Thank you for considering this improvement. I'm planing to integrate
the patch into OpenJDK workspace this week.
Thanks & Regards,
Xuelei
On 5/29/2013 3:33 PM, Pasi Eronen wrote:
> Hi Xuelei,
>
> I did notice that P11Util has a trimZeroes() function, but I didn't call
> it since I didn't want
Hi Xuelei,
I did notice that P11Util has a trimZeroes() function, but I didn't call
it since I didn't want to add a new package dependency. But now that you
mention it, moving it to KeyUtil seems like the best solution.
I have submitted a revised patch to the Bugzilla ticket which does
just this:
On 5/23/2013 6:03 PM, Andrew Hughes wrote:
> - Original Message -
>> On 5/20/2013 5:28 PM, Pasi Eronen wrote:
>>> Hi Xuelei,
>>>
>>> It seems the PKSC11 doesn't actually have this bug.
>>>
>>> P11KeyAgreement has a separate code path for the "TlsPremasterSecret"
>>> algorithm, which strips
- Original Message -
> On 5/20/2013 5:28 PM, Pasi Eronen wrote:
> > Hi Xuelei,
> >
> > It seems the PKSC11 doesn't actually have this bug.
> >
> > P11KeyAgreement has a separate code path for the "TlsPremasterSecret"
> > algorithm, which strips leading zeroes if the key can be extracted f
On 5/20/2013 5:28 PM, Pasi Eronen wrote:
> Hi Xuelei,
>
> It seems the PKSC11 doesn't actually have this bug.
>
> P11KeyAgreement has a separate code path for the "TlsPremasterSecret"
> algorithm, which strips leading zeroes if the key can be extracted from
> the token. (And if the key cannot b
Hi Xuelei,
It seems the PKSC11 doesn't actually have this bug.
P11KeyAgreement has a separate code path for the "TlsPremasterSecret"
algorithm, which strips leading zeroes if the key can be extracted from
the token. (And if the key cannot be extracted, then the token is doing
the premaster secret
Hi Pasi,
Thank you for your patience, and contribution to OpenJDK. The bug is
accepted, and you should be able to review it at:
http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=8014618
Let's use the above bug ID to track the issue.
Your patch looks fine in general (I may have some very mi
AKA "1 out of 256 SSL/TLS handshakes fails with DHE cipher suites"
I reported this bug over a month of ago, but for some reason, it's not
yet visible at bugs.sun.com. I've included the bug report below just in
case.
It seems this commit from March 2012 inadvertently broke SSL/TLS DHE
cipher suite