Re: Negative parameter in c'tor of EllipticCurve

I believe you need to take "a mod p" to get the correct value. If you google for one of the other values in the table, you can find implementations that pre-reduce this and have a value for a that is 3 less than p. BTW - this is generally not the place to ask non-JDK questions. Mike

Re: Design and impl review: JEP 273: DRBG-Based SecureRandom Implementations

Here are some more comments on the API. I will send some comments on the impl next. * DrbgParameters 38 * A DRBG mechanism should extend this class. Is this sentence necessary? None of the builtin DRBG mechs extend this class. 175 * If this method is not called, the

CallbackHandler updates?

Is there any work planned for the javax.security.auth.callback.* package and the provided com.sun.security.auth.callback.TextCallbackHandler? Specifically it would be nice if the readLine method were protected rather than private, and some thought went in to how to extend the class, perhaps

Java security configuration to look at CRL for revocation checking

Hi, I am using Java 8, and am trying to configure JVM to go to CRL for revocation checking. I didn't see any parameter in java.security to enable CRL revocation checking, although there are parameters to configure OCSP. I tried setting these two parameters as JVM options with -D, but doesn't

Re: Design and impl review: JEP 273: DRBG-Based SecureRandom Implementations

On 01/04/2016 08:17 PM, Wang Weijun wrote: On Jan 5, 2016, at 6:59 AM, Sean Mullan wrote: Here are some more comments on the API: * EntropyInput: 29 * An interface of a source of entropy input. "interface" is implied, so you can just say "A source of entropy

Re: Java security configuration to look at CRL for revocation checking

On 01/05/2016 12:28 PM, Seshadri, Usha wrote: Hi, I am using Java 8, and am trying to configure JVM to go to CRL for revocation checking.I didn’t see any parameter in java.security to enable CRL revocation checking, although there are parameters to configure OCSP. I tried setting these two

Re: RFR [9] 8145544: Move sun.misc.VM to jdk.internal.misc

On 6 Jan 2016, at 04:20, David Holmes wrote: > Hi Chris, > > Hotspot comment change looks okay.:) Thanks David. > I see a lot of hotspot tests that include > > @modules java.base/sun.misc > > but I don't understand why it is present in the few cases I looked at eg:

Re: CallbackHandler updates?

> On Jan 6, 2016, at 1:35 AM, Richard Levenberg wrote: > > Is there any work planned for the javax.security.auth.callback.* package > and the provided com.sun.security.auth.callback.TextCallbackHandler? No. > > Specifically it would be nice if the readLine method were

Re: Design and impl review: JEP 273: DRBG-Based SecureRandom Implementations

Hello, is the Intention of the default implementation of getFullEntropy to expand a too short array with the DF as well (which is a dangerous thing to do IMHO) or is the conditional conditioning only to condense (aka shorten)? In that case you should maybe add an assert and make the if compare

Re: RFR [9] 8145544: Move sun.misc.VM to jdk.internal.misc

Hi Chris, Hotspot comment change looks okay.:) I see a lot of hotspot tests that include @modules java.base/sun.misc but I don't understand why it is present in the few cases I looked at eg: hotspot/test/gc/g1/TestShrinkAuxiliaryData15.java so not sure when it needs to be converted to

Re: Design and impl review: JEP 273: DRBG-Based SecureRandom Implementations

> On Jan 6, 2016, at 1:21 AM, Sean Mullan wrote: > > Here are some more comments on the API. I will send some comments on the impl > next. > > * DrbgParameters > > 38 * A DRBG mechanism should extend this class. > > Is this sentence necessary? None of the builtin

Negative parameter in c'tor of EllipticCurve

Hi all, I encountered IllegalArgumentException when I generate EC key pair as below. reproducer: - import java.math.*; import java.security.*; import java.security.spec.*; import java.security.interfaces.*; public class ECKeyGen{ public static BigInteger P = new