> Could someone help review this PKCS11KeyStore fix regarding the cert chain
> removal?
>
> The proposed fix will not remove the cert if it has a corresponding private
> key or is an issuer of other entities in the same keystore.
>
> Thanks,
> Valerie
Valerie Peng has updated the pull request
With this PR we try to be better in loading certificates from the MacOS
Keychain into a JDK Trust store.
The current implementation after JDK-8278449 would only load/trust certificates
from an identity (with private key available) and certificates that have
explicit trust set in the user
On Thu, 11 May 2023 20:21:57 GMT, Justin Lu wrote:
>> This PR converts Unicode sequences to UTF-8 native in .properties file.
>> (Excluding the Unicode space and tab sequence). The conversion was done
>> using native2ascii.
>>
>> In addition, the build logic is adjusted to support reading in
On Thu, 11 May 2023 20:21:57 GMT, Justin Lu wrote:
>> This PR converts Unicode sequences to UTF-8 native in .properties file.
>> (Excluding the Unicode space and tab sequence). The conversion was done
>> using native2ascii.
>>
>> In addition, the build logic is adjusted to support reading in
> The KEM API and DHKEM impl. Note that this PR uses new methods in
> https://github.com/openjdk/jdk/pull/13250.
Weijun Wang has updated the pull request incrementally with one additional
commit since the last revision:
deterministic randomness
-
Changes:
- all:
> Just a trivial change for enforcing consistent NullPointerException behavior
> for the SecureRandom.nextBytes(byte[]) method.
>
> Other similar methods such as Random.nextByte(byte[]) and its other
> subclasses all throw NPE for null byte[] argument. Most JDK default
> providers'
> Fixes: [JDK-8294985](https://bugs.openjdk.org/browse/JDK-8294985)
Kevin Driver has updated the pull request incrementally with two additional
commits since the last revision:
- update copyright
- reworking the fix in light of encouragement to change the problematic method
signature
> This PR converts Unicode sequences to UTF-8 native in .properties file.
> (Excluding the Unicode space and tab sequence). The conversion was done using
> native2ascii.
>
> In addition, the build logic is adjusted to support reading in the
> .properties files as UTF-8 during the conversion
On Thu, 11 May 2023 09:36:17 GMT, Ferenc Rakoczi wrote:
>> Implement support for Leighton-Micali Signatures (LMS) as described in RFC
>> 8554. LMS is an approved software signing algorithm for CNSA 2.0, with
>> SHA-256/192 parameters recommended.
>
> Ferenc Rakoczi has updated the pull request
On Wed, 10 May 2023 23:07:01 GMT, Valerie Peng wrote:
>> Just a trivial change for enforcing consistent NullPointerException behavior
>> for the SecureRandom.nextBytes(byte[]) method.
>>
>> Other similar methods such as Random.nextByte(byte[]) and its other
>> subclasses all throw NPE for
On Thu, 11 May 2023 17:16:19 GMT, Sean Mullan wrote:
>> Valerie Peng has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> updated reg test with review comments.
>
> test/jdk/java/security/SecureRandom/NextBytesNull.java line 29:
>
>> 27: *
On Thu, 11 May 2023 16:40:07 GMT, Kevin Driver wrote:
>> Fixes: [JDK-8294985](https://bugs.openjdk.org/browse/JDK-8294985)
>
> Kevin Driver has updated the pull request with a new target base due to a
> merge or a rebase. The pull request now contains three commits:
>
> - Update
>
On Thu, 11 May 2023 16:33:25 GMT, Sean Mullan wrote:
>> Ferenc Rakoczi has updated the pull request incrementally with one
>> additional commit since the last revision:
>>
>> Reintroduced Length for HSSPublicKey, added more @Override annotations
>
>
On Wed, 10 May 2023 23:07:01 GMT, Valerie Peng wrote:
>> Just a trivial change for enforcing consistent NullPointerException behavior
>> for the SecureRandom.nextBytes(byte[]) method.
>>
>> Other similar methods such as Random.nextByte(byte[]) and its other
>> subclasses all throw NPE for
On Thu, 11 May 2023 09:36:17 GMT, Ferenc Rakoczi wrote:
>> Implement support for Leighton-Micali Signatures (LMS) as described in RFC
>> 8554. LMS is an approved software signing algorithm for CNSA 2.0, with
>> SHA-256/192 parameters recommended.
>
> Ferenc Rakoczi has updated the pull request
On Tue, 9 May 2023 14:26:46 GMT, Weijun Wang wrote:
>> src/java.base/share/classes/sun/security/provider/HSS.java line 661:
>>
>>> 659:
>>> 660: @SuppressWarnings("deprecation")
>>> 661: HSSPublicKey(byte[] keyArray) throws InvalidKeyException {
>>
>> [I deleted my earlier
> Fixes: [JDK-8294985](https://bugs.openjdk.org/browse/JDK-8294985)
Kevin Driver has updated the pull request with a new target base due to a merge
or a rebase. The incremental webrev excludes the unrelated changes brought in
by the merge/rebase. The pull request contains three additional
On Thu, 11 May 2023 09:36:17 GMT, Ferenc Rakoczi wrote:
>> Implement support for Leighton-Micali Signatures (LMS) as described in RFC
>> 8554. LMS is an approved software signing algorithm for CNSA 2.0, with
>> SHA-256/192 parameters recommended.
>
> Ferenc Rakoczi has updated the pull request
On Thu, 11 May 2023 09:36:17 GMT, Ferenc Rakoczi wrote:
>> Implement support for Leighton-Micali Signatures (LMS) as described in RFC
>> 8554. LMS is an approved software signing algorithm for CNSA 2.0, with
>> SHA-256/192 parameters recommended.
>
> Ferenc Rakoczi has updated the pull request
On Thu, 11 May 2023 09:36:17 GMT, Ferenc Rakoczi wrote:
>> Implement support for Leighton-Micali Signatures (LMS) as described in RFC
>> 8554. LMS is an approved software signing algorithm for CNSA 2.0, with
>> SHA-256/192 parameters recommended.
>
> Ferenc Rakoczi has updated the pull request
On Thu, 11 May 2023 09:36:17 GMT, Ferenc Rakoczi wrote:
>> Implement support for Leighton-Micali Signatures (LMS) as described in RFC
>> 8554. LMS is an approved software signing algorithm for CNSA 2.0, with
>> SHA-256/192 parameters recommended.
>
> Ferenc Rakoczi has updated the pull request
On Thu, 11 May 2023 06:02:01 GMT, Ferenc Rakoczi wrote:
>> src/java.base/share/classes/sun/security/provider/HSS.java line 571:
>>
>>> 569: preCandidate[21] = (byte) 0x80;
>>> 570:
>>> 571: byte[] preZi = hashBuf.clone();
>>
>> We can just call
> Implement support for Leighton-Micali Signatures (LMS) as described in RFC
> 8554. LMS is an approved software signing algorithm for CNSA 2.0, with
> SHA-256/192 parameters recommended.
Ferenc Rakoczi has updated the pull request incrementally with one additional
commit since the last
On Wed, 10 May 2023 22:17:52 GMT, Weijun Wang wrote:
>> Done.
>
> There are much more in this class.
You are right. I have added many more. I hope I have found all of them.
-
PR Review Comment: https://git.openjdk.org/jdk/pull/13691#discussion_r1190885719
On Thu, 11 May 2023 06:27:39 GMT, Ferenc Rakoczi wrote:
> I had considered that and decided not to use it. In my opinion, Java Enum is
> much more complicated than it should be for this case.
OK.
> Efficiency is not a concern here
OK.
> but I also don't see how enum could be more
On Thu, 11 May 2023 06:14:10 GMT, Xue-Lei Andrew Fan wrote:
>> Ferenc Rakoczi has updated the pull request incrementally with one
>> additional commit since the last revision:
>>
>> serialization fixes, more code shaping
>
> src/java.base/share/classes/sun/security/provider/HSS.java line
On Wed, 10 May 2023 15:20:50 GMT, Ferenc Rakoczi wrote:
>> Implement support for Leighton-Micali Signatures (LMS) as described in RFC
>> 8554. LMS is an approved software signing algorithm for CNSA 2.0, with
>> SHA-256/192 parameters recommended.
>
> Ferenc Rakoczi has updated the pull request
On Wed, 10 May 2023 22:11:09 GMT, Weijun Wang wrote:
>> Ferenc Rakoczi has updated the pull request incrementally with one
>> additional commit since the last revision:
>>
>> serialization fixes, more code shaping
>
> src/java.base/share/classes/sun/security/provider/HSS.java line 571:
>
>>
28 matches
Mail list logo