters` constructor.
Hai-May Chao has updated the pull request incrementally with one additional
commit since the last
; and `checkKey` parameters. For the keyusage in the EE certificate of a
> certificate chains, set the variant accordingly when calling
> `CertPathConstraintsParameters` constructor.
Hai-May Chao has updated the pull request incrementally with one additional
commit since the last revis
On Tue, 25 Jan 2022 14:38:32 GMT, Sean Mullan wrote:
>> Hai-May Chao has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> Update to get denyAfter and init caks
>
> src/java.base/share/classes/sun/security/too
On Mon, 24 Jan 2022 21:21:58 GMT, Hai-May Chao wrote:
>> `keytool` currently uses a simpler scheme in `DisabledAlgorithmConstraints`
>> class when performing algorithm constraints checks. This change is to
>> enhance `keytool` to make use
; and `checkKey` parameters. For the keyusage in the EE certificate of a
> certificate chains, set the variant accordingly when calling
> `CertPathConstraintsParameters` constructor.
Hai-May Chao has updated the pull request incrementally with one additional
commit since the last revis
On Mon, 24 Jan 2022 16:12:25 GMT, Sean Mullan wrote:
>> Hai-May Chao has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> Update with review comments
>
> src/java.base/share/classes/sun/security/tools/keytool/M
On Mon, 24 Jan 2022 16:00:14 GMT, Sean Mullan wrote:
>> No change. This is because `caks` global variable can only be initialized
>> with cacerts keystore when the `trustcacerts` option is specified;
>> otherwise if has to be kept null. `buildTrustedCerts`() is always executed.
>
> I was
; and `checkKey` parameters. For the keyusage in the EE certificate of a
> certificate chains, set the variant accordingly when calling
> `CertPathConstraintsParameters` constructor.
Hai-May Chao has updated the pull request incrementally with one additional
commit since the last revis
; and `checkKey` parameters. For the keyusage in the EE certificate of a
> certificate chains, set the variant accordingly when calling
> `CertPathConstraintsParameters` constructor.
Hai-May Chao has updated the pull request incrementally with one additional
commit since the last revisi
; and `checkKey` parameters. For the keyusage in the EE certificate of a
> certificate chains, set the variant accordingly when calling
> `CertPathConstraintsParameters` constructor.
Hai-May Chao has updated the pull request incrementally with one additional
commit since the las
On Thu, 13 Jan 2022 16:31:35 GMT, Sean Mullan wrote:
>> Hai-May Chao has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> Update with review comments
>
> src/java.base/share/classes/sun/security/tools/keytool
`keytool` currently uses a simpler scheme in `DisabledAlgorithmConstraints`
class when performing algorithm constraints checks. This change is to enhance
`keytool` to make use of the new methods `DisabledAlgorithmConstraints.permits`
with `CertPathConstraintsParameters` and `checkKey`
On Tue, 14 Dec 2021 18:33:47 GMT, Valerie Peng wrote:
> Can someone help review this small fix? NSS returns PKCS11
> CKR_ATTRIBUTE_SENSITIVE error when trying to retrieve CKA_VALUE out of its
> token keys. So this fix is to add special handling for NSS token secret keys.
> There is already an
On Tue, 26 Oct 2021 22:37:02 GMT, Hai-May Chao wrote:
> This change does a few improvements to the output of `keytool -printcert
> -jarfile` command to help readability and diagnosis.
This pull request has now been integrated.
Changeset: de93b1d0
Author: Hai-May Chao
URL:
> This change does a few improvements to the output of `keytool -printcert
> -jarfile` command to help readability and diagnosis.
Hai-May Chao has updated the pull request incrementally with one additional
commit since the last revision:
Used LinkedHashSet
-
Changes:
On Thu, 28 Oct 2021 21:13:40 GMT, Hai-May Chao wrote:
>> This change does a few improvements to the output of `keytool -printcert
>> -jarfile` command to help readability and diagnosis.
>
> Hai-May Chao has updated the pull request incrementally with one additional
>
> This change does a few improvements to the output of `keytool -printcert
> -jarfile` command to help readability and diagnosis.
Hai-May Chao has updated the pull request incrementally with one additional
commit since the last revision:
Update while block code
-
C
On Thu, 28 Oct 2021 17:34:46 GMT, Weijun Wang wrote:
>> Hai-May Chao has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> Update output per review comment
>
> src/java.base/share/classes/sun/security/too
On Tue, 26 Oct 2021 23:23:35 GMT, Weijun Wang wrote:
>> Hai-May Chao has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> Update output per review comment
>
> src/java.base/share/classes/sun/security/too
> This change does a few improvements to the output of `keytool -printcert
> -jarfile` command to help readability and diagnosis.
Hai-May Chao has updated the pull request incrementally with one additional
commit since the last revision:
Update output per review c
1 - 100 of 259 matches
Mail list logo
