Re: RFR[11] JDK-8203007: Address missing block coverage for ChaCha20 and Poly1305 algorithms

Looks fine to me. Thanks, Xuelei On 6/25/2018 2:50 AM, sha.ji...@oracle.com wrote: Hi, This patch introduces three new tests to enhance code coverage for ChaCha20 and Poly1305 algorithms. Issue: https://bugs.openjdk.java.net/browse/JDK-8203007 Webrev:

Re: RFR[12] JDK-8179098 "Crypto AES/ECB encryption/decryption performance regression (introduced in jdk9b73)"

Hi Tony, The purpose of the if-block is to ensure that ArrayIndexOutOfBoundsException is thrown instead of IndexOutOfBoundsException.  Objects.checkFromIndexSize(...) API is specified to throw IndexOutOfBoundsException which is more general and can be thrown when an index of some sort (such

Re: RFR[12] JDK-8179098 "Crypto AES/ECB encryption/decryption performance regression (introduced in jdk9b73)"

On 07/03/2018 02:03 PM, Valerie Peng wrote: Hi Tony, Would you have time to review this? Instead of doing the bounds check per block, the changes move the bounds check up one level. Bug: https://bugs.openjdk.java.net/browse/JDK-8179098 Webrev:

Re: RFR: 8148188: Enhance the security libraries to record events of interest

Erik, Thanks for reviewing. Comments inline.. On 09/07/18 17:21, Erik Gahlin wrote: Thanks Sean. Some feedback on the code in the security libraries. - We should use camel case naming convention for variables (not underscore). Sure. I see two offending variable names which I'll fix up. -

Re: RFR: 8148188: Enhance the security libraries to record events of interest

Thanks Sean. Some feedback on the code in the security libraries. - We should use camel case naming convention for variables (not underscore). - Looking at sun/security/ssl/Finished.java, I wonder if it wouldn't be less code and more easy to read, if we would commit the event in a local

[11] RFR 8206189: sun/security/pkcs12/EmptyPassword.java fails with Sequence tag error

Please take a review at http://cr.openjdk.java.net/~weijun/8206189/webrev.00/ When the password is empty, some pkcs12 implementations actually use "new char[1]" internally. Therefore PKCS12KeyStore tries both "new char[0]" and "new char[1]". Occasionally, an encrypted block can be decrypted

RFR 8206915: XDH TCK issues

A couple of conformance issues were found during TCK development for XDH. Both required very small modifications to fix, so I put them under the same ticket/review in order to save time. The actual information about the issues can be found in the sub-tasks of the ticket. This fix needs to go

Re: RFR: 8148188: Enhance the security libraries to record events of interest

As per request from Erik, I separated the tests out into individual ones to test the JFR and Logger functionality. I introduced a new separate test for the CertificateChainEvent event also. Originally this was wrapped into the TLSHandshakeEvent test. Thanks to Erik for extra refactoring and

Re: RFR[11] JDK-8203007: Address missing block coverage for ChaCha20 and Poly1305 algorithms

Ping... John On 2018/6/25 17:50, sha.ji...@oracle.com wrote: Hi, This patch introduces three new tests to enhance code coverage for ChaCha20 and Poly1305 algorithms. Issue: https://bugs.openjdk.java.net/browse/JDK-8203007 Webrev: http://cr.openjdk.java.net/~jjiang/8203007/webrev.00/ Best

Re: RFR[11] JDK-8206258: [Test Error] sun/security/pkcs11 tests fail if NSS libs not found

Hi Thomas, Thanks for your testing. I'm not sure that's a reasonable case. From my view, PKCS11Test.java simply checks if the NSS library directory exists. But it looks unnecessary to check every library file. In fact, if removing libnss3 or libsoftokn3's dependencies, like libnssutil3, the

[8u] RFR for backport of JDK-8175120 and JDK-8164656

Please review the backports of JDK-8175120 and JDK-8164656. Overview - Removing old tests on KDC timeout policy and replacing it with new one. Original mail threads JDK-8164656 - http://mail.openjdk.java.net/pipermail/security-dev/2016-August/014696.html JDK-8175120 -