On Sat, 17 May 2025 19:42:39 GMT, Nizar Benalla wrote:
> Please review this patch to fix some `javadoc` bugs in `java.base`.
> Certain `@link` tags used to refer to private fields instead of public APIs.
>
> A couple of `@see` tags in the [serialization
> page](https://download.java.net/java/ea
On Sat, 17 May 2025 19:42:39 GMT, Nizar Benalla wrote:
> Please review this patch to fix some `javadoc` bugs in `java.base`.
> Certain `@link` tags used to refer to private fields instead of public APIs.
>
> A couple of `@see` tags in the [serialization
> page](https://download.java.net/java/ea
> The stateless session ticket is included in the ClientHello message, either
> in the stateless_ticket extension (pre-TLS1.3), or in the pre_shared_key
> extension (TLS1.3). With the current construction, the ticket is often the
> largest contributor to the ClientHello message size. For example
On Mon, 19 May 2025 20:28:46 GMT, Bradford Wetmore wrote:
>> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE
>> respectively.
>>
>> CSR is underway.
>>
>> Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK
>> API (jck:api/java_security jck:
The stateless session ticket is included in the ClientHello message, either in
the stateless_ticket extension (pre-TLS1.3), or in the pre_shared_key extension
(TLS1.3). With the current construction, the ticket is often the largest
contributor to the ClientHello message size. For example, in Htt
On Fri, 16 May 2025 19:53:39 GMT, Weijun Wang wrote:
> This is a routine update to synchronize with the [Mozilla Public Suffix
> List](https://github.com/publicsuffix/list) for JDK 25, matching commit
> 823beb1 from 2025-05-12.
>
> The test has been updated to reflect corresponding changes.
>
On Mon, 19 May 2025 11:31:23 GMT, Nizar Benalla wrote:
>> src/java.base/share/classes/java/lang/invoke/MethodType.java line 1341:
>>
>>> 1339: * @throws ClassNotFoundException if one of the component classes
>>> cannot be resolved
>>> 1340: * @see MethodType.readResolve()
>>> 1341:
On Mon, 19 May 2025 15:13:26 GMT, Hai-May Chao wrote:
>> Bradford Wetmore has updated the pull request incrementally with one
>> additional commit since the last revision:
>>
>> Updated copyright dates.
>
> src/java.base/share/classes/sun/security/ssl/SSLSessionImpl.java line 1623:
>
>> 1621
> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE
> respectively.
>
> CSR is underway.
>
> Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK
> API (jck:api/java_security jck:api/javax_crypto jck:api/javax_net
> jck:api/javax_security jck:ap
On Mon, 19 May 2025 15:06:26 GMT, Hai-May Chao wrote:
>> Bradford Wetmore has updated the pull request incrementally with one
>> additional commit since the last revision:
>>
>> Updated copyright dates.
>
> src/java.base/share/classes/sun/security/ssl/SSLSessionImpl.java line 746:
>
>> 744:
Hi Sebastian,
Thanks for your interest in the security APIs.
This issue is more complex than it looks on the surface. You have
alluded to one of the issues, which is that BigInteger is immutable and
thus cannot be easily cleared.
Rather than trying to have a discussion about this now, I woul
Hi Sebastian,
Thanks for your interest on the KDF APIs.
As the name suggests, the PRK is a key, and we've represented it as a
SecretKey. It's always complete, of fixed length, and provided in a single
step. This is quite different from the IKM, which may come in various forms, or
even a combin
> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE
> respectively.
>
> CSR is underway.
>
> Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK
> API (jck:api/java_security jck:api/javax_crypto jck:api/javax_net
> jck:api/javax_security jck:ap
Hi,
I’m using the HKDF extract and expand steps separately for this step [1] in
HPKE.
In this case I need to pass a byte[] prk to expandOnly(…), however the API only
accepts a SecretKey, forcing me to wrap the bytes just for them to be unwrapped
by the expand operation again. Probably this has
Please review this patch to fix some `javadoc` bugs in `java.base`.
Certain `@link` tags used to refer to private fields instead of public APIs.
A couple of `@see` tags in the [serialization
page](https://download.java.net/java/early_access/jdk25/docs/api/serialized-form.html#java.lang.invoke.Met
On Sun, 18 May 2025 02:18:24 GMT, Chen Liang wrote:
>> Please review this patch to fix some `javadoc` bugs in `java.base`.
>> Certain `@link` tags used to refer to private fields instead of public APIs.
>>
>> A couple of `@see` tags in the [serialization
>> page](https://download.java.net/java/
On Sun, 18 May 2025 02:17:46 GMT, Chen Liang wrote:
>> Please review this patch to fix some `javadoc` bugs in `java.base`.
>> Certain `@link` tags used to refer to private fields instead of public APIs.
>>
>> A couple of `@see` tags in the [serialization
>> page](https://download.java.net/java/
On Sat, 17 May 2025 19:42:39 GMT, Nizar Benalla wrote:
> Please review this patch to fix some `javadoc` bugs in `java.base`.
> Certain `@link` tags used to refer to private fields instead of public APIs.
>
> A couple of `@see` tags in the [serialization
> page](https://download.java.net/java/ea
On Sat, 17 May 2025 00:03:10 GMT, Bradford Wetmore wrote:
>> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE
>> respectively.
>>
>> CSR is underway.
>>
>> Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK
>> API (jck:api/java_security jck:
On Sat, 17 May 2025 00:03:10 GMT, Bradford Wetmore wrote:
>> Adds the RFC 5705/8446 TLS Key Exporters API/implementation to JSSE/SunJSSE
>> respectively.
>>
>> CSR is underway.
>>
>> Tests include new unit tests for TLSv1-1.3. Will run tier1-2, plus the JCK
>> API (jck:api/java_security jck:
On Fri, 31 Jan 2025 15:56:29 GMT, Mikhail Yankelevich
wrote:
> Refactor test/java/security/cert/CertificateFactory/slowstream.sh to java test
This pull request has now been integrated.
Changeset: fbc12be7
Author:Mikhail Yankelevich
Committer: Weijun Wang
URL:
https://git.openjdk.o
Hi Sebastian,
The PRK argument always comes from a LabeledExtract output in the RFC
you cite. You can use extract + thenExpand, or generate key material
for expand with deriveKey. Is there any case where you need the prk as
a byte array?
Note that certain providers (PKCS11) may or may not support
Hi all,
I noticed that most classes implementing javax.security.auth.Destroyable do not
actually overwrite it. After discussing this topic with Christian Stein last
week, I decided to add some implementations.
First, I’d like to start with trivial cases with keys encapsulating byte[], as
done
On Fri, 16 May 2025 11:42:08 GMT, Michael McMahon wrote:
>> Hi,
>>
>> Enhanced exception messages are designed to hide sensitive information such
>> as hostnames, IP
>> addresses from exception message strings, unless the enhanced mode for the
>> specific category
>> has been explicitly enab
24 matches
Mail list logo
