Re: [RFR] 8166597: Crypto support for the EdDSA Signature Algorithm (JEP 339)

Another question: Why does getAlgorithm() of PublicKey and PrivateKey return "EdDSA" instead of "Ed25519" and "Ed448"? Do we suggest people using "EdDSA" or "Ed25519"/"Ed448" when calling KeyFactory.getInstance() and KeyPairGenerator.getInstance()? Thanks, Max > On Mar 24, 2020, at 2:53 AM, A

Re: RFR 8241960: The SHA3 message digests are not thread safe when cloned

Hi Alexey, In general looks pretty good, just some comments on the regression test: - line 28: The duration value 10 may be lowered to shorten the execution time. On a Linux machine, with threadFactor=5, each digest algo takes about (2xduration+2) sec and overall takes ~283sec. Cutting the dur

Re: RFR 8241888: Mirror jdk.security.allowNonCaAnchor system property with a security one

Hi, Webrev.02: * http://cr.openjdk.java.net/~mbalao/webrevs/8241888/8241888.webrev.02 On 4/2/20 5:02 PM, Sean Mullan wrote: > > In the java.security file might add the sentence "The default value of > the property is "false"" just to avoid any confusion. > Added. Thanks, Martin.-

Re: RFR 8241888: Mirror jdk.security.allowNonCaAnchor system property with a security one

On 4/1/20 5:53 PM, Martin Balao wrote: Fixed. Webrev.01: *http://cr.openjdk.java.net/~mbalao/webrevs/8241888/8241888.webrev.01/ In the java.security file might add the sentence "The default value of the property is "false"" just to avoid any confusion. --Sean

RE: RFR[jdk] 8237474: Default SSLEngine should create in server role

Thanks for review Xuelei, I will incorporate your suggestions. Thanks, Prasad.K > -Original Message- > From: Xuelei Fan > Sent: Thursday, April 2, 2020 9:12 PM > To: [email protected] > Subject: Re: RFR[jdk] 8237474: Default SSLEngine should create in server role > > Please

Re: RFR[jdk] 8237474: Default SSLEngine should create in server role

Please update copyright year to 2020. SSLEngine.java -- @@ -1109,10 +1115,14 @@ + * @implNote + * The JDK SunJSSE provider implementation returns false unless {@link setUseClientMode} + * is used to change the mode to true. For the link, I may add parameter, an

Re: Possible regression in JDK 14 related to SSLSessionContext / SSLSession on the server side

Thanks a lot… Happy to be able to help here. Once you have a fix ready let me know and I can verify it with the netty testsuite. Bye Norman > On 1. Apr 2020, at 23:37, Jamil Nimeh wrote: > > Hi Norman, session context issue is here: > > https://bugs.openjdk.java.net/browse/JDK-8242008 >

Re: [RFR] 8166597: Crypto support for the EdDSA Signature Algorithm (JEP 339)

One more thing: https://tools.ietf.org/html/rfc8410#section-1 In [RFC8032] the elliptic curve signature system Edwards-curve Digital Signature Algorithm (EdDSA) is described along with a recommendation for the use of the curve25519 and curve448. EdDSA has defined two modes: the PureE