On Tue, 25 Jun 2024 01:14:05 GMT, Alexey Bakhtin wrote:
> Please review a proposal to verify Trust Settings for Keychain key entries.
>
> Keychain-related Jtreg tests passed.
This pull request has been closed without being integrated.
-
PR: https://git.openjdk.org/jdk/pull/19872
On Wed, 17 Jul 2024 20:07:36 GMT, Ben Perez wrote:
> 8261513: Various BasicConstraintsExtension issues
This pull request has been closed without being integrated.
-
PR: https://git.openjdk.org/jdk/pull/20224
On Thu, 15 Aug 2024 09:29:00 GMT, Fernando Guallini
wrote:
> In order to improve performance when instantiating NativePRNG, a dummy
> constructor was added in the PR: https://github.com/openjdk/jdk/pull/17560
> which takes and ignores a `java.security.SecureRandomParameters`, throwing an
> ex
On Mon, 9 Sep 2024 18:43:20 GMT, Artur Barashev wrote:
>> https://bugs.openjdk.org/browse/JDK-8329754
>
> Artur Barashev has updated the pull request incrementally with one additional
> commit since the last revision:
>
> Update copyright
@artur-oracle
Your change (at version eabc8779d6f90d
On Fri, 6 Sep 2024 14:13:15 GMT, Ferenc Rakoczi wrote:
>> In preparation for the new PQC algorithms implementations, internal XOF
>> (eXtendable Output Function) methods are added to the SHAKE128 and SHAKE256
>> implementations.
>
> Ferenc Rakoczi has updated the pull request incrementally with
On Tue, 27 Aug 2024 14:49:40 GMT, Fernando Guallini
wrote:
> The test sun/security/validator/samedn.sh failed once due to the following
> reason:
>
> `Caused by: java.security.cert.CertificateNotYetValidException: NotBefore:
> Tue Aug 06 14:41:13 GMT 2024`
>
> This test generates several cer
On Wed, 20 Mar 2024 20:37:46 GMT, Weijun Wang wrote:
> Add `Cipher::export` API.
This pull request has been closed without being integrated.
-
PR: https://git.openjdk.org/jdk/pull/18409
On Fri, 12 Apr 2024 15:56:24 GMT, Sean Coffey wrote:
> The `javax.net.debug` TLS debug option is buggy since TLSv1.3 implementation
> was introduced many years ago.
>
> Where "ssl" was previously a value to obtain all TLS debug traces (except
> network type dumps, verbose data), it now prints
On Mon, 29 Jul 2024 12:43:04 GMT, Fernando Guallini
wrote:
> The test:
> **com/sun/security/auth/callback/TextCallbackHandler/Password.java** would
> benefit from detailed manual steps to ensure it runs correctly. It was added
> to the problem list because it was not executed properly and fai
On Thu, 25 Apr 2024 17:20:11 GMT, Matthew Donovan wrote:
> For this PR, I identified TLS tests that can fail due to hard-code
> certificates expiring. I updated those tests to use certificates that are
> generated programmatically. This includes adding some helper methods to the
> CertificateB
On Fri, 26 Jul 2024 11:06:04 GMT, Fernando Guallini
wrote:
>> The manual test Cipher/DES/PerformanceTest.java fails with
>> ArithmeticException due to potential division by zero. The issue arises when
>> calculating the elapsed time using end - start, which could result in zero
>> millisecond
On Thu, 25 Jul 2024 09:46:48 GMT, Fernando Guallini
wrote:
>> The manual test Cipher/DES/PerformanceTest.java fails with
>> ArithmeticException due to potential division by zero. The issue arises when
>> calculating the elapsed time using end - start, which could result in zero
>> millisecond
On Thu, 11 Jul 2024 20:42:24 GMT, Ben Perez wrote:
>> 8322133: getParameterSpec(ECGenParameterSpec.class) on EC
>> AlgorithmParameters does not return standard names
>
> Ben Perez has updated the pull request incrementally with one additional
> commit since the last revision:
>
> fixed typo
On Sat, 20 Jul 2024 15:32:37 GMT, SendaoYan wrote:
> Hi all,
> The testcase
> `test/jdk/security/infra/java/security/cert/CertPathValidator/certification/CAInterop.java#actalisauthenticationrootca`
> run Error, because the `@run` set conflicted with `/manual` and `/timeout`.
> I think the `/ti
On Sun, 21 Jul 2024 21:15:03 GMT, Nizar Benalla wrote:
>> Can I get a review for this change that fixes some broken links in javadoc
>> comments? The new docs are hosted
>> [here](https://cr.openjdk.org/~nbenalla/GeneratedDocs/8336039-warnings-links/).
>>
>> It's mostly fixing some relative li
On Tue, 9 Jul 2024 07:13:06 GMT, Prajwal Kumaraswamy
wrote:
>> The client identity checks when "HTTPS" endpoint identification algorithm is
>> set on SSL server throws "java.security.cert.CertificateException: No
>> subject alternative names present" when client certificate's SubjectAltName
>
On Wed, 17 Jul 2024 15:42:11 GMT, Fernando Guallini
wrote:
>> As highlighted in the bug description, The test
>> **security/Security/SynchronizedAccess.java** have some issues:
>>
>> 1. it needs to implement the sigalg, otherwise it throws
>> java.security.NoSuchAlgorithmException . Even thou
On Thu, 2 Nov 2023 19:07:48 GMT, Francisco Ferrari Bihurriet
wrote:
> The implementation of this proposal is based on the requirements,
> specification and design choices described in the [JDK-8319332] ticket and
> its respective CSR [JDK-8319333]. What follows are implementation notes
> orga
On Fri, 28 Jun 2024 16:41:00 GMT, Fernando Guallini
wrote:
>> There is a compilation issue in the test
>> **test/jdk/sun/security/tools/keytool/NssTest.java** because the
>> [HumanInputStream](https://github.com/openjdk/jdk/blob/master/test/jdk/java/security/testlibrary/HumanInputStream.java)
On Thu, 27 Jun 2024 15:37:45 GMT, Fernando Guallini
wrote:
>> The following test:
>> **com/sun/security/auth/callback/TextCallbackHandler/Default.java** is
>> currently marked to be run manually because user inputs are required in the
>> console, but instead it can be automated by providing a
On Fri, 7 Jun 2024 19:25:45 GMT, Francisco Ferrari Bihurriet
wrote:
>> Hi,
>>
>> I would like to propose an implementation to support AES CBC with Ciphertext
>> Stealing (CTS) in SunPKCS11, according to what has been specified in
>> [JDK-8330843 CSR](https://bugs.openjdk.org/browse/JDK-833084
On Fri, 1 Sep 2023 15:13:46 GMT, Martin Balao wrote:
> In addition to the goals, scope, motivation, specification and requirement
> notes in [JDK-8315487](https://bugs.openjdk.org/browse/JDK-8315487), we would
> like to describe the most relevant decisions taken during the implementation
> of
On Thu, 16 Nov 2023 04:22:54 GMT, Julian Waters wrote:
> I regret not actually addressing the issues with the goto labels in
> https://github.com/openjdk/jdk/pull/15996, where initialization of locals in
> sspi were jumped over by gotos to a certain label. I changed the
> initializations into
On Thu, 22 Feb 2024 01:14:24 GMT, Hai-May Chao wrote:
> For the PKIX KeyManager and PKCS12 Keystore, when the TLS server sends the
> ServerHello message and ultimately calls the
> X509KeyManagerImpl.chooseEngineServerAlias() method, it retrieves the private
> key from the keystore, decrypts it
On Mon, 30 Oct 2023 17:26:53 GMT, Yakov Shafranovich wrote:
> The various Zip/Jar-file related Java APIs have some long-standing
> differences or peculiarities with respect to the ZIP-file specification or
> compared to other implementations which should be documented in the API-doc.
> This do
On Mon, 4 Dec 2023 15:34:34 GMT, Eirik Bjørsnøs wrote:
> Please consider this PR which suggests we rename `ZipEntry.extraAttributes`
> to `ZipEntry.externalAttributes`.
>
> This field was introduced in
> [JDK-8218021](https://bugs.openjdk.org/browse/JDK-8218021), originally under
> the name `
On Tue, 14 Nov 2023 17:21:53 GMT, Weijun Wang wrote:
> Add parameters to `MessageDigest` and introduce new `MessageDigest`
> algorithms 'SHAKE128-LEN` and `SHAKE256-LEN` with an integer parameter.
This pull request has been closed without being integrated.
-
PR: https://git.openjd
On Fri, 27 Oct 2023 14:43:56 GMT, Ben Perez wrote:
> Modified `getService` method to prevent caching of `ServiceKey`, which was
> negatively impacting multithreaded performance
This pull request has been closed without being integrated.
-
PR: https://git.openjdk.org/jdk/pull/16403
On Mon, 14 Aug 2023 07:48:00 GMT, Matthias Baesken wrote:
> Currently there is a number of functionality that would be interesting to
> have for shared lib load operations in the JDK C code.
> Some examples :
> Events::log_dll_message for hs-err files reporting
> JFR event NativeLibraryLoad
> Th
On Thu, 19 Oct 2023 07:04:50 GMT, Chen Liang wrote:
> Please review a patch that renames `JavaLangAccess::xxNoRepl` to
> `xxReportError` to explicitly indicate these APIs report encoding errors.
>
> The old "NoRepl" suffix presumably means "No Replacement", but it has been
> misunderstood as "
On Mon, 26 Jun 2023 15:25:08 GMT, Glavo wrote:
> Added a new method `newStringLatin1NoRepl` to the `JavaLangAccess`.
>
> Reasons:
>
> * Most use cases of `newStringNoRepl` use `ISO_8859_1` as the charset,
> creating a new shortcut can make writing shorter;
> * Since all possible values of `byt
On Fri, 21 Jul 2023 22:40:00 GMT, Brian Burkhalter wrote:
> Limit native memory allocation and move write loop from the native layer into
> Java. This change should make the OOME reported in the issue much less likely.
This pull request has been closed without being integrated.
-
On Fri, 11 Aug 2023 23:08:56 GMT, Alexey Bakhtin wrote:
> JGSS is implemented in the JVM in 2 levels: the standard Java security
> provider for Kerberos in sun.security.jgss.krb5.Krb5MechFactory and the JAAS
> login module for Kerberos in com.sun.security.auth.module.Krb5LoginModule.
> The pro
On Mon, 11 Sep 2023 23:20:04 GMT, Sergey Bylokhov wrote:
> I am not sure that it is a good thing to modify the JDK when many tests are
> executed in parallel. But for now, I updated the test, it will be skipped if
> the setup stage fails.
This pull request has been closed without being integra
On Fri, 2 Jun 2023 00:57:49 GMT, Andrew John Hughes wrote:
> Currently, security properties are held within the `java.security` file in
> the JDK tree for each installed JDK. The system property
> `java.security.properties` can be used to point to a file containing
> additional properties. The
On Fri, 4 Aug 2023 17:30:06 GMT, Hai-May Chao wrote:
> Please review the enhancement for JDK-8311596 and its CSR JDK-8313236. Thank
> you.
This pull request has been closed without being integrated.
-
PR: https://git.openjdk.org/jdk/pull/15163
On Tue, 11 Jul 2023 18:09:26 GMT, Craig Andrews wrote:
> When loading the default JVM trust store, if the JVM trust store contains an
> invalid certificate, the exception contains insufficient information to
> determine which certificate is invalid, making it very difficult to fix the
> proble
On Tue, 4 Apr 2023 19:46:32 GMT, Jonathan Gibbons wrote:
> Please review a doc update to add `@spec` into the rest of the files in
> `java.base` (compared to those in
> [JDK-8305206](https://bugs.openjdk.org/browse/JDK-8305206) PR #13248)
This pull request has been closed without being integra
On Wed, 31 May 2023 18:03:57 GMT, Rajan Halade wrote:
> The new approach uses test URLs directly to verify interoperability with CA
> infrastructure. This would help us avoid having regular test fixes to update
> test artifacts as long as CAs keep test domains up to date.
This pull request has
On Fri, 26 May 2023 21:09:35 GMT, Mat Carter wrote:
> Added ability to load keystores from SST files on Windows. Example usage:
>
> KeyStore keyStore = KeyStore.getInstance("Windows-SST");
> try (FileInputStream fis = new FileInputStream("mykeystore.sst")) {
>keyStore.load(fis, null);
> }
>
On Thu, 25 May 2023 20:17:39 GMT, zhurs wrote:
> When using HttpClient to make requests to HTTPS resources, there is an issue
> where the entire file is being downloaded into memory without the ability to
> limit the buffer size.
> If the SSLEngine cannot decode the entire buffer due to the alg
On Thu, 23 Feb 2023 09:04:23 GMT, Justin Lu wrote:
> This PR converts Unicode sequences to UTF-8 native in .properties file.
> (Excluding the Unicode space and tab sequence). The conversion was done using
> native2ascii.
>
> In addition, the build logic is adjusted to support reading in the
>
On Sun, 30 Apr 2023 13:03:38 GMT, Weijun Wang wrote:
> The CC can be loaded with any file and its name is not static.
>
> `MemoryCredentialsCache` is removed since it's not used anywhere. We've
> already supported native ccache reading directly with JNI method
> `Credentials::acquireDefaultNat
On Thu, 10 Nov 2022 06:20:41 GMT, Julian Waters wrote:
> After [JDK-8292008](https://bugs.openjdk.org/browse/JDK-8292008) and
> [JDK-8247283](https://bugs.openjdk.org/browse/JDK-8247283), some C and C++
> code across the JDK can be replaced and simplified with cleaner language
> features that
On Fri, 2 Dec 2022 16:40:51 GMT, Magnus Ihse Bursie wrote:
> According to [the
> specification](https://docs.oracle.com/en/java/javase/19/docs/api/java.base/java/util/Properties.html#load(java.io.Reader))
> trailing whitespaces in the values of properties files are (somewhat
> surprisingly) ac
On Thu, 10 Nov 2022 01:10:13 GMT, Jonathan Gibbons wrote:
> Please review a "somewhat automated" change to insert `@spec` tags into doc
> comments, as appropriate, to leverage the recent new javadoc feature to
> generate a new page listing the references to all external specifications
> listed
On Mon, 7 Nov 2022 05:55:18 GMT, Johannes Waigel wrote:
> The `PCSCException` is thrown, but the error type is not visible due to the
> "private-packe" access rule.
> By changing the visibility it is possible to handle / access this exception
> type explicitly in the catch.
This pull request h
On Fri, 5 Aug 2022 14:57:45 GMT, Xue-Lei Andrew Fan wrote:
> This update is to support key exchange named groups customization for
> individual (D)TLS connection. Please review the CSR as well:
> CSR: https://bugs.openjdk.org/browse/JDK-8291950
> RFE: https://bugs.openjdk.org/browse/JDK-8281236
On Wed, 3 Aug 2022 15:40:54 GMT, Weibing Xiao wrote:
> Log the debugging info for server cipher suites when setting javax.net.debug
> == ssl, handshake.
This pull request has been closed without being integrated.
-
PR: https://git.openjdk.org/jdk/pull/9731
On Tue, 14 Jun 2022 17:57:17 GMT, Weijun Wang wrote:
> Clearing buffers and temporary arrays to avoid data leaks in cipher
> operations.
This pull request has been closed without being integrated.
-
PR: https://git.openjdk.org/jdk/pull/9158
On Thu, 16 Jun 2022 07:08:20 GMT, Johannes Kuhn wrote:
> * This adds additional permissions to the jdk.random module
> (`RuntimePermission "accessClassInPackage.jdk.internal.util.random"`)
> * The annotations of the provider classes are now parsed early.
> This avoids putting the parts that
51 matches
Mail list logo
