On Thu, 24 Mar 2022 06:48:00 GMT, Bradford Wetmore wrote:
>>> @XueleiFan, I'm not following your first comment.
>>
>> Sorry for that. I was wondering something new in the future, which is not
>> doable in the current Java language. Please just leave it alone.
>
> Ah! Thanks.
> IIUC, you
Added coverage to logout method.
-
Commit messages:
- 8281717: Cover logout method for several LoginModule
Changes: https://git.openjdk.java.net/jdk/pull/7940/files
Webrev: https://webrevs.openjdk.java.net/?repo=jdk=7940=00
Issue: https://bugs.openjdk.java.net/browse/JDK-8281717
On Wed, 23 Mar 2022 14:06:56 GMT, Maurizio Cimadamore
wrote:
>> This PR contains the API and implementation changes for JEP-424 [1]. A more
>> detailed description of such changes, to avoid repetitions during the review
>> process, is included as a separate comment.
>>
>> [1] -
Hi List,
I find it a bit strange that every user of crypto either have to write or
install specific software for converting JOSE/COSE/PEM keys back-and-forth to
Java's internal representation. This reduces the value of the abstract types as
well.
Now there is whole bunch of new algorithms
On Wed, 23 Mar 2022 21:59:02 GMT, Valerie Peng wrote:
>> I see.
>>
>> Would you mind add a comment about the provider loading impact, just in case
>> someone else have similar questions in the future?
>
> Sure, I can do that. Will add a comment about this.
Thank you. I have no more comment
On Wed, 23 Mar 2022 22:48:41 GMT, Valerie Peng wrote:
>> It's been several years since we increased the default key sizes. Before
>> shifting to PQC, NSA replaced its Suite B cryptography recommendations with
>> the Commercial National Security Algorithm Suite which suggests:
>>
>> - SHA-384
On Thu, 24 Mar 2022 06:45:46 GMT, Xue-Lei Andrew Fan wrote:
>> src/java.base/share/classes/sun/security/ssl/SSLEngineImpl.java line 802:
>>
>>> 800: } finally {
>>> 801: engineLock.unlock();
>>> 802: }
>>
>> I looked the update further. It would be nice
On Wed, 23 Mar 2022 18:09:46 GMT, Xue-Lei Andrew Fan wrote:
>> Bradford Wetmore has updated the pull request with a new target base due to
>> a merge or a rebase. The incremental webrev excludes the unrelated changes
>> brought in by the merge/rebase. The pull request contains 12 additional
On 2022-03-24 17:27, xueleifan(XueleiFan) wrote:
On Mar 23, 2022, at 11:46 PM, Anders Rundgren
wrote:
Hi List,
I find it a bit strange that every user of crypto either have to write or
install specific software for converting JOSE/COSE/PEM keys back-and-forth to
Java's internal
On Thu, 23 Dec 2021 11:59:18 GMT, Masanori Yano wrote:
> Could you please review the JDK-8255739 bug fix?
>
> I think sun.security.x509.SubjectAlternativeNameExtension() should throw an
> exception for incorrect SubjectAlternativeNames instead of returning the
> substituted characters, which
On 2022-03-24 16:59, Michael StJohns wrote:
On 3/24/2022 2:46 AM, Anders Rundgren wrote:
Hi List,
I find it a bit strange that every user of crypto either have to write
or install specific software for converting JOSE/COSE/PEM keys
back-and-forth to Java's internal representation. This reduces
On 3/24/2022 2:46 AM, Anders Rundgren wrote:
Hi List,
I find it a bit strange that every user of crypto either have to write
or install specific software for converting JOSE/COSE/PEM keys
back-and-forth to Java's internal representation. This reduces the
value of the abstract types as well.
On Wed, Mar 23, 2022 at 10:38 AM Bradford Wetmore <
bradford.wetm...@oracle.com> wrote:
> Offhand, sounds like a bug to me. I've filed:
>
> https://bugs.openjdk.java.net/browse/JDK-8283577
Thanks. The in-place use of the input buffer might also be unexpected even
when the buffer is not
> On Mar 23, 2022, at 11:46 PM, Anders Rundgren
> wrote:
>
> Hi List,
>
> I find it a bit strange that every user of crypto either have to write or
> install specific software for converting JOSE/COSE/PEM keys back-and-forth to
> Java's internal representation. This reduces the value of the
> It's been several years since we increased the default key sizes. Before
> shifting to PQC, NSA replaced its Suite B cryptography recommendations with
> the Commercial National Security Algorithm Suite which suggests:
>
> - SHA-384 for secure hashing
> - AES-256 for symmetric encryption
> -
The Apache Derby community is getting ready to vet a new release which
can be used on Java 17. Before buttoning down the release, I wanted to
check in on current best practices for defending enterprise applications
against the threats which the Java Security Manager parries. There may
be some
On Thu, 24 Mar 2022 17:48:23 GMT, Maurizio Cimadamore
wrote:
>> make/test/BuildMicrobenchmark.gmk line 97:
>>
>>> 95: SRC := $(MICROBENCHMARK_SRC), \
>>> 96: BIN := $(MICROBENCHMARK_CLASSES), \
>>> 97: JAVAC_FLAGS := --add-exports
>>> java.base/sun.security.util=ALL-UNNAMED
> This PR contains the API and implementation changes for JEP-424 [1]. A more
> detailed description of such changes, to avoid repetitions during the review
> process, is included as a separate comment.
>
> [1] - https://openjdk.java.net/jeps/424
Maurizio Cimadamore has updated the pull
On Thu, 24 Mar 2022 18:58:28 GMT, Valerie Peng wrote:
>> Can someone help review this update to the PSSParameterSpec class regarding
>> the constructor with int argument and the DEFAULT static field? Just added
>> @Deprecate javadoc tag and caution about their usage as suggested in the bug
>>
> This PR contains the API and implementation changes for JEP-424 [1]. A more
> detailed description of such changes, to avoid repetitions during the review
> process, is included as a separate comment.
>
> [1] - https://openjdk.java.net/jeps/424
Maurizio Cimadamore has updated the pull
On Thu, 24 Mar 2022 13:10:20 GMT, Jorn Vernee wrote:
>> Maurizio Cimadamore has updated the pull request incrementally with one
>> additional commit since the last revision:
>>
>> Drop redundant javadoc statements re. handling of nulls
>> (handling of nulls is specified once and for all in
> This PR contains the API and implementation changes for JEP-424 [1]. A more
> detailed description of such changes, to avoid repetitions during the review
> process, is included as a separate comment.
>
> [1] - https://openjdk.java.net/jeps/424
Maurizio Cimadamore has updated the pull
On Thu, 24 Mar 2022 13:00:12 GMT, Jorn Vernee wrote:
>> Maurizio Cimadamore has updated the pull request incrementally with one
>> additional commit since the last revision:
>>
>> Drop redundant javadoc statements re. handling of nulls
>> (handling of nulls is specified once and for all in
On Wed, 23 Mar 2022 19:41:58 GMT, Andrey Turbanov wrote:
>> Fix repeated typo `exeption`
>
> Andrey Turbanov has updated the pull request incrementally with one
> additional commit since the last revision:
>
> 8283426: Fix 'exeption' typo
>
> Co-authored-by: Alexey Ivanov
>
On Thu, 24 Mar 2022 18:58:28 GMT, Valerie Peng wrote:
>> Can someone help review this update to the PSSParameterSpec class regarding
>> the constructor with int argument and the DEFAULT static field? Just added
>> @Deprecate javadoc tag and caution about their usage as suggested in the bug
>>
> Can someone help review this update to the PSSParameterSpec class regarding
> the constructor with int argument and the DEFAULT static field? Just added
> @Deprecate javadoc tag and caution about their usage as suggested in the bug
> record.
>
> A CSR will be filed once the wording changes
On Thu, 24 Mar 2022 01:37:15 GMT, Weijun Wang wrote:
>> Hmm, I am under the impression that we tend to use forRemoval=true when
>> deprecating stuff, so users may pay more attention to it. This does not mean
>> that we MUST remove it? Also, marking it for removal would give users more
>> time
On Thu, 24 Mar 2022 18:58:28 GMT, Valerie Peng wrote:
>> Can someone help review this update to the PSSParameterSpec class regarding
>> the constructor with int argument and the DEFAULT static field? Just added
>> @Deprecate javadoc tag and caution about their usage as suggested in the bug
>>
Problem easily duplicated, thanks for the reproducer.
I've updated the bug with the info.
Brad
On 3/24/2022 9:13 AM, Chris Vest wrote:
On Wed, Mar 23, 2022 at 10:38 AM Bradford Wetmore
mailto:bradford.wetm...@oracle.com>> wrote:
Offhand, sounds like a bug to me. I've filed:
On Thu, 24 Mar 2022 06:41:11 GMT, Xue-Lei Andrew Fan wrote:
>> Valerie Peng has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> Added comment regarding possible deadlocks.
>
>
> This PR contains the API and implementation changes for JEP-424 [1]. A more
> detailed description of such changes, to avoid repetitions during the review
> process, is included as a separate comment.
>
> [1] - https://openjdk.java.net/jeps/424
Maurizio Cimadamore has updated the pull
> This PR contains the API and implementation changes for JEP-424 [1]. A more
> detailed description of such changes, to avoid repetitions during the review
> process, is included as a separate comment.
>
> [1] - https://openjdk.java.net/jeps/424
Maurizio Cimadamore has updated the pull
On Thu, 24 Mar 2022 19:19:34 GMT, Maurizio Cimadamore
wrote:
>> This PR contains the API and implementation changes for JEP-424 [1]. A more
>> detailed description of such changes, to avoid repetitions during the review
>> process, is included as a separate comment.
>>
>> [1] -
On Thu, 24 Mar 2022 18:35:12 GMT, Jorn Vernee wrote:
>> Sure, this is problematic - but at the same time I don't think there's a
>> better way to deal with this? I'd prefer to defer this to a separate issue
>> (and I think the build team is in a much better position to suggest a better
>>
On Sun, 20 Mar 2022 13:30:01 GMT, Andrey Turbanov wrote:
> Fix repeated typo `exeption`
This pull request has now been integrated.
Changeset: dc5a65ab
Author:Andrey Turbanov
URL:
https://git.openjdk.java.net/jdk/commit/dc5a65ab378f0780f7760965f2b52cbbd7c62aad
Stats: 38 lines in
I agree with Chris here that doing in-place modification of the source buffer
is really surprising even if it’s not read-only. This really sounds like
something I would consider a „breaking change“ as I can’t imagine users would
expect this at all (nothing was ever in the javadocs that would
> This PR contains the API and implementation changes for JEP-424 [1]. A more
> detailed description of such changes, to avoid repetitions during the review
> process, is included as a separate comment.
>
> [1] - https://openjdk.java.net/jeps/424
Maurizio Cimadamore has updated the pull
On Thu, 24 Mar 2022 19:17:40 GMT, Jorn Vernee wrote:
>> I'd suggest at least adding `--enable-preview` as an argument when running
>> benchmarks through the build system in that case. I think this should do the
>> trick:
>>
>>
>> diff --git a/make/RunTests.gmk b/make/RunTests.gmk
>> index
On 3/21/22 11:49 AM, xueleifan(XueleiFan) wrote:
Hi,
The JDK Enhancement Proposal, TLS Certificate Compression, has been
opened for community review. Detailed, please refer to the draft:
https://bugs.openjdk.java.net/browse/JDK-8281710
Or a more readable version at
On Thu, 24 Mar 2022 10:41:18 GMT, Sibabrata Sahoo wrote:
> Added coverage to logout method.
test/jdk/com/sun/security/auth/module/AllPlatforms.java line 26:
> 24: /*
> 25: * @test
> 26: * @bug 8039951 8281717
No need to add bug id here as this is not a product change.
> Can someone help review this update to the PSSParameterSpec class regarding
> the constructor with int argument and the DEFAULT static field? Just added
> @Deprecate javadoc tag and caution about their usage as suggested in the bug
> record.
>
> A CSR will be filed once the wording changes
On Thu, 24 Mar 2022 22:01:30 GMT, Naoto Sato wrote:
> Proposing to deprecate the constructors in the `java.util.Locale` class.
> There is already a factory method and a builder to return singletons, so
> there is no need to have constructors anymore unless one purposefully wants
> to create
On Fri, 25 Mar 2022 00:18:54 GMT, Stuart Marks wrote:
>> Proposing to deprecate the constructors in the `java.util.Locale` class.
>> There is already a factory method and a builder to return singletons, so
>> there is no need to have constructors anymore unless one purposefully wants
>> to
On Fri, 25 Mar 2022 05:11:18 GMT, Valerie Peng wrote:
> Max, can you please help review this fix? It updates the two jarsigner tests
> which are added to the main trunk during the code review of JDK-8267319.
>
> Mach5 run succeeds.
> Thanks,
> Valerie
Marked as reviewed by xuelei (Reviewer).
Max, can you please help review this fix? It updates the two jarsigner tests
which are added to the main trunk during the code review of JDK-8267319.
Mach5 run succeeds.
Thanks,
Valerie
-
Commit messages:
- 8283665: Two Jarsigner tests needs to be updated with JDK-8267319
On Fri, 25 Mar 2022 05:11:18 GMT, Valerie Peng wrote:
> Max, can you please help review this fix? It updates the two jarsigner tests
> which are added to the main trunk during the code review of JDK-8267319.
>
> Mach5 run succeeds.
> Thanks,
> Valerie
Marked as reviewed by ascarpino
On Thu, 24 Mar 2022 23:34:30 GMT, Valerie Peng wrote:
>> Can someone help review this update to the PSSParameterSpec class regarding
>> the constructor with int argument and the DEFAULT static field? Just added
>> @Deprecate javadoc tag and caution about their usage as suggested in the bug
>>
On Wed, 2 Mar 2022 00:13:41 GMT, Valerie Peng wrote:
> It's been several years since we increased the default key sizes. Before
> shifting to PQC, NSA replaced its Suite B cryptography recommendations with
> the Commercial National Security Algorithm Suite which suggests:
>
> - SHA-384 for
On Thu, 24 Mar 2022 20:30:20 GMT, Weijun Wang wrote:
>> Valerie Peng has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> Updated to address review feedbacks.
>
> src/java.base/share/classes/java/security/spec/PSSParameterSpec.java line 74:
> Can someone help review this update to the PSSParameterSpec class regarding
> the constructor with int argument and the DEFAULT static field? Just added
> @Deprecate javadoc tag and caution about their usage as suggested in the bug
> record.
>
> A CSR will be filed once the wording changes
On 3/24/2022 12:28 PM, Anders Rundgren wrote:
On 2022-03-24 16:59, Michael StJohns wrote:
On 3/24/2022 2:46 AM, Anders Rundgren wrote:
Hi List,
I find it a bit strange that every user of crypto either have to write
or install specific software for converting JOSE/COSE/PEM keys
back-and-forth
Proposing to deprecate the constructors in the `java.util.Locale` class. There
is already a factory method and a builder to return singletons, so there is no
need to have constructors anymore unless one purposefully wants to create
`ill-formed` Locale objects, which is discouraged. We cannot
> Can someone help review this update to the PSSParameterSpec class regarding
> the constructor with int argument and the DEFAULT static field? Just added
> @Deprecate javadoc tag and caution about their usage as suggested in the bug
> record.
>
> A CSR will be filed once the wording changes
53 matches
Mail list logo