On Tue, 3 May 2022 00:17:11 GMT, Weijun Wang wrote:
>> An example is RSASSA-PSS, i.e. it requires the caller to explicitly state
>> which message digest to use, etc.
>
> You listed 2 cases when null is returned: 1) not supplied. 2) cannot
> generate. My understanding is that the RSASSA-PSS
On Tue, 19 Apr 2022 16:08:28 GMT, Hai-May Chao wrote:
> Please review these changes to add DES/3DES/MD5 to
> `jdk.security.legacyAlgorithms` security property, and to add the legacy
> algorithm constraint checking to `keytool` commands that are associated with
> secret key entries stored in
On Thu, 28 Apr 2022 13:47:05 GMT, Sean Mullan wrote:
>> Changes requested by mullan (Reviewer).
>
>> @seanjmullan Since we use symmetric keys to encrypt entries and add
>> integrity check, should this enhancement cover them as well? For example, if
>> a PKCS12 keystore is created with
On Wed, 4 May 2022 20:16:12 GMT, Hai-May Chao wrote:
>> Please review these changes to add DES/3DES/MD5 to
>> `jdk.security.legacyAlgorithms` security property, and to add the legacy
>> algorithm constraint checking to `keytool` commands that are associated with
>> secret key entries stored
> On Windows you can now access the local machine keystores using the strings
> "Windows-MY-LOCALMACHINE" and "Windows-ROOT-LOCALMACHINE"; note the
> application requires admin privileges.
>
> "Windows-MY" and "Windows-ROOT" remain unchanged, however given these
> original keystore strings
On Wed, 4 May 2022 03:10:10 GMT, Weijun Wang wrote:
>> Mat Carter has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> replace string parameter with int and supporting constants
>
>
On Tue, 3 May 2022 22:52:49 GMT, Mat Carter wrote:
>> On Windows you can now access the local machine keystores using the strings
>> "Windows-MY-LOCALMACHINE" and "Windows-ROOT-LOCALMACHINE"; note the
>> application requires admin privileges.
>>
>> "Windows-MY" and "Windows-ROOT" remain
On Wed, 4 May 2022 20:16:12 GMT, Hai-May Chao wrote:
>> Please review these changes to add DES/3DES/MD5 to
>> `jdk.security.legacyAlgorithms` security property, and to add the legacy
>> algorithm constraint checking to `keytool` commands that are associated with
>> secret key entries stored
On Tue, 3 May 2022 14:54:21 GMT, Hai-May Chao wrote:
>> src/java.base/share/classes/sun/security/tools/keytool/Main.java line 2196:
>>
>>> 2194:
>>> 2195: try {
>>> 2196: SecretKey secKey = (SecretKey) keyStore.getKey(alias,
>>> storePass);
>>
>> This means any
> Please review these changes to add DES/3DES/MD5 to
> `jdk.security.legacyAlgorithms` security property, and to add the legacy
> algorithm constraint checking to `keytool` commands that are associated with
> secret key entries stored in the keystore. These `keytool` commands are
> -genseckey,
On Wed, 4 May 2022 16:29:09 GMT, Sean Mullan wrote:
>> Hai-May Chao has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> Skip alg constraint check for PBE secret key entry
>
> src/java.base/share/classes/sun/security/tools/keytool/Main.java
On Mon, 25 Apr 2022 14:23:17 GMT, Xue-Lei Andrew Fan wrote:
>> Hi,
>>
>> Could I have the simple update reviewed?
>>
>> In the PKCS12 key store implementation, the PBEKeySpec.clearPassword()
>> should be called in a finally try block. Otherwise, the password cleanup
>> could be interrupted
On Tue, 3 May 2022 02:07:13 GMT, Xue-Lei Andrew Fan wrote:
>> Please review the update to remove finalizer method in the SunJSSE provider
>> implementation. It is one of the efforts to clean up the use of finalizer
>> method in JDK.
>
> Xue-Lei Andrew Fan has updated the pull request
On Wed, 2 Mar 2022 19:04:26 GMT, zzambers wrote:
> When testing compatibility of jdk TLS implementation with gnutls, I have
> found a problem. The problem is, that gnutls does not like use of
> user_canceled alert when closing TLS-1.3 connection from duplexCloseOutput()
> (used by
On Mon, 25 Apr 2022 14:23:17 GMT, Xue-Lei Andrew Fan wrote:
>> Hi,
>>
>> Could I have the simple update reviewed?
>>
>> In the PKCS12 key store implementation, the PBEKeySpec.clearPassword()
>> should be called in a finally try block. Otherwise, the password cleanup
>> could be interrupted
On Mon, 25 Apr 2022 14:23:17 GMT, Xue-Lei Andrew Fan wrote:
>> Hi,
>>
>> Could I have the simple update reviewed?
>>
>> In the PKCS12 key store implementation, the PBEKeySpec.clearPassword()
>> should be called in a finally try block. Otherwise, the password cleanup
>> could be interrupted
On Wed, 4 May 2022 03:18:43 GMT, Weijun Wang wrote:
>> Mat Carter has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> replace string parameter with int and supporting constants
>
> Also, please remove trailing spaces and create a new
On Wed, 4 May 2022 03:18:43 GMT, Weijun Wang wrote:
>> Mat Carter has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> replace string parameter with int and supporting constants
>
> Also, please remove trailing spaces and create a new
On Wed, 4 May 2022 05:55:08 GMT, Hai-May Chao wrote:
>> Please review these changes to add DES/3DES/MD5 to
>> `jdk.security.legacyAlgorithms` security property, and to add the legacy
>> algorithm constraint checking to `keytool` commands that are associated with
>> secret key entries stored
On Wed, 2 Mar 2022 19:04:26 GMT, zzambers wrote:
> When testing compatibility of jdk TLS implementation with gnutls, I have
> found a problem. The problem is, that gnutls does not like use of
> user_canceled alert when closing TLS-1.3 connection from duplexCloseOutput()
> (used by
On Tue, 3 May 2022 02:07:13 GMT, Xue-Lei Andrew Fan wrote:
>> Please review the update to remove finalizer method in the SunJSSE provider
>> implementation. It is one of the efforts to clean up the use of finalizer
>> method in JDK.
>
> Xue-Lei Andrew Fan has updated the pull request
21 matches
Mail list logo