On Wed, 12 Jan 2022 06:57:45 GMT, John Jiang wrote:
> In class `sun.security.ec.ECDHKeyAgreement`, the last `mod()` in the below
> line looks redundant,
>
> BigInteger lhs = y.modPow(BigInteger.valueOf(2), p).mod(p);
>
> I think this tiny change just be a code cleanup, so no test for it and la
On Tue, 11 Jan 2022 20:38:30 GMT, Weijun Wang wrote:
> Change the order so parent class is at the left.
This pull request has now been integrated.
Changeset: cb250298
Author:Weijun Wang
URL:
https://git.openjdk.java.net/jdk/commit/cb25029885b176be9ebbc84ac1a8ba71be96a6a7
Stats:
On Wed, 12 Jan 2022 21:22:34 GMT, Valerie Peng wrote:
>> src/jdk.crypto.ec/share/classes/sun/security/ec/SunEC.java line 322:
>>
>>> 320: */
>>> 321: putService(new ProviderServiceA(this, "KeyPairGenerator",
>>> 322: "EC", "sun.security.ec.ECKeyPairGenerator", ATTRS)
On Wed, 12 Jan 2022 22:40:09 GMT, Weijun Wang wrote:
>> Change the order so parent class is at the left.
>
> Weijun Wang has updated the pull request incrementally with one additional
> commit since the last revision:
>
> 8279800: isAssignableFrom checks in
> AlgorithmParametersSpi.engineGet
On Tue, 11 Jan 2022 20:34:59 GMT, Weijun Wang wrote:
> Add OID aliases for the 2 service. This makes sure KeyFactory can be created
> and read an encoded key without knowing what the OID in the encoding is for.
Marked as reviewed by valeriep (Reviewer).
-
PR: https://git.openjdk.j
On Wed, 12 Jan 2022 20:49:13 GMT, Xue-Lei Andrew Fan wrote:
> > If so, then the `if` block will be true and the spec object is casted to
> > your specified class (`AlgorithmParameterSpec.class` or `Object.class`) and
> > it always succeeds.
> > This is exactly what I want to achieve.
>
> Unfor
On Wed, 12 Jan 2022 22:40:09 GMT, Weijun Wang wrote:
>> Change the order so parent class is at the left.
>
> Weijun Wang has updated the pull request incrementally with one additional
> commit since the last revision:
>
> 8279800: isAssignableFrom checks in
> AlgorithmParametersSpi.engineGet
On Tue, 11 Jan 2022 20:38:30 GMT, Weijun Wang wrote:
> Change the order so parent class is at the left.
New commit pushed. Turns out `PBKDF2HmacSHA1Factory.java` is useless now. The
algorithm is now implemented as a sub-class of `PBKDF2Core`.
-
PR: https://git.openjdk.java.net/jdk
> Change the order so parent class is at the left.
Weijun Wang has updated the pull request incrementally with one additional
commit since the last revision:
8279800: isAssignableFrom checks in
AlgorithmParametersSpi.engineGetParameterSpec appear to be backwards
-
Changes:
- a
If a JAR is signed with multiple digest algorithms and one of the digest
algorithms is disabled, `ManifestEntryVerifier.verify()` was incorrectly
returning null indicating that the jar entry has no signers.
This fixes the issue such that an entry is considered signed if at least one of
the dig
On Wed, 12 Jan 2022 21:17:41 GMT, Valerie Peng wrote:
>> Add OID aliases for the 2 service. This makes sure KeyFactory can be created
>> and read an encoded key without knowing what the OID in the encoding is for.
>
> src/jdk.crypto.ec/share/classes/sun/security/ec/SunEC.java line 322:
>
>> 320
On Tue, 11 Jan 2022 20:34:59 GMT, Weijun Wang wrote:
> Add OID aliases for the 2 service. This makes sure KeyFactory can be created
> and read an encoded key without knowing what the OID in the encoding is for.
src/jdk.crypto.ec/share/classes/sun/security/ec/SunEC.java line 322:
> 320:
On Wed, 12 Jan 2022 07:29:04 GMT, John Jiang wrote:
>> In class `sun.security.ec.ECDHKeyAgreement`, the last `mod()` in the below
>> line looks redundant,
>>
>> BigInteger lhs = y.modPow(BigInteger.valueOf(2), p).mod(p);
>>
>> I think this tiny change just be a code cleanup, so no test for it
On Wed, 12 Jan 2022 20:01:10 GMT, Valerie Peng wrote:
>> Right, I suppose so.
>
> PBEKeyFactory.java, PBKDF2Core.java and PBKDF2HmacSHA1Factory.java also have
> isAssignableFrom() calls which seem backward. Perhaps covering them as well?
> If so, then the `if` block will be true and the spec ob
On Wed, 12 Jan 2022 19:54:38 GMT, Valerie Peng wrote:
>> The check ensures casting always succeeds. The fact that this has not been
>> noticed for such a long time means everyone is using the exact subclass type
>> when calling the method.
>
> Right, I suppose so.
PBEKeyFactory.java, PBKDF2Cor
On Wed, 12 Jan 2022 19:45:49 GMT, Weijun Wang wrote:
>> test/jdk/java/security/spec/IsAssignableFromOrder.java line 72:
>>
>>> 70: static void test(String algorithm, AlgorithmParameterSpec spec,
>>> 71: Class... classes) throws
>>> Exception {
>>> 72: var ap1 = Algorithm
On Wed, 12 Jan 2022 19:49:28 GMT, Weijun Wang wrote:
>> Interesting... In hindsight, the cast call sort of confirms that the
>> intended ordering is the suggested one.
>
> The check ensures casting always succeeds. The fact that this has not been
> noticed for such a long time means everyone is
On Wed, 12 Jan 2022 19:31:31 GMT, Valerie Peng wrote:
>> If so, then the `if` block will be true and the spec object is casted to
>> your specified class (`AlgorithmParameterSpec.class` or `Object.class`) and
>> it always succeeds.
>>
>> This is exactly what I want to achieve. In fact, this bu
On Wed, 12 Jan 2022 19:41:31 GMT, Valerie Peng wrote:
>> Change the order so parent class is at the left.
>
> test/jdk/java/security/spec/IsAssignableFromOrder.java line 72:
>
>> 70: static void test(String algorithm, AlgorithmParameterSpec spec,
>> 71: Class... classes) throws
On Tue, 11 Jan 2022 20:38:30 GMT, Weijun Wang wrote:
> Change the order so parent class is at the left.
test/jdk/java/security/spec/IsAssignableFromOrder.java line 72:
> 70: static void test(String algorithm, AlgorithmParameterSpec spec,
> 71: Class... classes) throws
> Excepti
On Wed, 12 Jan 2022 14:50:37 GMT, Weijun Wang wrote:
>> src/java.base/share/classes/com/sun/crypto/provider/BlockCipherParamsCore.java
>> line 111:
>>
>>> 109: T getParameterSpec(Class
>>> paramSpec)
>>> 110: throws InvalidParameterSpecException {
>>> 111: if (paramSpec.is
On Wed, 12 Jan 2022 07:29:04 GMT, John Jiang wrote:
>> In class `sun.security.ec.ECDHKeyAgreement`, the last `mod()` in the below
>> line looks redundant,
>>
>> BigInteger lhs = y.modPow(BigInteger.valueOf(2), p).mod(p);
>>
>> I think this tiny change just be a code cleanup, so no test for it
On Wed, 12 Jan 2022 06:08:29 GMT, Xue-Lei Andrew Fan wrote:
>> Change the order so parent class is at the left.
>
> src/java.base/share/classes/com/sun/crypto/provider/BlockCipherParamsCore.java
> line 111:
>
>> 109: T getParameterSpec(Class
>> paramSpec)
>> 110: throws InvalidPar
Hi Olivier,
After JEP 421 (deprecation of finalizers) and a JEP is assigned to
removal of finalizers, it will be possible to instrument java methods
and intercept their calls. While finalizers exist, instrumenting
constructors would allow finalizer attacks to circumvent the permission
check
24 matches
Mail list logo
