On Fri, 5 May 2023 21:39:13 GMT, Valerie Peng wrote:
>> src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11KeyStore.java
>> line 2031:
>>
>>> 2029: cert.getSubjectX500Principal() + "]");
>>> 2030: }
>>> 2031: } else {
>>
On Mon, 1 May 2023 19:49:05 GMT, Valerie Peng wrote:
> Could someone help review this PKCS11KeyStore fix regarding the cert chain
> removal?
>
> The proposed fix will not remove the cert if it has a corresponding private
> key or is an issuer of other entities in the same keystore.
>
> Thanks
On Fri, 5 May 2023 20:20:44 GMT, Weijun Wang wrote:
> > Or, do you know if there are JDK test utilities which support this?
>
> Just `SecurityTools.keytool`.
I can give it a try. But if it turns out taking much longer (time and code),
then I'd prefer just to go with PEM data files as I don't s
On Fri, 5 May 2023 16:46:16 GMT, Weijun Wang wrote:
>> Could someone help review this PKCS11KeyStore fix regarding the cert chain
>> removal?
>>
>> The proposed fix will not remove the cert if it has a corresponding private
>> key or is an issuer of other entities in the same keystore.
>>
>>
On Fri, 5 May 2023 14:28:01 GMT, Weijun Wang wrote:
> We have quite some `standard-names.html#anchorName` links (Ex:
>
> https://github.com/openjdk/jdk/blob/f804f2ce8ef7a859aae021b20cbdcd9e34f9fb94/src/java.base/share/classes/java/security/Signature.java#L111
>
> ). I don't see any of them here
On Mon, 1 May 2023 19:49:05 GMT, Valerie Peng wrote:
> Could someone help review this PKCS11KeyStore fix regarding the cert chain
> removal?
>
> The proposed fix will not remove the cert if it has a corresponding private
> key or is an issuer of other entities in the same keystore.
>
> Thanks
On Fri, 5 May 2023 19:43:31 GMT, Valerie Peng wrote:
>> test/jdk/sun/security/pkcs11/KeyStore/CertChainRemoval.java line 176:
>>
>>> 174:
>>> 175: // should only have "pk1" now
>>> 176: checkEntry(ks, "pk1", pk1Chain);
>>
>> When the kesytore should only have "pk1” now, how wou
> Fixes: [JDK-8294985](https://bugs.openjdk.org/browse/JDK-8294985)
Kevin Driver has updated the pull request with a new target base due to a merge
or a rebase. The pull request now contains three commits:
- Update
src/java.base/share/classes/sun/security/ssl/CertificateAuthoritiesExtension.ja
On Fri, 5 May 2023 20:07:18 GMT, Valerie Peng wrote:
> Or, do you know if there are JDK test utilities which support this?
Just `SecurityTools.keytool`.
-
PR Comment: https://git.openjdk.org/jdk/pull/13743#issuecomment-1536736209
On Fri, 5 May 2023 16:43:03 GMT, Weijun Wang wrote:
>> Could someone help review this PKCS11KeyStore fix regarding the cert chain
>> removal?
>>
>> The proposed fix will not remove the cert if it has a corresponding private
>> key or is an issuer of other entities in the same keystore.
>>
>>
On Fri, 5 May 2023 16:57:56 GMT, Weijun Wang wrote:
> Is it possible to generate the keys and certs on the fly?
Possible. For testing things not related to generation, using existing
key/certs simplifies the setup and can be reused easily. Or, do you know if
there are JDK test utilities which
On Tue, 2 May 2023 21:43:19 GMT, Ferenc Rakoczi wrote:
>> Implement support for Leighton-Micali Signatures (LMS) as described in RFC
>> 8554. LMS is an approved software signing algorithm for CNSA 2.0, with
>> SHA-256/192 parameters recommended.
>
> Ferenc Rakoczi has updated the pull request i
On Tue, 2 May 2023 22:42:13 GMT, Hai-May Chao wrote:
>> Could someone help review this PKCS11KeyStore fix regarding the cert chain
>> removal?
>>
>> The proposed fix will not remove the cert if it has a corresponding private
>> key or is an issuer of other entities in the same keystore.
>>
>>
Update XML Security for Java to 3.0.2. Some change to tests:
1. No more Xalan. One test case is singled out to demonstrate how to use a
special configuration.
2. EdDSA does not support `KeyValue`. Use X.509 certificate instead.
-
Commit messages:
- the change
Changes: https://git.
On Mon, 1 May 2023 19:49:05 GMT, Valerie Peng wrote:
> Could someone help review this PKCS11KeyStore fix regarding the cert chain
> removal?
>
> The proposed fix will not remove the cert if it has a corresponding private
> key or is an issuer of other entities in the same keystore.
>
> Thanks
On Tue, 2 May 2023 21:43:19 GMT, Ferenc Rakoczi wrote:
>> Implement support for Leighton-Micali Signatures (LMS) as described in RFC
>> 8554. LMS is an approved software signing algorithm for CNSA 2.0, with
>> SHA-256/192 parameters recommended.
>
> Ferenc Rakoczi has updated the pull request i
On Tue, 2 May 2023 21:43:19 GMT, Ferenc Rakoczi wrote:
>> Implement support for Leighton-Micali Signatures (LMS) as described in RFC
>> 8554. LMS is an approved software signing algorithm for CNSA 2.0, with
>> SHA-256/192 parameters recommended.
>
> Ferenc Rakoczi has updated the pull request i
On Wed, 5 Apr 2023 16:45:06 GMT, Jonathan Gibbons wrote:
>> Please review a doc update to add `@spec` into the rest of the files in
>> `java.base` (compared to those in
>> [JDK-8305206](https://bugs.openjdk.org/browse/JDK-8305206) PR #13248)
>
> Jonathan Gibbons has updated the pull request inc
On Fri, 5 May 2023 11:27:48 GMT, Matthew Donovan wrote:
> Could someone please review this PR? It is a small change to increase the
> time that the client waits for the server thread to start.
>
> Thanks!
This pull request has now been integrated.
Changeset: 3f6a3545
Author:Matthew Donova
On Fri, 5 May 2023 11:27:48 GMT, Matthew Donovan wrote:
> Could someone please review this PR? It is a small change to increase the
> time that the client waits for the server thread to start.
>
> Thanks!
Marked as reviewed by jnimeh (Reviewer).
-
PR Review: https://git.openjdk.o
On Fri, 5 May 2023 11:27:48 GMT, Matthew Donovan wrote:
> Could someone please review this PR? It is a small change to increase the
> time that the client waits for the server thread to start.
>
> Thanks!
Please wait for a reviewer to complete the review.
-
Marked as reviewed by
Could someone please review this PR? It is a small change to increase the time
that the client waits for the server thread to start.
Thanks!
-
Commit messages:
- 8305169: java/security/cert/CertPathValidator/OCSP/GetAndPostTests.java --
test server didn't start in timely manner
C
On Thu, 4 May 2023 15:50:02 GMT, Adam Sotona wrote:
> Most of the manpages were updated a few years ago but some references remain.
> This patch renames remaining references to "macOS".
>
> Please review.
>
> Thanks,
> Adam
This pull request has now been integrated.
Changeset: 3b430b9f
Author
> Most of the manpages were updated a few years ago but some references remain.
> This patch renames remaining references to "macOS".
>
> Please review.
>
> Thanks,
> Adam
Adam Sotona has updated the pull request incrementally with one additional
commit since the last revision:
updated copyr
On Thu, 4 May 2023 15:50:02 GMT, Adam Sotona wrote:
> Most of the manpages were updated a few years ago but some references remain.
> This patch renames remaining references to "macOS".
>
> Please review.
>
> Thanks,
> Adam
Marked as reviewed by sspitsyn (Reviewer).
-
PR Review:
25 matches
Mail list logo
