Re: RFR[14] 8232950: SUNPKCS11 Provider incorrectly check key length for PSS Signatures.

+1 > On Oct 30, 2019, at 2:00 PM, Anthony Scarpino > wrote: > >> On 10/30/19 1:13 PM, Valerie Peng wrote: >> Anyone has a minute to review this trivial fix? The supported key size info >> for the PKCS#11 PSS mechanism should be in bits. The current code treat them >> as in bytes. This does no

Re: Is there any reason not to have 8223269 in JDK baseline?

Martin, Newer JDK families should be using the PKCS12 keystore format. For that reason, I kept it 8u only. It was a solution to address a particular use case reported by an Oracle JDK user. regards, Sean. On 30/10/2019 18:21, Martin Balao wrote: Hi, I've noticed that 8223269 [1] (not publi

Re: RFR[14] 8232950: SUNPKCS11 Provider incorrectly check key length for PSS Signatures.

On 10/30/19 1:13 PM, Valerie Peng wrote: Anyone has a minute to review this trivial fix? The supported key size info for the PKCS#11 PSS mechanism should be in bits. The current code treat them as in bytes. This does not cause any existing regression test failure because NSS has a very low valu

Re: RFR [14] 8223940: Private key not supported by chosen signature algorithm

Ok, I will take a look~ Valerie On 10/30/2019 10:48 AM, Xuelei Fan wrote: ping ... On 10/24/2019 1:56 PM, Xuelei Fan wrote: Hi, Could I get the following update reviewed? http://cr.openjdk.java.net/~xuelei/8223940/webrev.00/ For signature algorithms, the update will fail back to use th

RFR[14] 8232950: SUNPKCS11 Provider incorrectly check key length for PSS Signatures.

Anyone has a minute to review this trivial fix? The supported key size info for the PKCS#11 PSS mechanism should be in bits. The current code treat them as in bytes. This does not cause any existing regression test failure because NSS has a very low value, i.e. 128, as the minimum key size. B

Is there any reason not to have 8223269 in JDK baseline?

Hi, I've noticed that 8223269 [1] (not public) has been included in Oracle's 8u231 JDK [2]. Is there a reason not to have this in JDK baseline? (and, thus, create a backport for the open JDKs) In case there is not, I'll proceed with a new ticket (unless you want to make [1] public), a CSR and a

Re: RFR [14] 8223940: Private key not supported by chosen signature algorithm

ping ... On 10/24/2019 1:56 PM, Xuelei Fan wrote: Hi, Could I get the following update reviewed?     http://cr.openjdk.java.net/~xuelei/8223940/webrev.00/ For signature algorithms, the update will fail back to use the supported signature algorithm for the specific private key.  Previously, t

RE: [11u] RFR 8215032: Support Kerberos cross-realm referrals (RFC 6806)

Hi Martin, Sorry for the late reply... been rather busy the last days. You're asking me to review the CSR for backporting JDK8215032. I, however, am not an expert in that area and could probably only check whether you copied the content correctly from the original CSR. So, I'd like to refer thi