After some discussion, we decided to cover -keysize and -sigalg in this
deprecation process too.
Please review the updated CSR at
https://bugs.openjdk.java.net/browse/JDK-8212111
No webrev available yet.
Thanks
Max
> On Oct 18, 2018, at 10:34 AM, Weijun Wang wrote:
>
> Please review th
On Thu, 1 Nov 2018 at 15:41, Martin Balao wrote:
>
> Hi Andrew,
>
> Thanks for having a look at this.
>
> Webrev.02 without "All rights reserved" and "affiliates" parts:
>
> * http://cr.openjdk.java.net/~mbalao/webrevs/8213154/8213154.webrev.02/
> * http://cr.openjdk.java.net/~mbalao/webrevs/821
> On Nov 7, 2018, at 12:47 AM, Xuelei Fan wrote:
>
> Some typos:
>
> "When multiple curves have the same field size, and one of them is a prime
> curve or a Koblitz curve, it will be used."
>
> Which one will be used? prime curve or Koblitz curve.
I am not an ECC expert, but what I obse
Thanks for the update! No more comments from me.
Xuelei
On 11/6/2018 11:38 AM, Jamil Nimeh wrote:
Hi Xuelei,
I've made the change. I think in this specific case
CipherSuite.hashAlg.toString is just a simple return of the name field
so it should be no less reliable than hitting the name fie
Hi Xuelei,
I've made the change. I think in this specific case
CipherSuite.hashAlg.toString is just a simple return of the name field
so it should be no less reliable than hitting the name field directly.
Changing it does make it more consistent with other places in the
method, so that's go
Looks fine to me.
As you are already there, would you mind have an additional improvement
in PreSharedKeyExtension.java?
- MessageDigest md = MessageDigest.getInstance(hashAlg.toString());;
+ MessageDigest md = MessageDigest.getInstance(hashAlg.toString());
Normally, the toString() is not
Hi Xuelei, updated review here:
http://cr.openjdk.java.net/~jnimeh/reviews/8212885/webrev.02
I followed your suggestions and also cleaned up some remnant comments
and removed a double-semicolon...just cosmetic stuff.
--Jamil
On 11/6/18 10:11 AM, Jamil Nimeh wrote:
Okay, I can move this into
Okay, I can move this into PreSharedKeyExtension.java and re-run the
local tests that were having issues with it. Should work pretty well.
I'll put out another code review shortly.
Thanks,
--Jamil
On 11/6/2018 7:36 AM, Xuelei Fan wrote:
Nice update!
For the update in ClientHello.java, I may
Hi Valerie,
Thanks for having a look at this.
Here it's Webrev.14 with that fixed:
* http://cr.openjdk.java.net/~mbalao/webrevs/6913047/6913047.webrev.14/
* http://cr.openjdk.java.net/~mbalao/webrevs/6913047/6913047.webrev.14.zip
I'll start the CSR process now.
Kind regards,
Martin.-
Some typos:
"When multiple curves have the same field size, and one of them is a
prime curve or a Koblitz curve, it will be used."
Which one will be used? prime curve or Koblitz curve. It will not be
documented, right? Otherwise, there are may be more curve categories.
As it is not the re
Thanks everyone. CSR updated, and I describe the behavior in the Solution part.
If you are all happy I'll start coding.
And yes, KeyPairGenerator::init(int) needs some clarification, but I don't know
in which class/method we should add it. Maybe the JDK Provider Doc?
--Max
> On Nov 7, 2018, at
Webrev updated at
https://cr.openjdk.java.net/~weijun/8213009/webrev.00/
The subtask id is now used.
The previous refactoring has removed the "RSA" algorithm info from some keys.
This update adds them back.
Thanks
Max
> On Oct 25, 2018, at 4:38 PM, Weijun Wang wrote:
>
> Please review the
As -curvename is a new option, I would second the comments that don't
allow mixing curve names and keysize at the same time.
Xuelei
On 11/5/2018 11:41 PM, Bernd Eckenfels wrote:
Hello,
I would agree ignoring an (conflicting) option adds confusion. When
specifying a curve is a new feature we
Nice update!
For the update in ClientHello.java, I may suggest moving it to
pre_shared_key extension class. It may be a little bit safer if the
extension can be loaded in other places.
Thanks,
Xuelei
On 11/5/2018 11:51 PM, Jamil Nimeh wrote:
Hello all,
This fixes an issue where TLS 1.3 re
On 11/6/2018 2:18 AM, Weijun Wang wrote:
On Nov 6, 2018, at 1:06 PM, Xuelei Fan wrote:
If the option "-keysize 256 -curvename sect163k1" work, I may think that the
key size if 256 bits. I want to create a 256 bits sect163k1 EC key, and the tool allows
this behavior, so I should get a 256 bi
You are right. Upgrade to [1] helped in my case. Thank you for your help.
[1]
https://mvnrepository.com/artifact/org.mortbay.jetty.alpn/alpn-boot/8.1.13.v20181017
On Tue, 6 Nov 2018 at 08:17, Norman Maurer wrote:
>
> I think this may be caused by using the wrong jetty alpn version.
>
> Be sure
> On 5 Nov 2018, at 18:52, Xuelei Fan wrote:
>
> Hi Chris and Sean,
>
> There are a few feedback for the CSR approval. I updated to use
> Optional for the returned value. For more details, please refer
> to:
> https://bugs.openjdk.java.net/browse/JDK-8213161
> http://cr.openjdk.java.net/
With JDK-8203629 now pushed, I've re-based my patch on latest jdk/jdk code.
Some modifications also made based on off-thread suggestions :
src/java.base/share/classes/java/security/Security.java
* Only record JDK security properties for now (i.e. those in
java.security conf file)
- we can co
18 matches
Mail list logo
