Re: RFR 8180570: Refactor sun/security/mscapi shell tests to plain java tests

Ping again. > On Mar 8, 2018, at 8:37 PM, Weijun Wang wrote: > > > >> On Mar 8, 2018, at 6:13 PM, Weijun Wang wrote: >> >> Please take a review at >> >> http://cr.openjdk.java.net/~weijun/8180570/webrev.00 > > Updated in place. > >> >> Several notes: >> >> 1. The original KeyStoreCompa

Re: RFR 8180570: Refactor sun/security/mscapi shell tests to plain java tests

Hi Max, KeytoolChangeAlias.java: - maybe better to run ks.deleteEntry("13579") in a finally block - should it delete "246810" as well? Otherwise looks good to me :) Artem 2018-03-27 9:51 GMT+02:00 Weijun Wang : > Ping again. > > > On Mar 8, 2018, at 8:37 PM, Weijun Wang wrote: > > > > > > >

Re: RFR 8180570: Refactor sun/security/mscapi shell tests to plain java tests

Hi Artem Long time no see. I checked and you're still a reviewer. Great. Thanks for the good suggestions. On the other hand, MSCAPI keystore is a little strange in alias names, could be duplicated, could have key with a cert. I'll try out on a real machine. --Max > On Mar 27, 2018, at 4:03 PM

Re: -Djava.security.manager=problems for service providers

Moving this to security-dev. From the stack trace, it looks like you are using JDK 8 or older. There are several changes in JDK 9 and newer in the PolicyFile code to how it loads its resources that may help with the issues you are seeing. -Alan On 27/03/2018 13:56, Peter Firmstone wrote: No

Re: -Djava.security.manager=problems for service providers

Hi, On 27/03/2018 14:06, Alan Bateman wrote: Moving this to security-dev. From the stack trace, it looks like you are using JDK 8 or older. There are several changes in JDK 9 and newer in the PolicyFile code to how it loads its resources that may help with the issues you are seeing. -Alan

Re: RFR: 8200219: Develop new tests for using new elliptic curves: curve25519 and curve448

I have a couple of minor comments. I am not a Reviewer, so someone else will still need to look at this. KeySizeTest: You can use the byteArrayToHexString that is in Convert in the test lib. See TestXDH.java for an example of how this method is imported and used. MultiThreadTest: In testKeyAgr

[11] RFR: 8193032: Remove terminally deprecated SecurityManager APIs

Please remove this change to remove several SecurityManager methods that have been marked for removal since Java SE 9: checkTopLevelWindow, checkSystemClipboardAccess, checkAwtEventQueueAccess, and checkMemberAccess. These methods no longer have any benefit, and removing them will follow throug

Re: [11] RFR: 8193032: Remove terminally deprecated SecurityManager APIs

On 27/03/2018 16:15, Sean Mullan wrote: Please remove this change to remove several SecurityManager methods that have been marked for removal since Java SE 9: checkTopLevelWindow, checkSystemClipboardAccess, checkAwtEventQueueAccess, and checkMemberAccess. These methods no longer have any bene

Re: [11] RFR: 8193032: Remove terminally deprecated SecurityManager APIs

On 3/27/18 11:26 AM, Alan Bateman wrote: On 27/03/2018 16:15, Sean Mullan wrote: Please remove this change to remove several SecurityManager methods that have been marked for removal since Java SE 9: checkTopLevelWindow, checkSystemClipboardAccess, checkAwtEventQueueAccess, and checkMemberAcce

RFR 8171277: Elliptic Curves for Security in Crypto (part 2)

After the last code review[1] on this topic completed, it was suggested that I add some more "spec enforcement" to the XDH service. The code hasn't been integrated yet, so I'm doing this as a follow-on review under the same ticket. The latest webrev contains only the diff from the end of the la

Re: [11] RFR: 8193032: Remove terminally deprecated SecurityManager APIs

On 3/27/18 11:15 PM, Sean Mullan wrote: Please remove this change to remove several SecurityManager methods that have been marked for removal since Java SE 9: checkTopLevelWindow, checkSystemClipboardAccess, checkAwtEventQueueAccess, and checkMemberAccess. These methods no longer have any be

Re: RFR: JDK-8200178 Remove mapfiles for JDK native libraries

> On Mar 24, 2018, at 6:03 AM, Magnus Ihse Bursie > wrote: > > https://bugs.openjdk.java.net/browse/JDK-8200193 -- for jdk.security.auth There is only one function to export and it already has JNIEXPORT, so you can just remove the new $(LIBJAAS_CFLAGS) [1]. Are you going to update your webr

RFR[11] JDK-8146293 "Add Support for RSA-PSS Signature Algorithm as in PKCS#1 v2.2"

Hi Brad, Can you please help review the changes for RSA-PSS support? I also added some minor enhancement which add 2 more digest algorithms for OAEP padding. There are quite some changes involved. The main changes are in the SunRsaSign provider, i.e. sun.security.rsa packages. I reused existing

RE: -Djava.security.manager=problems for service providers

Thanks Daniel, Ah yes, I see what's happening and why this only occurs when using -Djava.security.manager= sun.misc.Launcher calls the security manager constructor from within its constructor, which creates a recursive call back to the static method Launcher.getLauncher(), which returns the

Re: -Djava.security.manager=problems for service provider

It would be more correct to say, it wasn't noticed until recently. The logger was recently added to our policy implementation as a todo item, previously it went to System.out.err. The logger in our security manager, while a static field, has this comment: /** * Logger is lazily loaded, t

Re: RFR: ChaCha20 and ChaCha20/Poly1305 Cipher implementations

Hi Jamil, I have a minor point on your tests. -- com/sun/crypto/provider/Cipher/ChaCha20/ChaCha20KAT.java  505 private static byte[] hex2bin(String hex) {  506 int i;  507 int len = hex.length();  508 byte[] data = new byte [len / 2];  509 for (i = 0; i < len;