On Fri, 11 Aug 2023 23:08:56 GMT, Alexey Bakhtin wrote:
> JGSS is implemented in the JVM in 2 levels: the standard Java security
> provider for Kerberos in sun.security.jgss.krb5.Krb5MechFactory and the JAAS
> login module for Kerberos in com.sun.security.auth.module.Krb5LoginModule.
> The pro
Anthony Scarpino wrote on 16. Nov 2023 23:47 (GMT +01:00):
> Hi all,
>
> We are proposing to add an API for PEM and a foundation for other crypto
> encoding.
I like the modularity and that you do not try to squeeze it into the existing
services.
I wonder if you should also allow to set comment
> When blocksize is less than digest output length, call `keccak` more.
Weijun Wang has updated the pull request incrementally with one additional
commit since the last revision:
add comment for squeezeOffset
-
Changes:
- all: https://git.openjdk.org/jdk/pull/16698/files
- ne
> When blocksize is less than digest output length, call `keccak` more.
Weijun Wang has updated the pull request incrementally with one additional
commit since the last revision:
fix wording
-
Changes:
- all: https://git.openjdk.org/jdk/pull/16698/files
- new: https://git.ope
On Thu, 16 Nov 2023 20:45:29 GMT, Weijun Wang wrote:
> When blocksize is less than digest output length, call `keccak` more.
Looks good. I only found trivial things. A comment describing `squeezeOffset`
would help.
src/java.base/share/classes/sun/security/provider/DigestBase.java line 144:
>
Hi all,
We are proposing to add an API for PEM and a foundation for other crypto
encoding.
The draft JEP is located at: https://openjdk.org/jeps/8300911
Feel free to comment here.
Thanks
Tony
When blocksize is less than digest output length, call `keccak` more.
-
Commit messages:
- initial change
Changes: https://git.openjdk.org/jdk/pull/16698/files
Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=16698&range=00
Issue: https://bugs.openjdk.org/browse/JDK-8320192
Sta
On Thu, 16 Nov 2023 14:30:31 GMT, Weijun Wang wrote:
> Update XMLDsig implementation to match Apache Santuario 3.0.3.
>
> Changes include (significance in descending order):
>
> - `SignatureMethod.java`: new signature method URIs defined
> - `SignatureBaseRSA.java`: `SignatureBaseRSAPSS` and re
> Modified `getService` method to prevent caching of `ServiceKey`, which was
> negatively impacting multithreaded performance
Ben Perez has updated the pull request incrementally with one additional commit
since the last revision:
changed cache to use threadlocal
-
Changes:
-
On Thu, 16 Nov 2023 16:33:36 GMT, Sean Mullan wrote:
>> This internal method was called by `TimestampedSigner` which was removed
>> long ago when we removed the support for `ContentSigner` and `jarsigner
>> -altsign`. It has been useless for some time and this is just a cleanup.
>
> Ok, I see.
> Code changes for HSS/LMS that's related to keytool and jarsigner:
>
> 1. No need to add `-sigalg` for both tools when HSS/LMS key is involved, it
> can only be `HSS/LMS`.
> 2. The `digestAlgorithm` field in a PKCS7 `SignerInfo`. It must be the same
> as the hash algorithm used by the HSS/LMS k
> Code changes for HSS/LMS that's related to keytool and jarsigner:
>
> 1. No need to add `-sigalg` for both tools when HSS/LMS key is involved, it
> can only be `HSS/LMS`.
> 2. The `digestAlgorithm` field in a PKCS7 `SignerInfo`. It must be the same
> as the hash algorithm used by the HSS/LMS k
On Thu, 16 Nov 2023 16:25:33 GMT, Weijun Wang wrote:
>> src/java.base/share/classes/sun/security/pkcs/PKCS7.java line 872:
>>
>>> 870: */
>>> 871: @Deprecated(since="16", forRemoval=true)
>>> 872: public static byte[] generateSignedData(byte[] signature,
>>
>> Are you sure you want
On Thu, 16 Nov 2023 15:36:08 GMT, Sean Mullan wrote:
>> Code changes for HSS/LMS that's related to keytool and jarsigner:
>>
>> 1. No need to add `-sigalg` for both tools when HSS/LMS key is involved, it
>> can only be `HSS/LMS`.
>> 2. The `digestAlgorithm` field in a PKCS7 `SignerInfo`. It mus
On Thu, 16 Nov 2023 14:50:23 GMT, Weijun Wang wrote:
> Update `public_suffix_list.dat` to the latest.
Looks good to me. I never knew this existed.
-
PR Comment: https://git.openjdk.org/jdk/pull/16692#issuecomment-1814778083
On Thu, 16 Nov 2023 15:45:38 GMT, Sean Mullan wrote:
>> Code changes for HSS/LMS that's related to keytool and jarsigner:
>>
>> 1. No need to add `-sigalg` for both tools when HSS/LMS key is involved, it
>> can only be `HSS/LMS`.
>> 2. The `digestAlgorithm` field in a PKCS7 `SignerInfo`. It mus
On Wed, 31 May 2023 22:38:20 GMT, Weijun Wang wrote:
> Code changes for HSS/LMS that's related to keytool and jarsigner:
>
> 1. No need to add `-sigalg` for both tools when HSS/LMS key is involved, it
> can only be `HSS/LMS`.
> 2. The `digestAlgorithm` field in a PKCS7 `SignerInfo`. It must be
On Wed, 31 May 2023 22:38:20 GMT, Weijun Wang wrote:
> Code changes for HSS/LMS that's related to keytool and jarsigner:
>
> 1. No need to add `-sigalg` for both tools when HSS/LMS key is involved, it
> can only be `HSS/LMS`.
> 2. The `digestAlgorithm` field in a PKCS7 `SignerInfo`. It must be
Update `public_suffix_list.dat` to the latest.
-
Commit messages:
- initial change
Changes: https://git.openjdk.org/jdk/pull/16692/files
Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=16692&range=00
Issue: https://bugs.openjdk.org/browse/JDK-8320208
Stats: 3002 lines in 4 fil
Update XMLDsig implementation to match Apache Santuario 3.0.3.
Changes include (significance in descending order):
- `SignatureMethod.java`: new signature method URIs defined
- `SignatureBaseRSA.java`: `SignatureBaseRSAPSS` and refactoring
- `JCEMapper.java`: use of `ThreadLocal`
- `DigestorOutpu
On Wed, 31 May 2023 22:38:20 GMT, Weijun Wang wrote:
> Code changes for HSS/LMS that's related to keytool and jarsigner:
>
> 1. No need to add `-sigalg` for both tools when HSS/LMS key is involved, it
> can only be `HSS/LMS`.
> 2. The `digestAlgorithm` field in a PKCS7 `SignerInfo`. It must be
Code changes for HSS/LMS that's related to keytool and jarsigner:
1. No need to add `-sigalg` for both tools when HSS/LMS key is involved, it can
only be `HSS/LMS`.
2. The `digestAlgorithm` field in a PKCS7 `SignerInfo`. It must be the same as
the hash algorithm used by the HSS/LMS key. This nee
22 matches
Mail list logo
