Could I please get a review for this fix for 8005922:
Edits to the manual test instructions for some policytool tests to
accommodate Windows-style paths.
Webrev: http://cr.openjdk.java.net/~juh/8005922/webrev.00/
Bug: http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=8005922
Thanks,
Jason
o that the
first step is numbered as "1."?
Otherwise, the changes look fine.
Thanks,
Jason
Thanks
Max
On 5/3/13 1:44 PM, Jason Uh wrote:
Could I please get a review for this fix for 8005922:
Edits to the manual test instructions for some policytool tests to
accommodate Windows-style paths
Changeset: d7f3d5659c46
Author:juh
Date: 2013-05-03 15:04 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/d7f3d5659c46
8005922: TEST_BUG: There is no /tmp directory for windows system.
Reviewed-by: weijun
! test/sun/security/tools/policytool/ChangeUI.html
! test/sun/security/
Changeset: bb9cdfac1a7d
Author:juh
Date: 2013-05-09 12:00 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/bb9cdfac1a7d
8007699: Move some tests from test/sun/security/provider/certpath/X509CertPath
to closed repo
Reviewed-by: mullan
- test/sun/security/provider/certpath/X509
Joe, all,
Could I please get a review of the following changes?
These changesets convert the ... javadoc tags to {@code
...} as part of an overall effort to clean up doclint warnings.
Webrevs --
- java.security.cert:
http://cr.openjdk.java.net/~juh/8017325/webrev.00/
- java.security.spec:
son
The files that have been updated
On 6/21/13 5:47 PM, Jason Uh wrote:
Joe, all,
Could I please get a review of the following changes?
These changesets convert the ... javadoc tags to {@code
...} as part of an overall effort to clean up doclint warnings.
Webrevs --
- java.security.cert:
On 6/24/13 10:51 AM, Joe Darcy wrote:
Hi Jason,
On 6/21/2013 6:58 PM, Jason Uh wrote:
After learning that javadoc is now capable of properly formatting the
"{@code ...}" construct, I have updated the changeset for
java.security.cert. Please review instead:
Webrevs --
- java.sec
Changeset: 757290440a2f
Author:juh
Date: 2013-06-25 14:31 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/757290440a2f
8017325: Cleanup of the javadoc tag in java.security.cert
Summary: Convert javadoc ... and ... tags to {@code ...}
Reviewed-by: darcy
! src/share/classes/ja
Changeset: 3700bb58c9a2
Author:juh
Date: 2013-06-25 14:41 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/3700bb58c9a2
8017326: Cleanup of the javadoc tag in java.security.spec
Summary: Convert javadoc and tags to {@code ...}
Reviewed-by: darcy
! src/share/classes/java/sec
son,
The javadoc changes look good to go back.
Thanks,
-Joe
On 6/25/2013 1:23 PM, Jason Uh wrote:
Joe,
Here are the updated webrevs:
- java.security.cert:
http://cr.openjdk.java.net/~juh/8017325/webrev.02/
- java.security.spec:
http://cr.openjdk.java.net/~juh/8017326/webrev.01
Joe,
Could I please get a review of this changeset?
These changes convert the remaining ... and ...
tags to {@code ...} in java.security and its subpackages.
Webrev:
http://cr.openjdk.java.net/~juh/8019360/webrev.00/
I've also changed each package's package.html file to package-info.java.
I
Thanks, Joe. I've updated my changes with all the things you pointed
out. The new webrev:
http://cr.openjdk.java.net/~juh/8019360/webrev.01/
I'll push this now.
Thanks,
Jason
On 6/27/13 11:36 PM, Joe Darcy wrote:
Hi Jason,
On 06/27/2013 11:11 PM, Jason Uh wrote:
Joe,
Could I pl
Changeset: 389f59e6288f
Author:juh
Date: 2013-06-28 10:48 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/389f59e6288f
8019360: Cleanup of the javadoc tag in java.security.*
Summary: Convert to {@code ...} tags. convert package.html to package-info.java.
Reviewed-by: darcy
!
Joe,
Could I please get a review of this changeset?
These changes fixed all (40) doclint errors in java.security and its
subpackages.
Webrev: http://cr.openjdk.java.net/~juh/8019539/webrev.00/
No undesirable changes were detected by specdiff.
Thanks,
Jason
Joe,
Thanks for your comments. I just sent out an updated webrev, but let me
put out a new one including my updates and changes to address your comments.
Thanks,
Jason
On 07/01/2013 04:16 PM, Joseph Darcy wrote:
On 7/1/2013 3:22 PM, Jason Uh wrote:
Joe,
Could I please get a review of
ags instead of creating multiple blocks.
Thanks,
Jason
On 07/01/2013 03:22 PM, Jason Uh wrote:
Joe,
Could I please get a review of this changeset?
These changes fixed all (40) doclint errors in java.security and its
subpackages.
Webrev: http://cr.openjdk.java.net/~juh/8019539/webrev.00/
Hi Joe,
Here's an update to my changes to address your comments below.
http://cr.openjdk.java.net/~juh/8019539/webrev.02/
Thanks,
Jason
On 07/01/2013 04:16 PM, Joseph Darcy wrote:
On 7/1/2013 3:22 PM, Jason Uh wrote:
Joe,
Could I please get a review of this changeset?
These changes
Changeset: 17f44b2dde41
Author:juh
Date: 2013-07-01 17:46 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/17f44b2dde41
8019539: Fix doclint errors in java.security and its subpackages
Reviewed-by: darcy
! src/share/classes/java/security/KeyStore.java
! src/share/classes/java/
Hi Joe,
Please review this changeset, which fixes doclint errors and warnings in
javax.crypto, javax.security.auth, and javax.security.cert.
Webrev: http://cr.openjdk.java.net/~juh/8019772/webrev.00/
Changeset have been checked for undesirable changes with specdiff.
Thanks,
Jason
Changeset: d5de500c99a3
Author:juh
Date: 2013-07-03 12:51 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/d5de500c99a3
8019772: Fix doclint issues in javax.crypto and javax.security subpackages
Reviewed-by: darcy
! src/share/classes/javax/crypto/Cipher.java
! src/share/classe
Hi Joe,
Please review this changeset, which fixes the HTML doclint issues in
java.io.
Webrev: http://cr.openjdk.java.net/~juh/8020091/webrev.00/
No undesirable changes detected by specdiff.
Thanks!
Jason
Yikes. Just realized I copied the wrong list. My apologies, all. Thanks
for the review, Joe!
Jason
On 07/08/2013 06:37 PM, Joseph Darcy wrote:
Hi Jason;
Looks good; approved to go back.
Thanks,
-Joe
On 7/8/2013 5:17 PM, Jason Uh wrote:
Hi Joe,
Please review this changeset, which fixes
Changeset: 52454985425d
Author:juh
Date: 2013-07-08 19:24 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/52454985425d
8020091: Fix HTML doclint issues in java.io
Reviewed-by: darcy
! src/share/classes/java/io/DataInput.java
! src/share/classes/java/io/FileInputStream.java
!
Changeset: 702556f7977e
Author:juh
Date: 2013-07-10 18:01 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/702556f7977e
8020318: Fix doclint issues in java.net
Reviewed-by: darcy, khazra
! src/share/classes/java/net/CookieStore.java
! src/share/classes/java/net/HttpURLPermissi
Hi Joe,
Could you please review this changeset? This change converts the javadoc
"..." and "..." HTML tags to "{@code ...}" and
also converts package.html files to package-info.java files.
Webrev: http://cr.openjdk.java.net/~juh/8020557/webrev.00/
No changes detected by specdiff.
Thanks,
Ja
Changeset: f7af15e2c95b
Author:juh
Date: 2013-07-16 12:19 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/f7af15e2c95b
8020557: javadoc cleanup in javax.security
Reviewed-by: darcy
! src/share/classes/javax/security/auth/AuthPermission.java
! src/share/classes/javax/security/
Changeset: 6e10d93273d0
Author:juh
Date: 2013-07-18 10:49 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/6e10d93273d0
8020426: Fix doclint accessibility issues in java.io
Reviewed-by: mduigou, darcy, chegar
! src/share/classes/java/io/DataInput.java
! src/share/classes/java/
Can I please get a review of this changeset?
Bug: http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=8016916
Webrev: http://cr.openjdk.java.net/~juh/8016916/webrev.00/
This change adds PrintableString to the list of ASN.1 tags that
PKCS9Attribute accepts for the UnstructuredName attribute. Also
Changeset: f9224fb49890
Author:juh
Date: 2013-07-24 12:48 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/f9224fb49890
8016916: UnstructuredName should support DirectoryString
Reviewed-by: mullan
! src/share/classes/sun/security/pkcs/PKCS9Attribute.java
! src/share/classes/su
Changeset: 7ae061cfd4be
Author:juh
Date: 2013-07-26 14:16 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/7ae061cfd4be
8019544: Need to run ProviderTest.java in othervm mode.
Reviewed-by: wetmore, xuelei, vinnie
Contributed-by: rajan.hal...@oracle.com
! test/sun/security/ssl/
Changeset: c042fd498f79
Author:ascarpino
Date: 2013-07-19 11:34 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/c042fd498f79
8012971: PKCS11Test hiding exception failures
Reviewed-by: vinnie, valeriep
! test/ProblemList.txt
! test/sun/security/pkcs11/PKCS11Test.java
! test/su
Changeset: e47569593fa0
Author:ascarpino
Date: 2013-07-29 13:43 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/e47569593fa0
8020424: The NSS version should be detected before running crypto tests
Reviewed-by: valeriep
! test/ProblemList.txt
! test/sun/security/pkcs11/KeyStor
Changeset: c76f89695c90
Author:juh
Date: 2013-07-30 11:04 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/c76f89695c90
8021833: javadoc cleanup in java.net
Summary: and converted to {@code }; package.html to
package-info.java
Reviewed-by: darcy, chegar
! src/share/classes/
Hi Joe,
Could you please review this changeset, which takes care of deprecation
warnings in sun.security.ec?
http://cr.openjdk.java.net/~juh/8022439/webrev.00
Thanks,
Jason
Changeset: 8112076ae424
Author:juh
Date: 2013-08-06 13:46 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/8112076ae424
8022439: Fix lint warnings in sun.security.ec
Reviewed-by: darcy
! src/share/classes/sun/security/ec/ECDSASignature.java
Hi Joe,
Please review this changeset, which fixes lint deprecation warnings in
sun.security.pkcs12.
http://cr.openjdk.java.net/~juh/8022443/webrev.00/
Thanks!
Jason
Changeset: 69cfd941aec2
Author:juh
Date: 2013-08-06 14:10 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/69cfd941aec2
8022443: Fix lint warnings in sun.security.pkcs12
Reviewed-by: darcy
! src/share/classes/sun/security/pkcs12/PKCS12KeyStore.java
Joe, Sean,
Could I please get a review of this changeset? This change fixes
deprecation warnings in:
sun.security.provider
sun.security.rsa
sun.security.x509
In sun.security.provider and sun.security.rsa, I change the use of
sun.security.x509.X509Key's key bytes to the BitArray form of the
x
On 8/7/13 7:51 AM, Joe Darcy wrote:
Hi Jason,
Looks fine to me, but a security reviewer should approve as well.
Thanks,
-Joe
On 08/06/2013 04:46 PM, Jason Uh wrote:
Joe, Sean,
Could I please get a review of this changeset? This change fixes
deprecation warnings in:
sun.security.p
On 08/07/2013 04:49 PM, Weijun Wang wrote:
On 8/8/13 7:13 AM, Jason Uh wrote:
On 8/6/13 6:30 PM, Weijun Wang wrote:
One question:
In src/share/classes/sun/security/x509/X509Key.java, two fields are now
not recommended:
@Deprecated
protected byte[] key = null
Changeset: 67edbf7e6b26
Author:juh
Date: 2013-08-08 17:06 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/67edbf7e6b26
8022461: Fix lint warnings in sun.security.{provider,rsa,x509}
Reviewed-by: darcy, weijun, xuelei, mullan
! src/share/classes/sun/security/provider/DSAPublic
Hi Joe,
Please review this fix, which fixes doclint issues in
java.security
java.security.cert
java.security.interfaces
webrev: http://cr.openjdk.java.net/~juh/8024432/webrev.00/
Changes have been checked against specdiff.
Thanks,
Jason
Thanks, Joe. I'll make that revision before I push.
On 09/06/2013 03:20 PM, Joseph Darcy wrote:
Hi Jason,
For the serialVersionUID changes, I recommend using "type" rather than
"class". Otherwise, the changes look fine.
Thanks,
-Joe
On 9/6/2013 2:40 PM, Jason U
Changeset: be0bcd6a904e
Author:juh
Date: 2013-09-09 10:52 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/be0bcd6a904e
8024432: Fix doclint issues in java.security
Reviewed-by: darcy, mullan
! src/share/classes/java/security/AccessController.java
! src/share/classes/java/secu
Thanks for catching that. I'll include that correction, too.
Jason
On 9/9/13 8:30 AM, Sean Mullan wrote:
CertPathBuilderSpi
[90]: should be "{@code CertPathChecker}"
--Sean
On 09/06/2013 05:40 PM, Jason Uh wrote:
Hi Joe,
Please review this fix, which fixes do
Changeset: d0de46a2cbd0
Author:ascarpino
Date: 2013-09-19 11:59 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/d0de46a2cbd0
7122707: Security Providers need to have their version numbers updated for JDK8
Reviewed-by: xuelei
! src/macosx/classes/apple/security/AppleProvider.j
Changeset: 2434e79fc41f
Author:ascarpino
Date: 2013-09-18 14:57 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/2434e79fc41f
8004283: test/sun/security/pkcs11/KeyStore/SecretKeysBasic.sh failing
intermittently
Reviewed-by: vinnie
! test/sun/security/pkcs11/KeyStore/SecretKey
Changeset: e4c897b33cb7
Author:ascarpino
Date: 2013-09-02 09:52 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/e4c897b33cb7
8009438: sun/security/pkcs11/Secmod tests failing on Ubuntu 12.04
Reviewed-by: vinnie
! src/share/classes/sun/security/pkcs11/Secmod.java
Hi Vinnie,
Could you please review this fix? The test
sun/security/tools/keytool/StorePasswords.java can terminate with an
error on Windows because of files not getting cleaned up, so this fix
deletes the keystore file at the end of the test.
webrev: http://cr.openjdk.java.net/~juh/8026233/w
Please review this fix. This changeset removes trailing slashes at the
end of the test library paths in the jtreg @library tag, which can cause
the tests to fail on Windows.
webrev: http://cr.openjdk.java.net/~juh/8026052/webrev.00/
Thanks,
Jason
more like a jtreg issue if it cannot
deal with that slash.
I haven't noticed it failing on Windows before. Can you point me to a
jtr file.
Thanks
Max
On 10/10/13 8:56 AM, Jason Uh wrote:
Please review this fix. This changeset removes trailing slashes at the
end of the test library pat
01:57, Jason Uh wrote:
Hi Vinnie,
Could you please review this fix? The test
sun/security/tools/keytool/StorePasswords.java can terminate with an error on
Windows because of files not getting cleaned up, so this fix deletes the
keystore file at the end of the test.
webrev: http://cr.openjdk.jav
Changeset: fa38f8e0accd
Author:juh
Date: 2013-10-17 12:00 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/fa38f8e0accd
8026233: test/sun/security/tools/keytool/StorePasswords.java needs to clean up
files
Reviewed-by: vinnie
! test/sun/security/tools/keytool/StorePasswords.ja
Hi Sean,
Could I please get a review of this changeset?
The change checks for null params when RevocationChecker.init is called.
Bug: https://bugs.openjdk.java.net/browse/JDK-8025287
Webrev: http://cr.openjdk.java.net/~juh/8025287/webrev.00/
Thanks,
Jason
Changeset: 975e3a89814e
Author:darcy
Date: 2013-10-21 13:36 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/975e3a89814e
8024603: Turn on javac lint checking for auxiliaryclass, empty, and try in jdk
build
Reviewed-by: erikj, ihse, chegar
! makefiles/Setup.gmk
Changeset: f4
System.out.println("Testing that get methods return null or " +
"empty lists/sets/maps");
requireNull(prc.getOcspResponder(), "getOcspResponder()");
--Sean
On 10/21/2013 08:12 PM, Jason Uh wrote:
Hi Sean,
Could I please get
Changeset: c956a5d0618f
Author:juh
Date: 2013-10-22 11:57 -0700
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/c956a5d0618f
8025287: NPE in
api/java_security/cert/PKIXRevocationChecker/GeneralTests_GeneralTests
Reviewed-by: mullan
! src/share/classes/sun/security/provider/certpat
Changeset: 5ac7cd164300
Author:juh
Date: 2013-11-27 15:25 -0800
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/5ac7cd164300
8021418: Intermittent: SSLSocketSSLEngineTemplate.java test fails with timeout
Reviewed-by: xuelei, wetmore
Contributed-by: rajan.hal...@oracle.com
! test/su
Could I please get a review for this change? This change fixes some
issues in CertPath building and CRL verification. The main components of
this fix are:
1. Proper setting of TrustAnchors when verifying indirect CRLs obtained
from CRL Distribution Points. I added an overloaded getCRLs() metho
Thanks for fixing these, Joe! The changes look good.
Jason
On 12/03/2013 09:40 AM, Joe Darcy wrote:
Hello,
Please review my fixes for
JDK-8029475 Fix more doclint issues in javax.security
http://cr.openjdk.java.net/~darcy/8029475.0/
Changes also in-line below.
Thanks,
-Jo
d @code tags, that is only for
javadoc comments.
--Sean
On 12/03/2013 01:51 PM, Jason Uh wrote:
Could I please get a review for this change? This change fixes some
issues in CertPath building and CRL verification. The main components of
this fix are:
1. Proper setting of TrustAnchors when verifyi
/2013 04:04 PM, Jason Uh wrote:
Thanks, Sean.
I've updated the webrev with your suggestions. Also, I've changed the
check for loops in ForwardBuilder.java to bail out whenever the same
certificate is encountered twice.
Please note that none of the policy mapping tests in the NIST PKITS
Changeset: d6c4ae56c079
Author:juh
Date: 2013-12-06 11:36 -0800
URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/d6c4ae56c079
8007967: Infinite loop can happen in
sun.security.provider.certpath.SunCertPathBuilder.depthFirstSearchForward()
Reviewed-by: mullan
! src/share/classes/sun
Hi Vinnie,
The change looks good to me.
Jason
(Not an official Reviewer)
On 12/9/13 3:25 PM, Vincent Ryan wrote:
Please review this fix to the OCSPResponse class in the internal
sun.security.provider.certpath package. Previously, when validating
an OCSP response, it expected the supplied issu
Hi all,
Please review this fix for JDK 9, which checks for an empty cert path
list in RevocationChecker.
webrev: http://cr.openjdk.java.net/~juh/8031025/webrev.01
noreq-sqe, as the fix can be verified with existing SQE tests.
Thanks,
Jason
Hi Sean,
Looks good to me, but I'm not an official Reviewer.
I have a couple of questions, though.
1. This isn't a part of your change, but shouldn't the comment on line
200 of AdaptableX509CertSelector.java read "As for version 3,..." and
not "As for version 2,..."?
2. Just curious, any re
On 2/14/14 7:17 AM, Sean Mullan wrote:
On 02/13/2014 10:04 PM, Jason Uh wrote:
Hi Sean,
Looks good to me, but I'm not an official Reviewer.
I have a couple of questions, though.
Sure.
1. This isn't a part of your change, but shouldn't the comment
Hi Sean,
Could I please get a review of this change? This fix allows a certpath
to be validated when a certificate issued by a version 1 trusted cert
has a validity period that doesn't fall within the validity of the
issuer. Trust anchors whose validity do contain the issued cert's
validity p
Could I please get a review of this change?
Just a simple fix for 7u-dev that adds a check for a null CertStore, in
case URICertStore.getInstance returns null.
webrev: http://cr.openjdk.java.net/~juh/8035973/webrev.00/
bug: http://bugs.openjdk.java.net/browse/JDK-8035973
noreg-sqe because an
Do I need more than one noreg tag? I already have noreg-sqe.
On 2/28/14 3:31 PM, Xuelei Fan wrote:
Looks fine to me. noreg-trivial tag?
Xuelei
On 3/1/2014 3:56 AM, Jason Uh wrote:
Could I please get a review of this change?
Just a simple fix for 7u-dev that adds a check for a null
On 3/3/14 5:38 AM, Sean Mullan wrote:
On 02/28/2014 02:56 PM, Jason Uh wrote:
Could I please get a review of this change?
Looks fine to me, but the priority should be higher if this requires a
backport to 7u. Also, the bug should be labeled with "8-na" and "9-na"
since thi
Please review this fix for 8036844, which updates the path to a keystore
used in a couple of tests. The path is no longer accurate after the
recent changes to the JSSE test hierarchy. This webrev also includes a
patch from Max for an enhancement to printssl.sh to correctly handle a
failure in P
Thanks, Sean. I've simplified my changes to only removing the call to
setValidityPeriod.
http://cr.openjdk.java.net/~juh/8021804/webrev.01
Jason
On 3/10/14 12:00 PM, Sean Mullan wrote:
Hi Jason,
Sorry for the delay in reviewing this.
On 02/28/2014 02:54 PM, Jason Uh wrote:
Hi Sean,
les.
Otherwise, fix looks good and you can push without a re-review.
--Sean
On 03/10/2014 08:00 PM, Jason Uh wrote:
Thanks, Sean. I've simplified my changes to only removing the call to
setValidityPeriod.
http://cr.openjdk.java.net/~juh/8021804/webrev.01
Jason
On 3/10/14 12:00 PM, Se
! Check out other tests to see examples.
Otherwise, fix looks good and you can push without a re-review.
--Sean
On 03/10/2014 08:00 PM, Jason Uh wrote:
Thanks, Sean. I've simplified my changes to only removing the call to
setValidityPeriod.
http://cr.openjdk.java.net/~juh/8021804/webrev.0
383 * is part of this this AP-REQ.
"this" is repeated.
Jason
On 3/12/14 7:18 PM, Wang Weijun wrote:
Tiny webrev at
http://cr.openjdk.java.net/~weijun/8037262/webrev.00/
Thanks
Max
Hi Robert,
This was actually fixed in
https://bugs.openjdk.java.net/browse/JDK-8021804 and is pending a
backport to JDK 7u.
Thanks,
Jason
On 5/28/14 4:04 PM, Robert Gibson wrote:
Hi,
I was researching a StackOverflow question [1] and I came across some behaviour
with the validation of cert
Hi Xuelei,
Could you please review this change?
webrev: http://cr.openjdk.java.net/~juh/7065233/webrev.00/
bug: https://bugs.openjdk.java.net/browse/JDK-7065233
I don't think any of the strings in the lines I changed would be
locale-sensitive. There are a few cases fixed here that weren't inclu
Hi Max,
Could you please review this fix?
http://cr.openjdk.java.net/~juh/8007706/webrev.00/
With the fix, the rules will be:
1. A DNSName must begin with a letter or a digit
2. After the first character, valid characters in DNSName components are
letters, digits, hyphens, and underscores
A
implementations MUST NOT encode strings that include
either the at sign or underscore character as PrintableString.
RFC 5280 doesn't allow underscores for *PrintableString*, but DNSName is
an *IA5String*, which does support them.
Jason
On 08/04/2014 03:50 AM, Florian Weimer wrote:
On
Thanks, Florian. I will withdraw my review request and close this issue.
I'll file a separate bug to allow the first character to be a digit, as
RFC 1123 relaxed that restriction.
Thanks,
Jason
On 08/04/2014 11:58 PM, Florian Weimer wrote:
On 08/05/2014 07:52 AM, Jason Uh wrote:
Hi Fl
Please review this fix, which allows the first character of a DNSName in
a SubjectAltName to be either a letter or a digit.
http://cr.openjdk.java.net/~juh/8054380/webrev.01/
This change is to stay compliant with RFC 1123:
RFC 1123, Section 2.1:
One aspect of host name syntax is hereby chang
Please see the revised webrev here:
http://cr.openjdk.java.net/~juh/8054380/webrev.02/
Additional changes include:
1. Verification of the DNSName during certificate parsing
2. Allowing each component to start with a letter or digit
2. A check to make sure the final character of a component ends i
(Everything now says "DNSNames".)
Updated webrev here:
http://cr.openjdk.java.net/~juh/8054380/webrev.03/
Thanks,
Jason
--Sean
On 08/22/2014 05:07 PM, Jason Uh wrote:
Please see the revised webrev here:
http://cr.openjdk.java.net/~juh/8054380/webrev.02/
Additional changes include:
1. V
On 08/25/2014 04:14 PM, Sean Mullan wrote:
On 08/25/2014 04:05 PM, Jason Uh wrote:
On 08/25/2014 03:41 PM, Sean Mullan wrote:
Just a couple of comments:
1. I think the check on lines 106-110 can be done prior to the for loop
on line 94
I think that check is actually where it should be
Hi Raghu,
I'm not an official Reviewer, but I have some comments, mostly about
X509Test.java.
1. I'm not sure if this matters, but the formatting of your copyright
header is a little strange. The text appears to be correct, but the line
breaks occur at non-standard places. If you look at any
014 9:43 AM, raghu k.nair wrote:
Hi Jason,
Thanks for your review comments.
On 8/26/2014 11:37 PM, Jason Uh wrote:
Hi Raghu,
I'm not an official Reviewer, but I have some comments, mostly about
X509Test.java.
1. I'm not sure if this matters, but the formatting of your copyright
heade
son,
Please review the updated webrev . I have addressed your comments.
http://cr.openjdk.java.net/~tyan/raghu/8049039/webrev03/
<http://cr.openjdk.java.net/%7Etyan/raghu/8049039/webrev03/>
Thanks,
Raghu
On 9/3/2014 12:47 AM, Jason Uh wrote:
On 8/27/14 8:34 AM, raghu k.nair wrote:
Hi
Please review this change, which adds a constructor taking an algorithm
name parameter to EncodedKeySpec and its subclasses. This allows the
algorithm name to be retrieved in subsequent calls to the EncodedKeySpec.
webrev: http://cr.openjdk.java.net/~juh/8047223/webrev.01/
https://bugs.openjdk.
Please review this changeset, which updates references to RFC 3280 to
RFC 5280. RFC 5280 has obsoleted 3280.
http://cr.openjdk.java.net/~juh/8037550/webrev.03/
Thanks,
Jason
Vote: Yes
Jason
On 11/03/2014 09:28 AM, Sean Mullan wrote:
I hereby nominate Anthony Scarpino to Membership in the Security Group.
Anthony is a member of the Java Security Libraries team at Oracle and
has been an active contributor to the OpenJDK Security Group for
approximately two years. Ant
Please review this fix, which allows XML Signature ECKeyValue elements
to be marshalled and unmarshalled.
Dependence on internal sun.security.* classes has been removed, so that
the (un)marshalling can happen without reflection.
webrev: http://cr.openjdk.java.net/~juh/8046724/00/
bug: https:/
wn on line 498)
520,524: these methods should be private
--Sean
On 12/16/2014 02:44 PM, Jason Uh wrote:
Please review this fix, which allows XML Signature ECKeyValue elements
to be marshalled and unmarshalled.
Dependence on internal sun.security.* classes has been removed, so that
the (un)marsha
Thanks, I'll push after I remove that comment.
Jason
On 01/09/2015 10:50 AM, Sean Mullan wrote:
On 01/08/2015 09:46 PM, Jason Uh wrote:
Thanks, Sean.
Here is an updated webrev with your suggested changes. I've also added
tests here, and will no longer be adding tests for this ch
Please review this change, which changes the default criticality of the
policy mappings and policy constraints certificate extensions. This
change makes both extensions critical by default, per RFC 5280.
webrev: http://cr.openjdk.java.net/~juh/8059916/01/webrev
bug: https://bugs.openjdk.java.ne
gs_Id;
+critical = true;
(Good catch, Jamil.)
Jason
On 1/13/15 4:55 AM, Sean Mullan wrote:
Looks good to me.
--Sean
On 01/12/2015 06:56 PM, Jason Uh wrote:
Please review this change, which changes the default criticality of the
policy mappings and policy constraints certificate extensions.
Please review this change, which enables DSA and ECDSA signatures in the
IEEE P1363 format (the concatenation of r and s).
This is accomplished through an implementation of
AlgorithmParameterSpec, SignatureFormatParameterSpec, which can be
passed to the existing Signature.setParameter() method
TestDSA2
- can you add an @bug 8042967 to each of these tests, since you are
extending them to test this new format.
- can you also add a test which uses the
SignatureFormatParameterSpec.ASN1 enum (by passing it to setParameter)?
--Sean
On 01/22/2015 09:46 PM, Jason Uh wrote:
Please revie
Mike,
Thanks for your feedback.
I'll be changing this fix to introduce new algorithm Strings to specify
the P1363 format. These strings will be of the form:
withinFormat
For example:
SHA1withDSAinP1363Format
SHA1withECDSAinP1363Format
The intent is to reduce potential confusion with
Mike,
Thanks again for weighing in. As you're not opposed to the proposal, I
will go ahead and move forward with this plan.
I will put out an updated webrev with the new approach once it is ready.
Thanks,
Jason
On 1/29/15 3:56 PM, Michael StJohns wrote:
At 03:41 PM 1/29/2015, Jas
1 - 100 of 161 matches
Mail list logo
