Re: RFR: 8339280: jarsigner -verify performs cross-checking between CEN and LOC [v5]

> The jarsigner -verify command currently performs verification by reading from > JarFile to navigate the central directory (CEN) headers. It is now enhanced > to include cross-validation of entries between JarFile (CEN-based) and > JarInputStream (stream-based) representations of the JAR. It em

Re: RFR: 8351970: Retire JavaLangAccess::exit

On Fri, 14 Mar 2025 18:31:38 GMT, Roger Riggs wrote: > Cleanup the single use of JavaLangAccess.exit() it is no longer necessary; > System.exit() can be called directly. Marked as reviewed by liach (Reviewer). - PR Review: https://git.openjdk.org/jdk/pull/24066#pullrequestreview-2

RFR: 8348732: SunJCE and SunPKCS11 have different PBE key encodings

As part of [https://bugs.openjdk.org/browse/JDK-8301553](JDK-8301553), SunPKCS11 provider added support for PBE SecretKeyFactories for `HmacPBESHAxxx` and `PBEWithHmacSHAxxxAndAES_yyy`. These impls produce keys whose encoding contains the PBKDF2 derived bytes. Given that SunJCE provider have sup

Re: RFR: 8351970: Retire JavaLangAccess::exit

On Fri, 14 Mar 2025 18:31:38 GMT, Roger Riggs wrote: > Cleanup the single use of JavaLangAccess.exit() it is no longer necessary; > System.exit() can be called directly. There are other non-recoverable errors that occur in the runtime that throw InternalError or AssertionError instead of calli

Re: RFR: 8341775: Duplicate manifest files are removed by jarsigner after signing [v18]

On Fri, 14 Mar 2025 16:32:24 GMT, Kevin Driver wrote: >> JDK-8341775: In the case where there is a *single* META-INF directory but >> potentially *multiple* manifest files of different cases, print a warning >> before selecting the first one and ignoring the rest (the current behavior >> shoul

RFR: 8351970: Retire JavaLangAccess::exit

Cleanup the single use of JavaLangAccess.exit() it is no longer necessary; System.exit() can be called directly. - Commit messages: - 8351970: Retire JavaLangAccess::exit Changes: https://git.openjdk.org/jdk/pull/24066/files Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=24066&

Re: RFR: 8325448: Hybrid Public Key Encryption [v13]

> Implement HPKE as defined in https://datatracker.ietf.org/doc/rfc9180/. >  Weijun Wang has updated the pull request with a new target base due to a merge or a rebase. The incremental webrev excl

Re: RFR: 8341775: Duplicate manifest files are removed by jarsigner after signing [v16]

> JDK-8341775: In the case where there is a *single* META-INF directory but > potentially *multiple* manifest files of different cases, print a warning > before selecting the first one and ignoring the rest (the current behavior > should be maintained). Kevin Driver has updated the pull request

Re: RFR: 8341775: Duplicate manifest files are removed by jarsigner after signing [v17]

On Fri, 14 Mar 2025 16:19:43 GMT, Kevin Driver wrote: >> JDK-8341775: In the case where there is a *single* META-INF directory but >> potentially *multiple* manifest files of different cases, print a warning >> before selecting the first one and ignoring the rest (the current behavior >> shoul

Re: RFR: 8341775: Duplicate manifest files are removed by jarsigner after signing [v18]

> JDK-8341775: In the case where there is a *single* META-INF directory but > potentially *multiple* manifest files of different cases, print a warning > before selecting the first one and ignoring the rest (the current behavior > should be maintained). Kevin Driver has updated the pull request

Re: RFR: 8341775: Duplicate manifest files are removed by jarsigner after signing [v13]

On Thu, 13 Mar 2025 23:26:50 GMT, Weijun Wang wrote: >> src/jdk.jartool/share/classes/sun/security/tools/jarsigner/resources/jarsigner.properties >> line 99: >> >>> 97: jar.treated.unsigned.see.weak=The jar will be treated as unsigned, >>> because it is signed with a weak algorithm that is now

Re: RFR: 8341775: Duplicate manifest files are removed by jarsigner after signing [v14]

On Fri, 14 Mar 2025 15:13:54 GMT, Kevin Driver wrote: >> JDK-8341775: In the case where there is a *single* META-INF directory but >> potentially *multiple* manifest files of different cases, print a warning >> before selecting the first one and ignoring the rest (the current behavior >> shoul

Re: RFR: 8325448: Hybrid Public Key Encryption [v10]

On Thu, 13 Mar 2025 20:15:42 GMT, Weijun Wang wrote: >> src/java.base/share/conf/security/java.security line 671: >> >>> 669: # jdk.hpke.disabledAlgorithms=kem_id=0x10,kdf_id=0x01,aead_id=0x >>> 670: # >>> 671: jdk.hpke.disabledAlgorithms= >> >> Do you expect that these algorithm ids woul

Re: RFR: 8325448: Hybrid Public Key Encryption [v12]

> Implement HPKE as defined in https://datatracker.ietf.org/doc/rfc9180/. >  Weijun Wang has updated the pull request incrementally with one additional commit since the last revision: remove di

Re: RFR: 8349583: Add mechanism to disable signature schemes based on their TLS scope [v18]

On Thu, 13 Mar 2025 22:45:11 GMT, Anthony Scarpino wrote: >> Artur Barashev has updated the pull request incrementally with one >> additional commit since the last revision: >> >> Typo fix > > src/java.base/share/classes/sun/security/ssl/SSLSessionImpl.java line 198: > >> 196: this.