On Wed, 24 Sep 2025 19:28:12 GMT, Sean Mullan wrote:
>> Mark Powers has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> fix behavior with keytool
>
> src/java.base/share/classes/sun/security/pkcs12/
On Wed, 24 Sep 2025 16:53:17 GMT, Weijun Wang wrote:
>> src/java.base/share/classes/sun/security/pkcs12/PKCS12KeyStore.java line
>> 1493:
>>
>>> 1491: if (!(kdfHmac.equals("HmacSHA512") ||
>>> 1492: kdfHmac.equals("HmacSHA256"))) {
>>> 1493:
> [JDK-8343232](https://bugs.openjdk.org/browse/JDK-8343232)
Mark Powers has updated the pull request incrementally with one additional
commit since the last revision:
move algorithm-specific code into MacData and no change to SunJCE
-
Changes:
- all: https://git.openjdk.
On Wed, 24 Sep 2025 13:23:44 GMT, Weijun Wang wrote:
>> Mark Powers has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> fix behavior with keytool
>
> src/java.base/share/classes/sun/security/pkcs12/PKCS12KeySt
> [JDK-8343232](https://bugs.openjdk.org/browse/JDK-8343232)
Mark Powers has updated the pull request incrementally with one additional
commit since the last revision:
fix behavior with keytool
-
Changes:
- all: https://git.openjdk.org/jdk/pull/24429/files
- new: ht
On Mon, 22 Sep 2025 22:47:10 GMT, Weijun Wang wrote:
>> Then you can't read in an old keystore and write it back out as a PBMAC1
>> keystore?
>>
>> I thought the PBE* security property value, if present, applied to all
>> keystore writes.
>
> It writes back using the original Mac algorithm.
>
On Mon, 22 Sep 2025 21:13:38 GMT, Weijun Wang wrote:
>> Mark Powers has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> default salt length and one other comment from Weijun
>
> src/java.base/sha
On Mon, 22 Sep 2025 20:39:22 GMT, Weijun Wang wrote:
>> If the keystore.pkcs12.macAlgorithm security property starts with PBE then
>> shouldn't an old MAC protected keystore be written with PBMAC1 protection?
>>
>> I tried those two commands and they work as expected. I did fix a few
>> proble
On Wed, 9 Jul 2025 05:42:52 GMT, Valerie Peng wrote:
>> Mark Powers has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> default salt length and one other comment from Weijun
>
> src/java.base/s
On Tue, 16 Sep 2025 18:37:15 GMT, Bernd wrote:
>> Mark Powers has updated the pull request with a new target base due to a
>> merge or a rebase. The pull request now contains 17 commits:
>>
>> - merge
>> - removed changes to PBMAC1Core and addressed some com
> [JDK-8343232](https://bugs.openjdk.org/browse/JDK-8343232)
Mark Powers has updated the pull request incrementally with one additional
commit since the last revision:
default salt length and one other comment from Weijun
-
Changes:
- all: https://git.openjdk.org/jdk/p
On Wed, 17 Sep 2025 14:38:52 GMT, Weijun Wang wrote:
>> Mark Powers has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> a few more comments
>
> src/java.base/share/classes/sun/security/pkcs12/PKCS12KeySt
On Fri, 19 Sep 2025 18:06:14 GMT, Weijun Wang wrote:
>> Imagine reading a PBMAC1 protected keystore with a 32 byte salt. Now it's
>> time to write it out. You have to remember the salt length of whatever
>> PBMAC1 you just read in order to generate a new salt of the same length. It
>> doesn't
> [JDK-8343232](https://bugs.openjdk.org/browse/JDK-8343232)
Mark Powers has updated the pull request incrementally with one additional
commit since the last revision:
remove the extras
-
Changes:
- all: https://git.openjdk.org/jdk/pull/24429/files
- new: ht
On Fri, 19 Sep 2025 18:27:25 GMT, Sean Mullan wrote:
>> Mark Powers has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> comment from Sean
>
> src/java.base/share/classes/sun/security/pkcs12/MacData.jav
On Fri, 5 Sep 2025 11:41:55 GMT, Sean Mullan wrote:
>> Mark Powers has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> a few more comments
>
> src/java.base/share/classes/com/sun/crypto/provider/PBMAC
On Fri, 19 Sep 2025 17:43:41 GMT, Sean Mullan wrote:
>> Mark Powers has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> comment from Sean
>
> src/java.base/share/classes/sun/security/pkcs12/MacData.java
> [JDK-8343232](https://bugs.openjdk.org/browse/JDK-8343232)
Mark Powers has updated the pull request incrementally with one additional
commit since the last revision:
a few more comments
-
Changes:
- all: https://git.openjdk.org/jdk/pull/24429/files
- new: ht
On Tue, 16 Sep 2025 22:55:17 GMT, Mark Powers wrote:
>> src/java.base/share/classes/com/sun/crypto/provider/PBMAC1Parameters.java
>> line 156:
>>
>>> 154: DerValue kdf = pBMAC1_params.data.getDerValue();
>>> 155: var kdfParams = new PBKDF2P
On Thu, 4 Sep 2025 19:58:26 GMT, Valerie Peng wrote:
>> Mark Powers has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> a few more comments
>
> src/java.base/share/classes/com/sun/crypto/provider/PBMAC1Paramete
On Fri, 11 Jul 2025 19:47:57 GMT, Mark Powers wrote:
>> src/java.base/share/classes/com/sun/crypto/provider/PBES2Parameters.java
>> line 231:
>>
>>> 229:
>>> 230: var kdfParams = new PBKDF2Parameters();
>>> 231: String kdfAlgo = k
On Wed, 17 Sep 2025 14:32:56 GMT, Weijun Wang wrote:
>> src/java.base/share/classes/sun/security/pkcs12/PKCS12KeyStore.java line 180:
>>
>>> 178: private int macSaltLength = -1;
>>> 179: private byte[] extraSalt = null;
>>> 180: private int extraIterationCount = -1;
>>
>> I don't th
On Tue, 16 Sep 2025 22:56:02 GMT, Mark Powers wrote:
>> In fact, this will change the behavior of the Mac algorithm
>> `PBEWithHmacSHA256` since we hardcoded `keyLength` as `blockLength` there.
>
> I made the check in MacData on the DER input stream instead. That said,
> [JDK-8343232](https://bugs.openjdk.org/browse/JDK-8343232)
Mark Powers has updated the pull request incrementally with one additional
commit since the last revision:
comment from Sean
-
Changes:
- all: https://git.openjdk.org/jdk/pull/24429/files
- new: ht
On Wed, 17 Sep 2025 14:37:45 GMT, Weijun Wang wrote:
>> Mark Powers has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> a few more comments
>
> src/java.base/share/classes/sun/security/pkcs12/PKCS12KeySt
On Fri, 5 Sep 2025 13:02:24 GMT, Sean Mullan wrote:
>> Mark Powers has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> a few more comments
>
> src/java.base/share/classes/sun/security/pkcs12/PKCS12KeySt
On Wed, 17 Sep 2025 15:35:29 GMT, Mark Powers wrote:
>> src/java.base/share/classes/sun/security/pkcs12/PKCS12KeyStore.java line
>> 1489:
>>
>>> 1487: final MacData macData;
>>> 1488:
>>> 1489: if (macAlgorithm.equals("PB
> [JDK-8343232](https://bugs.openjdk.org/browse/JDK-8343232)
Mark Powers has updated the pull request incrementally with one additional
commit since the last revision:
a few more comments
-
Changes:
- all: https://git.openjdk.org/jdk/pull/24429/files
- new: ht
On Wed, 3 Sep 2025 01:21:58 GMT, Valerie Peng wrote:
>> fixed
>
> The indentation still doesn't look right... Line 139 should align with line
> 138? Same goes for line 140-150.
Now I see it.
-
PR Review Comment: https://git.openjdk.org/jdk/pull/24429#discussion_r2353273364
On Fri, 5 Sep 2025 13:06:47 GMT, Sean Mullan wrote:
>> Mark Powers has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> a few more comments
>
> src/java.base/share/classes/com/sun/crypto/provider/S
On Fri, 5 Sep 2025 12:06:53 GMT, Sean Mullan wrote:
>> Mark Powers has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> a few more comments
>
> src/java.base/share/classes/sun/security/pkcs12/PKCS12KeySt
On Thu, 4 Sep 2025 21:21:04 GMT, Weijun Wang wrote:
>> Is it possible to add a `keyLength` argument to the constructor, so that a
>> different key length can be set along with the block length.
>
> In fact, this will change the behavior of the Mac algorithm
> `PBEWithHmacSHA256` since we hardco
On Tue, 16 Sep 2025 18:11:32 GMT, Mark Powers wrote:
>> [JDK-8343232](https://bugs.openjdk.org/browse/JDK-8343232)
>
> Mark Powers has updated the pull request with a new target base due to a
> merge or a rebase. The pull request now contains 17 commits:
>
> - merge
&g
On Fri, 11 Jul 2025 23:06:34 GMT, Mark Powers wrote:
>> src/java.base/share/classes/com/sun/crypto/provider/PBMAC1Parameters.java
>> line 162:
>>
>>> 160: DerValue kdf = pBMAC1_params.data.getDerValue();
>>> 161: var kdfParams = new PBKDF2P
> [JDK-8343232](https://bugs.openjdk.org/browse/JDK-8343232)
Mark Powers has updated the pull request with a new target base due to a merge
or a rebase. The pull request now contains 17 commits:
- merge
- removed changes to PBMAC1Core and addressed some comments from Valerie
- small chan
On Tue, 2 Sep 2025 19:55:13 GMT, Valerie Peng wrote:
>> Mark Powers has updated the pull request with a new target base due to a
>> merge or a rebase. The pull request now contains 17 commits:
>>
>> - merge
>> - removed changes to PBMAC1Core and addres
[JDK-8343232](https://bugs.openjdk.org/browse/JDK-8343232)
-
Commit messages:
- small changes
- not used
- refresh index
- Merge
- rework to eliminate PBMAC1ParameterSpec
- merge
- comments from Valerie
- missed this new file
- final approach
- merge
- ... and 5 more: https
On Tue, 8 Jul 2025 18:17:58 GMT, Valerie Peng wrote:
>> [JDK-8343232](https://bugs.openjdk.org/browse/JDK-8343232)
>
> src/java.base/share/classes/com/sun/crypto/provider/PBES2Parameters.java line
> 231:
>
>> 229:
>> 230: var kdfParams = new PBKDF2Parameters();
>> 231: String k
On Tue, 5 Aug 2025 14:31:24 GMT, Weijun Wang wrote:
>> The private key encoding formats of ML-KEM and ML-DSA are updated to match
>> the latest IETF drafts at:
>> https://datatracker.ietf.org/doc/html/draft-ietf-lamps-dilithium-certificates-11
>> and
>> https://datatracker.ietf.org/doc/html/d
On Thu, 14 Aug 2025 15:17:09 GMT, Weijun Wang wrote:
> See the bug report for details. Basically, entries in the SF set should
> always be removed no matter if it's treated signed or not.
test/jdk/sun/security/tools/jarsigner/RemovedFiles.java line 44:
> 42: = "This jar contains si
On Wed, 16 Jul 2025 14:38:16 GMT, Andrey Turbanov wrote:
>> Mark Powers has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> comments from turbanoff
>
> test/micro/org/openjdk/bench/java/security/Protecti
> [JDK-8350709](https://bugs.openjdk.org/browse/JDK-8350709)
Mark Powers has updated the pull request incrementally with one additional
commit since the last revision:
comments from turbanoff
-
Changes:
- all: https://git.openjdk.org/jdk/pull/26301/files
- new: ht
On Mon, 14 Jul 2025 19:25:38 GMT, Mark Powers wrote:
> [JDK-8350709](https://bugs.openjdk.org/browse/JDK-8350709)
Tested with 10 threads. A one thread benchmark now measures about 10 percent
worse than before this change. With 10 threads, the benchmark is much faster
than with 1 th
[JDK-8350709](https://bugs.openjdk.org/browse/JDK-8350709)
-
Commit messages:
- second iteration
- first iteration
Changes: https://git.openjdk.org/jdk/pull/26301/files
Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=26301&range=00
Issue: https://bugs.openjdk.org/browse/JDK-83
[JDK-8350711](https://bugs.openjdk.org/browse/JDK-8350711)
-
Commit messages:
- second iteration
- first iteration
Changes: https://git.openjdk.org/jdk/pull/26081/files
Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=26081&range=00
Issue: https://bugs.openjdk.org/browse/JDK-83
On Tue, 1 Jul 2025 23:56:45 GMT, Mark Powers wrote:
> [JDK-8350711](https://bugs.openjdk.org/browse/JDK-8350711)
Tested with 10 threads.
-
PR Comment: https://git.openjdk.org/jdk/pull/26081#issuecomment-3025876188
On Fri, 20 Jun 2025 20:21:19 GMT, Artur Barashev wrote:
> Wrap the FileInputStream into a BufferedInputStream which reduces the number
> of actual file reads when loading a key store.
Update copyright date.
src/java.base/share/classes/sun/security/ssl/TrustStoreManager.java line 379:
> 377:
On Wed, 4 Jun 2025 14:59:43 GMT, Weijun Wang wrote:
> Add more comment on why `KeyUtil::getKeySize` could return -1. Add a new
> method `getNistCategory` to get the NIST security category.
src/java.base/share/classes/sun/security/util/KeyUtil.java line 56:
> 54: * Traditionally, the key s
On Thu, 29 May 2025 19:06:15 GMT, Sean Coffey wrote:
> Removal of the `+thread` and `+timestamp` options that were used to control
> the logging behavior of output from the `java.security.debug` system property.
>
>
> To enhance the security debug logs, the thread and timestamp data should
>
On Thu, 1 May 2025 11:55:20 GMT, Weijun Wang wrote:
>> src/java.base/share/classes/sun/security/util/KeyUtil.java line 506:
>>
>>> 504: if (seed == null) return null;
>>> 505: skOctets = new byte[seed.length + 2];
>>> 506: skOctets[0] = (byte)0x80;
On Wed, 30 Apr 2025 15:43:31 GMT, Weijun Wang wrote:
> The private key encoding formats of ML-KEM and ML-DSA are updated to match
> the latest IETF drafts at:
> https://datatracker.ietf.org/doc/html/draft-ietf-lamps-dilithium-certificates-08
> and
> https://datatracker.ietf.org/doc/html/draft
On Wed, 30 Apr 2025 15:43:31 GMT, Weijun Wang wrote:
> The private key encoding formats of ML-KEM and ML-DSA are updated to match
> the latest IETF drafts at:
> https://datatracker.ietf.org/doc/html/draft-ietf-lamps-dilithium-certificates-08
> and
> https://datatracker.ietf.org/doc/html/draft
On Tue, 29 Apr 2025 18:16:47 GMT, Sean Mullan wrote:
>> done
>
> This is a side issue, but it looks like this API can also throw
> `IndexOutOfBoundsException` if an offset is input which causes
> `System.arraycopy` (on line 112) to access the iv out of range. Please check
> and file a separate
On Thu, 24 Apr 2025 17:22:22 GMT, Mark Powers wrote:
> [JDK-8351113](https://bugs.openjdk.org/browse/JDK-8351113)
This pull request has now been integrated.
Changeset: c2485d5f
Author: Mark Powers
URL:
https://git.openjdk.org/jdk/commit/c2485d5f7dd00eaed34a5d309276114eb4c78cb0
St
> [JDK-8351113](https://bugs.openjdk.org/browse/JDK-8351113)
Mark Powers has updated the pull request incrementally with one additional
commit since the last revision:
third comment from Sean
-
Changes:
- all: https://git.openjdk.org/jdk/pull/24854/files
- new: ht
On Tue, 29 Apr 2025 16:52:09 GMT, Sean Mullan wrote:
>> Mark Powers has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> second comment from Sean
>
> test/jdk/java/security/spec/RC2ParameterSpec/InvalidA
On Tue, 29 Apr 2025 13:08:36 GMT, Sean Mullan wrote:
>> Mark Powers has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> comment from Sean
>
> src/java.base/share/classes/javax/crypto/spec/RC2Paramete
> [JDK-8351113](https://bugs.openjdk.org/browse/JDK-8351113)
Mark Powers has updated the pull request incrementally with one additional
commit since the last revision:
second comment from Sean
-
Changes:
- all: https://git.openjdk.org/jdk/pull/24854/files
- new: ht
On Tue, 22 Apr 2025 20:27:04 GMT, Rajan Halade wrote:
> The change is to remove two Camerfirma root certificates which are terminated
> and no longer in use. These two roots are removed from `cacerts` truststore.
> Distrust of these roots is also removed as these roots will no longer be
> trus
On Mon, 28 Apr 2025 20:13:47 GMT, Sean Mullan wrote:
>> Mark Powers has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> need test
>
> test/jdk/java/security/spec/InvalidArrayIndex.java line 1:
>
>> 1:
> [JDK-8351113](https://bugs.openjdk.org/browse/JDK-8351113)
Mark Powers has updated the pull request incrementally with one additional
commit since the last revision:
comment from Sean
-
Changes:
- all: https://git.openjdk.org/jdk/pull/24854/files
- new: ht
> [JDK-8351113](https://bugs.openjdk.org/browse/JDK-8351113)
Mark Powers has updated the pull request incrementally with one additional
commit since the last revision:
need test
-
Changes:
- all: https://git.openjdk.org/jdk/pull/24854/files
- new: https://git.openjdk.org/
[JDK-8351113](https://bugs.openjdk.org/browse/JDK-8351113)
-
Commit messages:
- first iteration
Changes: https://git.openjdk.org/jdk/pull/24854/files
Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=24854&range=00
Issue: https://bugs.openjdk.org/browse/JDK-8351113
Stats: 6 lin
On Tue, 15 Apr 2025 23:01:56 GMT, Valerie Peng wrote:
>> As part of [https://bugs.openjdk.org/browse/JDK-8301553](JDK-8301553),
>> SunPKCS11 provider added support for PBE SecretKeyFactories for
>> `HmacPBESHAxxx` and `PBEWithHmacSHAxxxAndAES_yyy`. These impls produce keys
>> whose encoding co
On Wed, 16 Apr 2025 14:57:20 GMT, Artur Barashev wrote:
>> MD5 algorithm is prohibited by TLSv1.3 RFC to be used in certificates:
>>
>>
>> Any endpoint receiving any certificate which it would need to
>> validate using any signature algorithm using an MD5 hash MUST abort
>> the handshake with a
On Tue, 11 Feb 2025 18:46:29 GMT, Mikhail Yankelevich
wrote:
>> Refactored the runNameEquals.sh to java test
>
> Mikhail Yankelevich has updated the pull request incrementally with one
> additional commit since the last revision:
>
> minor
Looks good to me. IntelliJ couldn't find problems e
On Sun, 6 Apr 2025 00:32:17 GMT, Sergey Kuksenko wrote:
>> Update crypto microbenchmarks to cover ML-DSA, ML-KEM, and HSS algorithms.
>
> Sergey Kuksenko has updated the pull request incrementally with one
> additional commit since the last revision:
>
> Update test/micro/org/openjdk/bench/ja
On Mon, 3 Mar 2025 19:00:59 GMT, Ferenc Rakoczi wrote:
>> By using the AVX-512 vector registers the speed of the computation of the
>> ML-DSA algorithms (key generation, document signing, signature verification)
>> can be approximately doubled.
>
> Ferenc Rakoczi has updated the pull request in
On Mon, 17 Feb 2025 13:53:30 GMT, Ferenc Rakoczi wrote:
> By using the aarch64 vector registers the speed of the computation of the
> ML-KEM algorithms (key generation, encapsulation, decapsulation) can be
> approximately doubled.
ML-KEM benchmark results of this PR:
MLKEM.decapsulate 512 1
On Sat, 18 Jan 2025 00:14:58 GMT, Mark Powers wrote:
> [JDK-8267068](https://bugs.openjdk.org/browse/JDK-8267068)
This pull request has now been integrated.
Changeset: 50239716
Author: Mark Powers
URL:
https://git.openjdk.org/jdk/commit/50239716403732fe8af73b4b6f006b6a4b7b22db
St
> [JDK-8267068](https://bugs.openjdk.org/browse/JDK-8267068)
Mark Powers has updated the pull request incrementally with one additional
commit since the last revision:
nit
-
Changes:
- all: https://git.openjdk.org/jdk/pull/23188/files
- new: https://git.openjdk.org/jdk/p
On Wed, 12 Feb 2025 18:41:45 GMT, Valerie Peng wrote:
>> Maybe we should just state that ArrayIndexOutOfBoundsException is thrown if
>> `offset` or `len` is negative? The current wording for AIOOBE seems to
>> suggest that it covers the case when `offset` or `len` is too large. But
>> that is
On Wed, 12 Feb 2025 21:08:50 GMT, Valerie Peng wrote:
>> Mark Powers has updated the pull request with a new target base due to a
>> merge or a rebase. The pull request now contains three commits:
>>
>> - Merge master
>> - review comments from Valerie and Sean
> [JDK-8267068](https://bugs.openjdk.org/browse/JDK-8267068)
Mark Powers has updated the pull request with a new target base due to a merge
or a rebase. The pull request now contains three commits:
- Merge master
- review comments from Valerie and Sean
- first iterat
> [JDK-8267068](https://bugs.openjdk.org/browse/JDK-8267068)
Mark Powers has updated the pull request incrementally with one additional
commit since the last revision:
review comments from Valerie and Sean
-
Changes:
- all: https://git.openjdk.org/jdk/pull/23188/files
-
On Thu, 6 Feb 2025 18:47:54 GMT, Ferenc Rakoczi wrote:
>> By using the aarch64 vector registers the speed of the computation of the
>> ML-DSA algorithms (key generation, document signing, signature verification)
>> can be approximately doubled.
>
> Ferenc Rakoczi has updated the pull request in
On Wed, 5 Feb 2025 20:22:47 GMT, Mark Powers wrote:
> Hi all,
>
> This pull request contains a backport of commit 2f2f7cf0 from the openjdk/jdk
> repository.
>
> The commit being backported was authored by Mark Powers on 5 Feb 2025 and was
> reviewed by Weijun Wang.
&g
[JDK-8349084](https://bugs.openjdk.org/browse/JDK-8349084)
-
Commit messages:
- Backport 2f2f7cf082f11d6dfc4f8a5401ec1c5629dc
Changes: https://git.openjdk.org/jdk/pull/23473/files
Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=23473&range=00
Issue: https://bugs.openjdk.org
On Tue, 4 Feb 2025 23:39:48 GMT, Mark Powers wrote:
> [JDK-8349084](https://bugs.openjdk.org/browse/JDK-8349084)
This pull request has now been integrated.
Changeset: 2f2f7cf0
Author: Mark Powers
URL:
https://git.openjdk.org/jdk/commit/2f2f7cf082f11d6dfc4f8a5401ec1c5629dc
St
> [JDK-8349084](https://bugs.openjdk.org/browse/JDK-8349084)
Mark Powers has updated the pull request incrementally with one additional
commit since the last revision:
update LMS test vectors
-
Changes:
- all: https://git.openjdk.org/jdk/pull/23452/files
- new: ht
[JDK-8349084](https://bugs.openjdk.org/browse/JDK-8349084)
-
Commit messages:
- first iteration
Changes: https://git.openjdk.org/jdk/pull/23452/files
Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=23452&range=00
Issue: https://bugs.openjdk.org/browse/JDK-8349084
Stats: 2310
On Wed, 8 Jan 2025 23:27:34 GMT, Mark Powers wrote:
> [JDK-8346587](https://bugs.openjdk.org/browse/JDK-8346587)
This pull request has now been integrated.
Changeset: 907350e9
Author: Mark Powers
URL:
https://git.openjdk.org/jdk/commit/907350e9e8e9b66365e9eaa3ae89ddc55cf9731f
St
On Thu, 23 Jan 2025 22:17:14 GMT, Sean Mullan wrote:
>> I think you added the fields for the root certificates, and not these
>> certificates. Also, these are not root certificates, so I would remove "Root
>> Certificate".
>>
>> You can use `keytool -printcert -file ...` and just include the f
> [JDK-8346587](https://bugs.openjdk.org/browse/JDK-8346587)
Mark Powers has updated the pull request incrementally with one additional
commit since the last revision:
no root certificate
-
Changes:
- all: https://git.openjdk.org/jdk/pull/22985/files
- new: ht
On Thu, 23 Jan 2025 17:56:06 GMT, Sean Mullan wrote:
>> Mark Powers has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> comments from Sean
>
> test/jdk/sun/security/ssl/X509TrustManagerImpl/distrust/Camerf
> [JDK-8346587](https://bugs.openjdk.org/browse/JDK-8346587)
Mark Powers has updated the pull request incrementally with one additional
commit since the last revision:
comments from Sean
-
Changes:
- all: https://git.openjdk.org/jdk/pull/22985/files
- new: ht
[JDK-8346587](https://bugs.openjdk.org/browse/JDK-8346587)
-
Commit messages:
- first iteration
Changes: https://git.openjdk.org/jdk/pull/22985/files
Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=22985&range=00
Issue: https://bugs.openjdk.org/browse/JDK-8346587
Stats: 342 l
On Sat, 18 Jan 2025 00:14:58 GMT, Mark Powers wrote:
> [JDK-8267068](https://bugs.openjdk.org/browse/JDK-8267068)
So a CSR is needed even if the only change is to sync javadoc with the code?
-
PR Comment: https://git.openjdk.org/jdk/pull/23188#issuecomment-2605202927
[JDK-8267068](https://bugs.openjdk.org/browse/JDK-8267068)
-
Commit messages:
- first iteration
Changes: https://git.openjdk.org/jdk/pull/23188/files
Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=23188&range=00
Issue: https://bugs.openjdk.org/browse/JDK-8267068
Stats: 15 li
On Mon, 13 Jan 2025 23:42:27 GMT, Weijun Wang wrote:
>> src/java.base/share/classes/sun/security/provider/HSS.java line 788:
>>
>>> 786: if (keyArray[0] == DerValue.tag_OctetString
>>> 787: && keyArray[1] == keyArray.length - 2) {
>>> 788: // pre-8
On Mon, 13 Jan 2025 18:26:17 GMT, Weijun Wang wrote:
>> Update the encoding of HSS/LMS public key to be consistent with
>> https://www.rfc-editor.org/rfc/rfc9708.html#name-changes-since-rfc-8708 and
>> https://datatracker.ietf.org/doc/html/draft-ietf-lamps-x509-shbs-13#name-hss-public-keys.
>
>
On Fri, 13 Dec 2024 15:10:15 GMT, Weijun Wang wrote:
>> Traditionally, an asymmetric key has a key size. The size is displayed by
>> `keytool` and `jarsigner`, both in informational output and weak-key
>> warnings. However, for the recently added ML-DSA algorithm, key size is not
>> defined.
>
On Thu, 5 Dec 2024 20:54:58 GMT, Weijun Wang wrote:
> Update XML Signature to Apache Santuario 3.0.5.
The only thing I noticed were old Oracle copyright dates in some files with
"dom" or "DOM" in their path names. Many contained a single 2005 but at least
one had 2005 plus another date that wa
On Thu, 5 Dec 2024 20:54:58 GMT, Weijun Wang wrote:
> Update XML Signature to Apache Santuario 3.0.5.
src/java.xml.crypto/share/legal/santuario.md line 226:
> 224:
> 225: This product contains software that is
> 226: copyright (c) 2021, 2023, Oracle and/or its affiliates.
Why not 2024?
-
On Thu, 14 Nov 2024 00:44:35 GMT, Volodymyr Paprotski
wrote:
>> Measuring throughput with JMH parameters `-f 1 -i 2 -wi 3 -r 20 -w 30 -p
>> algorithm=AES/CBC/NoPadding -p dataSize=3000 -p provider=SunJCE -p
>> keyLength=128 org.openjdk.bench.javax.crypto.full.AESBench`
>>
>> Before:
>>
On Tue, 7 Feb 2023 15:58:31 GMT, Mark Powers wrote:
>> https://bugs.openjdk.org/browse/JDK-8300416
>
> Mark Powers has updated the pull request incrementally with one additional
> commit since the last revision:
>
> Sean's test comment
I would backport. It's
On Fri, 8 Nov 2024 18:00:42 GMT, Weijun Wang wrote:
>> Here we have a launcher and several algorithm-specific tests. Users can
>> populate "internalProjection.json" files generated by NIST's ACVP Server
>> into the `data` directory and test them with the launcher.
>>
>> Currently, only SHA2, S
On Thu, 7 Nov 2024 16:14:45 GMT, Mark Powers wrote:
>> Ben Perez has updated the pull request incrementally with two additional
>> commits since the last revision:
>>
>> - checking already implemented
>> - no need to break into sections
>
> test/m
On Thu, 7 Nov 2024 00:37:02 GMT, Ben Perez wrote:
>> Java implementation of ML-DSA, the FIPS 204 post-quantum signature scheme
>> https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.204.pdf. Depends on
>> https://github.com/openjdk/jdk/pull/21167
>
> Ben Perez has updated the pull request incremen
On Thu, 7 Nov 2024 00:37:02 GMT, Ben Perez wrote:
>> Java implementation of ML-DSA, the FIPS 204 post-quantum signature scheme
>> https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.204.pdf. Depends on
>> https://github.com/openjdk/jdk/pull/21167
>
> Ben Perez has updated the pull request incremen
1 - 100 of 435 matches
Mail list logo
