Please review the changes that adds the -signer option to keytool -genkeypair
command. As key agreement algorithms do not have a signing algorithm, the
specified signer's private key will be used to sign and generate a key
agreement certificate.
CSR review is at: https://bugs.openjdk.java.net/br
On Thu, 25 Mar 2021 22:13:42 GMT, Martin Balao wrote:
>> Hi,
>>
>> I'd like to propose a fix for JDK-8261355 [1].
>>
>> The scheme used for holding data and padding while performing encryption
>> operations is almost the same than the existing one for decryption. The only
>> difference is tha
On Thu, 25 Mar 2021 22:13:42 GMT, Martin Balao wrote:
>> Hi,
>>
>> I'd like to propose a fix for JDK-8261355 [1].
>>
>> The scheme used for holding data and padding while performing encryption
>> operations is almost the same than the existing one for decryption. The only
>> difference is tha
On Tue, 30 Mar 2021 22:10:11 GMT, Valerie Peng wrote:
>> Martin Balao has updated the pull request with a new target base due to a
>> merge or a rebase. The pull request now contains three commits:
>>
>> - Avoid overriding buffered bytes with padding in the doFinal call.
>> - Only do encrypti
On Thu, 25 Mar 2021 22:13:42 GMT, Martin Balao wrote:
>> Hi,
>>
>> I'd like to propose a fix for JDK-8261355 [1].
>>
>> The scheme used for holding data and padding while performing encryption
>> operations is almost the same than the existing one for decryption. The only
>> difference is tha
On Thu, 25 Mar 2021 22:13:42 GMT, Martin Balao wrote:
>> Hi,
>>
>> I'd like to propose a fix for JDK-8261355 [1].
>>
>> The scheme used for holding data and padding while performing encryption
>> operations is almost the same than the existing one for decryption. The only
>> difference is tha
On Thu, 25 Mar 2021 22:13:42 GMT, Martin Balao wrote:
>> Hi,
>>
>> I'd like to propose a fix for JDK-8261355 [1].
>>
>> The scheme used for holding data and padding while performing encryption
>> operations is almost the same than the existing one for decryption. The only
>> difference is tha
On Thu, 25 Mar 2021 22:13:42 GMT, Martin Balao wrote:
>> Hi,
>>
>> I'd like to propose a fix for JDK-8261355 [1].
>>
>> The scheme used for holding data and padding while performing encryption
>> operations is almost the same than the existing one for decryption. The only
>> difference is tha
On Thu, 25 Mar 2021 22:13:42 GMT, Martin Balao wrote:
>> Hi,
>>
>> I'd like to propose a fix for JDK-8261355 [1].
>>
>> The scheme used for holding data and padding while performing encryption
>> operations is almost the same than the existing one for decryption. The only
>> difference is tha
On Tue, 30 Mar 2021 18:41:45 GMT, Sean Mullan wrote:
>> There are other fields in `RSASSAParams`, so if there is no DigestMethod, it
>> will be SHA-256 but the other fields (like SaltLength or TrailerField) will
>> still be read if they exist.
>>
>> If there is no `RSASSAParams` at all or if i
On Wed, 24 Mar 2021 23:17:46 GMT, Joe Darcy wrote:
> 8264148: Update spec for exceptions retrofitted for exception chaining
This pull request has now been integrated.
Changeset: 815248ab
Author:Joe Darcy
URL: https://git.openjdk.java.net/jdk/commit/815248ab
Stats: 84 lines in 22
Hi,
JDK-8206925 was backported to 11.0.10-oracle, but it's still missing in the
Open Source version.
I'd like to backport it for parity.
It does apply cleanly, but I had to modify it, because the following change is
not in 11u:
https://bugs.openjdk.java.net/browse/JDK-8215712
Bug:
https://bugs.
Hi,
JDK-8254631 is backported to 11.0.12-oracle. I'd like to backport it for parity.
It applies cleanly, but the javadoc parts don't compile with 11u. They are not
compatible with 11u and are documented to be dropped in the CSR (linked below).
As also documented in the CSR, the old behavior can g
Hi Christoph,
thank you for the review and checking the tests!
I agree. We should try to deliver it with 11.0.11 if possible.
I’ve added the CSR to my backport comment and labeled the issue with
jdk11u-critical-request.
Best regards,
Martin
From: Langer, Christoph
Sent: Mittwoch, 24. März 20
Hi,
On Thu, Mar 4, 2021 at 10:48 PM Xue-Lei Fan wrote:
>
>
> Hi Arjan,
>
> Did you have a chance to read RFC 8740? Post-Handshake authentication in
> HTTP/2 is not allowed for TLS 1.3. Is there a concern for the use case you
> mentioned?
>
Servlet supports both HTTP/1.1 and HTTP/2. The conce
Hi,
JDK-8243559 is backported to 11.0.12-oracle. I'd like to backport it for parity.
I had to integrate changes to the test VerifyCACerts.java manually:
- Add bug ID.
- Adapt COUNT.
- Compute new CHECKSUM.
- Remove verisigntsaca and thawtepremiumserverca in the last hunk.
Bug:
https://bugs.openj
Hi Severin,
thank you for the review!
Best regards,
Martin
> -Original Message-
> From: Severin Gehwolf
> Sent: Dienstag, 16. März 2021 15:12
> To: Doerr, Martin ; jdk-updates-
> d...@openjdk.java.net; security-dev
> Cc: Lindenmaier, Goetz ; Langer, Christoph
>
> Subject: Re: [11u] R
Hi Severin,
sorry, seems like I had pasted the wrong one. Here's the correct one:
http://cr.openjdk.java.net/~mdoerr/8243559_root_ca_11u/webrev.00/
Best regards,
Martin
> -Original Message-
> From: Severin Gehwolf
> Sent: Dienstag, 16. März 2021 11:21
> To: Doerr, Martin ; jdk-updates-
On Tue, 30 Mar 2021 16:39:37 GMT, Weijun Wang wrote:
>> src/java.xml.crypto/share/classes/javax/xml/crypto/dsig/spec/RSAPSSParameterSpec.java
>> line 99:
>>
>>> 97: * @return the encapsulated {@code PSSParameterSpec} object
>>> 98: */
>>> 99: public PSSParameterSpec getPSSParamete
On Tue, 30 Mar 2021 16:56:22 GMT, Weijun Wang wrote:
>> src/java.xml.crypto/share/classes/javax/xml/crypto/dsig/spec/RSAPSSParameterSpec.java
>> line 103:
>>
>>> 101: }
>>> 102:
>>> 103: @Override
>>
>> Since you are overriding `Object.hashCode` and `equals`, I think you should
>> do
On Tue, 30 Mar 2021 16:34:45 GMT, Weijun Wang wrote:
>> src/java.xml.crypto/share/classes/javax/xml/crypto/dsig/spec/RSAPSSParameterSpec.java
>> line 89:
>>
>>> 87: *
>>> 88: * @param spec the input {@code PSSParameterSpec} to be encapsulated
>>> 89: */
>>
>> Should this throw N
On Wed, 24 Mar 2021 23:17:46 GMT, Joe Darcy wrote:
> 8264148: Update spec for exceptions retrofitted for exception chaining
Marked as reviewed by smarks (Reviewer).
-
PR: https://git.openjdk.java.net/jdk/pull/3182
On Tue, 30 Mar 2021 15:34:16 GMT, Sean Mullan wrote:
>> Weijun Wang has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> update XMLUtils (not used by tests here)
>
> src/java.xml.crypto/share/classes/javax/xml/crypto/dsig/spec/RSAPSSParameter
On Tue, 30 Mar 2021 15:31:22 GMT, Sean Mullan wrote:
>> Weijun Wang has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> update XMLUtils (not used by tests here)
>
> src/java.xml.crypto/share/classes/javax/xml/crypto/dsig/spec/RSAPSSParameter
On Tue, 30 Mar 2021 15:04:29 GMT, Sean Mullan wrote:
>> Weijun Wang has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> update XMLUtils (not used by tests here)
>
> src/java.xml.crypto/share/classes/javax/xml/crypto/dsig/spec/RSAPSSParameter
On 3/30/2021 6:29 AM, Roger Riggs wrote:
On Wed, 24 Mar 2021 23:17:46 GMT, Joe Darcy wrote:
8264148: Update spec for exceptions retrofitted for exception chaining
I agree that the public field in WriteAbortedException could be remediated.
But it is also mostly harmless.
src/jdk.hotspot.age
On 3/30/2021 6:43 AM, jmehrens wrote:
On Wed, 24 Mar 2021 23:17:46 GMT, Joe Darcy wrote:
8264148: Update spec for exceptions retrofitted for exception chaining
src/java.base/share/classes/java/io/WriteAbortedException.java line 86:
84: @Override
85: public Throwable getCause() {
8
On Tue, 30 Mar 2021 02:07:06 GMT, Weijun Wang wrote:
>> This enhancement contains the following code changes:
>>
>> 1. Create a new public API `javax/xml/crypto/dsig/spec/RSAPSSParameterSpec`
>> and remove the internal one.
>> 2. Update marshaling and unmarshaling code inside `DOMRSAPSSSignatur
On Wed, 24 Mar 2021 23:17:46 GMT, Joe Darcy wrote:
> 8264148: Update spec for exceptions retrofitted for exception chaining
src/java.base/share/classes/java/io/WriteAbortedException.java line 86:
> 84: @Override
> 85: public Throwable getCause() {
> 86: return detail;
Use Suppr
On Wed, 24 Mar 2021 23:17:46 GMT, Joe Darcy wrote:
> 8264148: Update spec for exceptions retrofitted for exception chaining
I agree that the public field in WriteAbortedException could be remediated.
But it is also mostly harmless.
src/jdk.hotspot.agent/share/classes/sun/jvm/hotspot/runtime/VMO
These permissions are needed so that the URIDereferencer is able to read data
from a file system or a network. As the test shows, you still have to grant the
same type of permission to your application.
-
Depends on: https://git.openjdk.java.net/jdk/pull/3181
Commit messages:
- 82
> This PR is to introduce a new random number API for the JDK. The primary API
> is found in RandomGenerator and RandomGeneratorFactory. Further description
> can be found in the JEP https://openjdk.java.net/jeps/356 .
>
> javadoc can be found at
> http://cr.openjdk.java.net/~jlaskey/prng/doc/a
> This PR is to introduce a new random number API for the JDK. The primary API
> is found in RandomGenerator and RandomGeneratorFactory. Further description
> can be found in the JEP https://openjdk.java.net/jeps/356 .
>
> javadoc can be found at
> http://cr.openjdk.java.net/~jlaskey/prng/doc/a
On Thu, 18 Mar 2021 12:57:16 GMT, Jim Laskey wrote:
>> src/java.base/share/classes/jdk/internal/util/random/RandomSupport.java line
>> 62:
>>
>>> 60: @Retention(RetentionPolicy.RUNTIME)
>>> 61: @Target(ElementType.TYPE)
>>> 62: public @interface RandomGeneratorProperties {
>>
>> Sh
34 matches
Mail list logo