On Mon, 7 Nov 2022 23:24:39 GMT, Mark Powers wrote:
>> Xue-Lei Andrew Fan has updated the pull request with a new target base due
>> to a merge or a rebase. The pull request now contains four commits:
>>
>> - Merge
>> - Merge
>> - add test cases
>> - 8281236: (D)TLS key exchange algorithms
On Mon, 7 Nov 2022 18:02:43 GMT, Vladimir Ivanov wrote:
>> Jamil Nimeh has updated the pull request incrementally with six additional
>> commits since the last revision:
>>
>> - Change intrinsic helper method name conform to convention
>> - consolidate chacha macroAssembler routines into
> This PR delivers ChaCha20 intrinsics that accelerate the core block function
> that generates key stream from the key, counter and nonce. Intrinsics have
> been written for the following platforms and instruction sets:
>
> - x86_64: AVX, AVX2 and AVX512
> - aarch64: platforms that support
On Fri, 4 Mar 2022 16:47:54 GMT, Jamil Nimeh wrote:
> This PR delivers ChaCha20 intrinsics that accelerate the core block function
> that generates key stream from the key, counter and nonce. Intrinsics have
> been written for the following platforms and instruction sets:
>
> - x86_64: AVX,
On Mon, 7 Nov 2022 18:48:27 GMT, Xue-Lei Andrew Fan wrote:
>> This update is to support key exchange named groups customization for
>> individual (D)TLS connection. Please review the CSR as well:
>> CSR: https://bugs.openjdk.org/browse/JDK-8291950
>> RFE:
On Mon, 7 Nov 2022 18:51:52 GMT, Rajan Halade wrote:
> Test certificates are expired but backdated validation can be performed to
> fix this issue.
This pull request has now been integrated.
Changeset: 520db1ee
Author:Rajan Halade
URL:
On Mon, 7 Nov 2022 18:51:52 GMT, Rajan Halade wrote:
> Test certificates are expired but backdated validation can be performed to
> fix this issue.
Marked as reviewed by weijun (Reviewer).
-
PR: https://git.openjdk.org/jdk/pull/11027
On Fri, 4 Mar 2022 16:47:54 GMT, Jamil Nimeh wrote:
> This PR delivers ChaCha20 intrinsics that accelerate the core block function
> that generates key stream from the key, counter and nonce. Intrinsics have
> been written for the following platforms and instruction sets:
>
> - x86_64: AVX,
Test certificates are expired but backdated validation can be performed to fix
this issue.
-
Commit messages:
- 8296485: BuildEEBasicConstraints.java test fails with
SunCertPathBuilderException
Changes: https://git.openjdk.org/jdk/pull/11027/files
Webrev:
> This update is to support key exchange named groups customization for
> individual (D)TLS connection. Please review the CSR as well:
> CSR: https://bugs.openjdk.org/browse/JDK-8291950
> RFE: https://bugs.openjdk.org/browse/JDK-8281236
> Release-note: https://bugs.openjdk.org/browse/JDK-8291975
On Thu, 13 Oct 2022 18:15:30 GMT, Xue-Lei Andrew Fan wrote:
>> Hi,
>>
>> May I have this update reviewed? With this update, the result will be
>> reduced if required in EC limbs operations in the JDK implementation.
>>
>> In the current implementation, the EC limbs addition and subtraction
On Mon, 7 Nov 2022 17:43:42 GMT, Rajan Halade wrote:
> Test is updated to set validation date inside PKIXParameters to June 01, 2022.
This pull request has now been integrated.
Changeset: b6ea69c0
Author:Rajan Halade
URL:
On Tue, 9 Aug 2022 15:30:57 GMT, Xue-Lei Andrew Fan wrote:
>> This update is to support key exchange named groups customization for
>> individual (D)TLS connection. Please review the CSR as well:
>> CSR: https://bugs.openjdk.org/browse/JDK-8291950
>> RFE:
On 11/7/22 9:50 AM, Carter Kozak wrote:
On Mon, Nov 7, 2022, at 11:57, Anthony Scarpino wrote:
Yes, I was able to reproduce this.
Glad to hear it.
The memory usage is related to a
necessary java change for the AVX512 intrinsic. It doesn't show up much
in the crypto performance tests,
On Mon, 7 Nov 2022 17:43:42 GMT, Rajan Halade wrote:
> Test is updated to set validation date inside PKIXParameters to June 01, 2022.
Marked as reviewed by mullan (Reviewer).
-
PR: https://git.openjdk.org/jdk/pull/11026
On Fri, 4 Mar 2022 16:47:54 GMT, Jamil Nimeh wrote:
> This PR delivers ChaCha20 intrinsics that accelerate the core block function
> that generates key stream from the key, counter and nonce. Intrinsics have
> been written for the following platforms and instruction sets:
>
> - x86_64: AVX,
On Fri, 4 Mar 2022 16:47:54 GMT, Jamil Nimeh wrote:
> This PR delivers ChaCha20 intrinsics that accelerate the core block function
> that generates key stream from the key, counter and nonce. Intrinsics have
> been written for the following platforms and instruction sets:
>
> - x86_64: AVX,
On Mon, 7 Nov 2022 17:18:32 GMT, Rajan Halade wrote:
>> This fix adds Certigna root CA to cacerts trust store.
>
> Rajan Halade has updated the pull request incrementally with one additional
> commit since the last revision:
>
> int cert doesn't specify OCSP
I am closing this pull request
On Thu, 25 Aug 2022 16:00:54 GMT, Rajan Halade wrote:
> This fix adds Certigna root CA to cacerts trust store.
This pull request has been closed without being integrated.
-
PR: https://git.openjdk.org/jdk/pull/10030
On Mon, 7 Nov 2022 17:43:42 GMT, Rajan Halade wrote:
> Test is updated to set validation date inside PKIXParameters to June 01, 2022.
Looks good to me.
-
Marked as reviewed by xuelei (Reviewer).
PR: https://git.openjdk.org/jdk/pull/11026
Test is updated to set validation date inside PKIXParameters to June 01, 2022.
-
Commit messages:
- 8296480: java/security/cert/pkix/policyChanges/TestPolicy.java is failing
Changes: https://git.openjdk.org/jdk/pull/11026/files
Webrev:
On Mon, Nov 7, 2022, at 11:57, Anthony Scarpino wrote:
> Yes, I was able to reproduce this.
Glad to hear it.
> The memory usage is related to a
> necessary java change for the AVX512 intrinsic. It doesn't show up much
> in the crypto performance tests, but TLS triggers it more often, driving
> This fix adds Certigna root CA to cacerts trust store.
Rajan Halade has updated the pull request incrementally with one additional
commit since the last revision:
int cert doesn't specify OCSP
-
Changes:
- all: https://git.openjdk.org/jdk/pull/10030/files
- new:
On 11/7/22 8:26 AM, Carter Kozak wrote:
Following up, were you able to run the benchmark across openjdk releases? If
so, can you confirm whether your observations matched my own? I really
appreciate your help looking into this!
Thanks,
Carter Kozak
Yes, I was able to reproduce this. The
On Mon, 17 Oct 2022 21:50:08 GMT, Andrey Turbanov wrote:
> java.util.Enumeration is a legacy interface from java 1.0.
> There are a few places with cycles which use it to iterate over collections.
> We can replace this manual cycle with enchanced-for, which is shorter and
> easier to read.
Following up, were you able to run the benchmark across openjdk releases? If
so, can you confirm whether your observations matched my own? I really
appreciate your help looking into this!
Thanks,
Carter Kozak
> What kind of padding length customization would you like to see in the JDK?
I may be hesitate to add a new API. A default random padding could be used
instead, and might be controlled with a system property (e.g,
“jdk.tls.client/server.maxRecordPadding” or
On Mon, 7 Nov 2022 12:49:21 GMT, Matthias Baesken wrote:
> The java/security/Exceptions/ChainingConstructors jdk jtreg test shows quite
> a lot of code duplication. The test code can be simplified e.g. by using
> generics. Additionally the test failure output was improved and a test for
> the
Thanks Xuelei and Brad for your replies!
https://bugs.openjdk.org/browse/JDK-8244983 mentions that random padding
could be used to mitigate BREACH attack. I googled for "breach random
padding", found 3 similar requests [1] [2] [3] for enhancements, none of
them was implemented. Also
On Thu, 3 Nov 2022 14:59:59 GMT, Sean Mullan wrote:
> This change will disable TLS_ECDH_* cipher suites by default. These cipher
> suites do not preserve forward secrecy and are rarely used in practice. See
> the CSR for more details and rationale.
>
> Users will still be able to enable the
The java/security/Exceptions/ChainingConstructors jdk jtreg test shows quite a
lot of code duplication. The test code can be simplified e.g. by using
generics. Additionally the test failure output was improved and a test for the
constructors of CertPathBuilderException was added.
-
On Mon, 7 Nov 2022 08:04:15 GMT, Daniel Jeliński wrote:
> Is it expected that AVX3 is 35% slower than AVX2 and 8% slower than AVX1?
Well, it isn't slower than AVX/AVX2 across the board. For plain ChaCha20 it is
slower for this particular benchmark at 256 bytes (and smaller I would assume),
On Fri, 4 Mar 2022 16:47:54 GMT, Jamil Nimeh wrote:
> This PR delivers ChaCha20 intrinsics that accelerate the core block function
> that generates key stream from the key, counter and nonce. Intrinsics have
> been written for the following platforms and instruction sets:
>
> - x86_64: AVX,
33 matches
Mail list logo
