Re: RFR[9] JDK-8171297: ProblemList javax/net/ssl/DTLS/PacketLossRetransmission.java due to JDK-8169086

2016-12-14 Thread Xuelei Fan 

Ok.

Xuelei

On 12/14/2016 9:54 PM, John Jiang wrote:

Hi,
javax/net/ssl/DTLS/PacketLossRetransmission.java has failed for several
times on macosx-x64 platform. It should put it into ProblemList.

Please review the below patch:

diff -r 49b3d6d9b4df test/ProblemList.txt
--- a/test/ProblemList.txtThu Dec 15 10:47:46 2016 +0530
+++ b/test/ProblemList.txtThu Dec 15 05:52:04 2016 +
@@ -217,6 +217,8 @@

 sun/security/ssl/SSLSocketImpl/AsyncSSLSocketClose.java 8161232 macosx-all

+javax/net/ssl/DTLS/PacketLossRetransmission.java 8169086 macosx-x64
+
 


 # jdk_sound

Best regards,
John Jiang

RFR[9] JDK-8171297: ProblemList javax/net/ssl/DTLS/PacketLossRetransmission.java due to JDK-8169086

2016-12-14 Thread John Jiang 

Hi,
javax/net/ssl/DTLS/PacketLossRetransmission.java has failed for several 
times on macosx-x64 platform. It should put it into ProblemList.


Please review the below patch:

diff -r 49b3d6d9b4df test/ProblemList.txt
--- a/test/ProblemList.txtThu Dec 15 10:47:46 2016 +0530
+++ b/test/ProblemList.txtThu Dec 15 05:52:04 2016 +
@@ -217,6 +217,8 @@

 sun/security/ssl/SSLSocketImpl/AsyncSSLSocketClose.java 8161232 macosx-all

+javax/net/ssl/DTLS/PacketLossRetransmission.java 8169086 macosx-x64
+
 

 # jdk_sound

Best regards,
John Jiang

Re: RFR[9] JDK-8164595: javax/net/ssl/FixingJavadocs/SSLSessionNulls.java fails intermittently with javax.net.ssl.SSLHandshakeException: Remote host terminated the handshake

2016-12-14 Thread Xuelei Fan 

Looks fine to me.

Thanks,
Xuelei

On 12/14/2016 12:13 AM, John Jiang wrote:

Because of the push for JDK-8170329, the patch has to depend on the new
SSLSocketTemplate.
Please review the new webrev:
http://cr.openjdk.java.net/~jjiang/8164595/webrev.02/

Best regards,
John Jiang


On 2016/11/23 13:38, John Jiang wrote:

Please review this patch. Thanks!

John Jiang


On 2016/11/19 19:38, John Jiang wrote:

After push for JDK-8168969, this fix has to use updated
SSLSocketTemplate.java.
Please review the updated webrev:
http://cr.openjdk.java.net/~jjiang/8164595/webrev.01

Best regards,
John Jiang

On 2016/10/27 12:36, John Jiang wrote:

Hi,
Please review this patch for test
javax/net/ssl/FixingJavadocs/SSLSessionNulls.java.
It takes advantage of javax/net/ssl/templates/SSLTest.java to fix
the intermittent SSLHandshakeException issue.

Webrev: http://cr.openjdk.java.net/~jjiang/8164595/webrev.00/
Issue: https://bugs.openjdk.java.net/browse/JDK-8164595

Best regards,
John Jiang

Re: RFR 8171190: Bump reference of NIST 800-57 Part 1 Rev 3 to Rev 4 in JarSigner API spec

2016-12-14 Thread Wang Weijun 
7680 itself is 192 bits, and for any bitLength greater than 7680 I treat it as 
in a "higher" level.

--Max

> On Dec 14, 2016, at 5:19 PM, Bernd Eckenfels  wrote:
> 
> Hello,
> 
> I noticed in the existing code: Is the comment "256 bits" referring to the 
> 'comparable strength'?
> 
> # if (bitLength > 7680) { // 256 bits
> 
> If so, it seems misleading, according to table 2 this would be 192 bit. Maybe 
> this can be corrected, removed or the meaning of the comment clarified.
> 
> Gruss
> Bernd
> -- 
> http://bernd.eckenfels.net

Re: RFR 8171190: Bump reference of NIST 800-57 Part 1 Rev 3 to Rev 4 in JarSigner API spec

2016-12-14 Thread Bernd Eckenfels 
Hello,
I noticed in the existing code: Is the comment "256 bits" referring to the 
'comparable strength'?
# if (bitLength > 7680) { // 256 bits
If so, it seems misleading, according to table 2 this would be 192 bit. Maybe 
this can be corrected, removed or the meaning of the comment clarified.

Gruss
Bernd
-- 
http://bernd.eckenfels.net

_
From: Wang Weijun 
Sent: Mittwoch, Dezember 14, 2016 4:39 AM
Subject: RFR 8171190: Bump reference of NIST 800-57 Part 1 Rev 3 to Rev 4 in 
JarSigner API spec
To:  


NIST 800-57 Part 1 has a new revision. The lines below are newly introduced in 
jdk9.

diff --git a/src/java.base/share/classes/sun/security/x509/AlgorithmId.java 
b/src/java.base/share/classes/sun/security/x509/AlgorithmId.java
--- a/src/java.base/share/classes/sun/security/x509/AlgorithmId.java
+++ b/src/java.base/share/classes/sun/security/x509/AlgorithmId.java
@@ -1024,7 +1024,7 @@
 }
 }

-// Values from SP800-57 part 1 rev 3 tables 2 and three
+// Values from SP800-57 part 1 rev 4 tables 2 and 3
 private static String ecStrength (int bitLength) {
 if (bitLength >= 512) { // 256 bits of strength
 return "SHA512";
@@ -1035,7 +1035,7 @@
 }
 }

-// same values for RSA and DSA
+// Same values for RSA and DSA
 private static String ifcFfcStrength (int bitLength) {
 if (bitLength > 7680) { // 256 bits
 return "SHA512";
diff --git 
a/src/jdk.jartool/share/classes/jdk/security/jarsigner/JarSigner.java 
b/src/jdk.jartool/share/classes/jdk/security/jarsigner/JarSigner.java
--- a/src/jdk.jartool/share/classes/jdk/security/jarsigner/JarSigner.java
+++ b/src/jdk.jartool/share/classes/jdk/security/jarsigner/JarSigner.java
@@ -430,7 +430,7 @@
  * SHA384withECDSA for a 384-bit EC key.
  *
  * @implNote This implementation makes use of comparable strengths
- * as defined in Tables 2 and 3 of NIST SP 800-57 Part 1-Rev.3.
+ * as defined in Tables 2 and 3 of NIST SP 800-57 Part 1-Rev.4.
  * Specifically, if a DSA or RSA key with a key size greater than 7680
  * bits, or an EC key with a key size greater than or equal to 512 
bits,
  * SHA-512 will be used as the hash function for the signature.

Thanks
Max