Re: [9] RFR 8134487:updated sun/security/ssl/StatusStapling/* to work with modules

2016-02-15 Thread Alan Bateman
On 16/02/2016 03:31, Tim Du wrote: Hi All: Please help to review the fix for Jigsaw test bug.Thanks. Bug: https://bugs.openjdk.java.net/browse/JDK-8134487 Webrev: http://cr.openjdk.java.net/~tidu/8134487/webrev.01/ The test to access non-public class.To workaround the issue , I create the

Re: Code Review Request 8139565 Restrict certificates with DSA keys less than 1024 bits

2016-02-15 Thread Xuelei Fan
Added a new regression test: http://cr.openjdk.java.net/~xuelei/8139565/webrev.01/ Thanks, Xuelei On 2/15/2016 8:23 AM, Xuelei Fan wrote: > Hi, > > Please review this security crypto constraints update: > >http://cr.openjdk.java.net/~xuelei/8139565/webrev.00/ > > This fix updates the

[9] RFR 8134487:updated sun/security/ssl/StatusStapling/* to work with modules

2016-02-15 Thread Tim Du
Hi All: Please help to review the fix for Jigsaw test bug.Thanks. Bug: https://bugs.openjdk.java.net/browse/JDK-8134487 Webrev: http://cr.openjdk.java.net/~tidu/8134487/webrev.01/ The test to access non-public class.To workaround the issue , I create the test wrapper to compile test class

Re: Code Review Request, 8148500: [Spec] Enabled SSL Protocols may not be used

2016-02-15 Thread Xuelei Fan
It's nice. Here is the updated webrev: http://cr.openjdk.java.net/~xuelei/8148500/webrev/ Thanks, Xuelei On 2/16/2016 12:05 AM, Sean Mullan wrote: > On lines 282-5 of SSLSocket, I think you should use similar language to > be consistent: > > "Note that even if a suite has been enabled, it

Re: Code Review Request, 8148500: [Spec] Enabled SSL Protocols may not be used

2016-02-15 Thread Sean Mullan
On lines 282-5 of SSLSocket, I think you should use similar language to be consistent: "Note that even if a suite has been enabled, it may never be used. This can occur if the peer does not support it, the requisite certificates (and private keys) for the suite are not available, or an

Re: [9] request for review 8149411: PKCS12KeyStore cannot extract AES Secret Keys

2016-02-15 Thread Vincent Ryan
Thanks. > On 15 Feb 2016, at 15:20, Xuelei Fan wrote: > > Looks fine to me. > > Xuelei > > On 2/15/2016 10:54 PM, Vincent Ryan wrote: >> Please review this fix to PKCS12 keystore implementation that removes an >> unnecessary dependency on SecretKeyFactory when

Re: [9] request for review 8149411: PKCS12KeyStore cannot extract AES Secret Keys

2016-02-15 Thread Xuelei Fan
Looks fine to me. Xuelei On 2/15/2016 10:54 PM, Vincent Ryan wrote: > Please review this fix to PKCS12 keystore implementation that removes an > unnecessary dependency on SecretKeyFactory when extracting a secret key. > SecretKeySpec is used instead of SecretKeyFactory because it is JCE >

[9] request for review 8149411: PKCS12KeyStore cannot extract AES Secret Keys

2016-02-15 Thread Vincent Ryan
Please review this fix to PKCS12 keystore implementation that removes an unnecessary dependency on SecretKeyFactory when extracting a secret key. SecretKeySpec is used instead of SecretKeyFactory because it is JCE provider-independent. Webrev:

Re: Code Review Request 8149417 Use final restricted flag

2016-02-15 Thread Sean Mullan
Looks good. --Sean On 02/15/2016 01:33 AM, Xuelei Fan wrote: Hi, Please review this code cleanup: http://cr.openjdk.java.net/~xuelei/8149417/webrev.00/ Simple fix, adding final key word to a static flag. Thanks, Xuelei