Hi Andrew,
Sorry to be a pest, but given the scope of the change I'd feel more
comfortable with an explicit codereview for the backport.
-Rob
On 17/09/14 18:32, Andrew Hughes wrote:
This is the first of three backports to 7u designed to retain SSL
compatibility with servers implemented in other languages switching
to larger key sizes (notably DH >=2048 in Apache 2.4.7 [0]).
This patch is a per-requisite of the patch which brings NSA Suite B
support to 7. It applies largely unchanged, bar the following:
* Copyright header adjustment
* Removal of change to java.security.spec.MGF1ParameterSpec to avoid
introducing a new public variable. The SHA-224 variant is constructed
directly in com.sun.crypto.provider.OAEPParameters instead.
* A change to OAEPParameters is dropped as it was already incorporated
in the backport of 7180907 & 8049480 (addition of SHA-224 to
convertToStandardName)
Bug: https://bugs.openjdk.java.net/browse/JDK-4963723
Webrev: http://cr.openjdk.java.net/~andrew/jdk7u/4963723/webrev.01/
[0] https://httpd.apache.org/docs/2.4/mod/mod_ssl.html
Ok to push?
Thanks,
