Re: [10] RFR: 8182388: Backout 8182143

2017-06-16 Thread Bernd
I think the new bug description is backward, as you cannot expect to implement all algorithms in all providers or use a key class fron one provider in antoher (especially not if they use mechanisms in external APIs like PKCS11 or MSCAPI with HSM). "Crypto keys should be compatible between security

Re: [10] RFR: 8182388: Backout 8182143

2017-06-16 Thread Xuelei Fan
Looks fine to me. Xuelei On 6/16/2017 2:17 PM, Artem Smotrakov wrote: This patch backs out 8182143 because of possible issues on Windows even if we don't have a test to reproduce it. Checking if SunMSCAPI provider is enabled looks like a hack. I filed https://bugs.openjdk.java.net/browse/JDK

Re: RFR [9]: 8181295: Document that SecurityManager::checkPackageAccess may be called by the VM

2017-06-16 Thread Mandy Chung
> On Jun 16, 2017, at 1:25 PM, Sean Mullan wrote: > > On 6/16/17 11:13 AM, Mandy Chung wrote: >>> On Jun 16, 2017, at 8:00 AM, Sean Mullan wrote: >>> >>> Please review this clarification to the SecurityManager::checkPackageAccess >>> method to note that the method may be called by the Virtual

[10] RFR: 8182388: Backout 8182143

2017-06-16 Thread Artem Smotrakov
This patch backs out 8182143 because of possible issues on Windows even if we don't have a test to reproduce it. Checking if SunMSCAPI provider is enabled looks like a hack. I filed https://bugs.openjdk.java.net/browse/JDK-8182386 Bug: https://bugs.openjdk.java.net/browse/JDK-8182388 Webrev:

Re: RFR [9]: 8181295: Document that SecurityManager::checkPackageAccess may be called by the VM

2017-06-16 Thread Sean Mullan
On 6/16/17 11:13 AM, Mandy Chung wrote: On Jun 16, 2017, at 8:00 AM, Sean Mullan wrote: Please review this clarification to the SecurityManager::checkPackageAccess method to note that the method may be called by the Virtual Machine when loading classes: http://cr.openjdk.java.net/~mullan/w

Re: [10] RFR: 8182143: SHA224-based signature algorithms are not enabled for TLSv12 on Windows

2017-06-16 Thread Artem Smotrakov
Hi Xuelei, Please see inline. On 06/15/2017 07:32 PM, Xuelei Fan wrote: Hi Artem, If the key is generated in MSCAPI, the signature algorithm implemented in other provider cannot be actually used. Yes, that's what I meant by key implementation incompatibility. Here is an example https://bu

Re: RFR [9]: 8181295: Document that SecurityManager::checkPackageAccess may be called by the VM

2017-06-16 Thread Mandy Chung
> On Jun 16, 2017, at 8:00 AM, Sean Mullan wrote: > > Please review this clarification to the SecurityManager::checkPackageAccess > method to note that the method may be called by the Virtual Machine when > loading classes: > > http://cr.openjdk.java.net/~mullan/webrevs/8181295/webrev.00/ >

RFR [9]: 8181295: Document that SecurityManager::checkPackageAccess may be called by the VM

2017-06-16 Thread Sean Mullan
Please review this clarification to the SecurityManager::checkPackageAccess method to note that the method may be called by the Virtual Machine when loading classes: http://cr.openjdk.java.net/~mullan/webrevs/8181295/webrev.00/ A small correction was also made to the checkPackageDefinition met