Read side key limit change at:
http://hg.openjdk.java.net/jdk/sandbox/rev/6210466cf1ac
Tony
All good catches!
Thanks,
Xuelei
On 6/13/2018 9:46 PM, Anthony Scarpino wrote:
DTLSRecord.java & SSLRecord.java
The two variables below not used. They weren't used before the code
restructuring either.
maxDataSizeMinusOneByteRecord
maxAlertRecordSize
Tony
On 06/13/2018 02:21 PM, Ant
DTLSRecord.java & SSLRecord.java
The two variables below not used. They weren't used before the code
restructuring either.
maxDataSizeMinusOneByteRecord
maxAlertRecordSize
Tony
On 06/13/2018 02:21 PM, Anthony Scarpino wrote:
I found some commented out code that I will remove in
Certific
I found some commented out code that I will remove in
CertificateMessage, lines 1300-1319 on my next push unless this should
be uncommented.
In SupportedVersionsExtension.java, HRRSupportedVersionsProducer and
HRRSupportedVersionReproducer could be merged with a boolean in the
constructor to
Sure. Changes look fine.
Valerie
On 6/8/2018 12:54 PM, Xuelei Fan wrote:
> http://cr.openjdk.java.net/~xuelei/8196584/webrev-full.02
Update: http://hg.openjdk.java.net/jdk/sandbox/rev/f4c7a97a1275
On 6/8/2018 12:19 PM, Valerie Peng wrote:
Hi Xuelei,
Some typos, line 139: minial -> minima
Looks good~
Valerie
On 6/8/2018 4:52 PM, Xuelei Fan wrote:
Update: http://hg.openjdk.java.net/jdk/sandbox/rev/ad4c1c488574
This update cleans the unused methods in RSASignature.java.
Xuelei
On 6/7/2018 5:25 PM, Xuelei Fan wrote:
On 6/7/2018 3:27 PM, Valerie Peng wrote:
Hi Xuelei,
There
Update: http://hg.openjdk.java.net/jdk/sandbox/rev/ad4c1c488574
This update cleans the unused methods in RSASignature.java.
Xuelei
On 6/7/2018 5:25 PM, Xuelei Fan wrote:
On 6/7/2018 3:27 PM, Valerie Peng wrote:
Hi Xuelei,
There seems to be inconsistency
in whether you can override the inte
> http://cr.openjdk.java.net/~xuelei/8196584/webrev-full.02
Update: http://hg.openjdk.java.net/jdk/sandbox/rev/f4c7a97a1275
On 6/8/2018 12:19 PM, Valerie Peng wrote:
Hi Xuelei,
Some typos, line 139: minial -> minimal, line 144: caculate ->
calculate, minial -> minimal
When constructing PSSP
Hi Xuelei,
Some typos, line 139: minial -> minimal, line 144: caculate ->
calculate, minial -> minimal
When constructing PSSParameterSpec object on line 174, I think it's
better to specify new MGF1ParameterSpec(hash) instead of null. Although
current RSASSA-PSS signature algorithm impl in Su
Changeset for the nits found in SSLExtension/SSLExtensions.java
http://hg.openjdk.java.net/jdk/sandbox/rev/585e6d31677b
--Jamil
On 02/22/2018 12:29 PM, Xuelei Fan wrote:
Updated to use package private HKDF implementation.
webrev (based on JDK-8185576):
http://cr.openjdk.java.net/~xuelei
On 6/7/2018 1:38 PM, Jamil Nimeh wrote:
Hello there! Only nits for these two files (and possibly more based on
a method name change), but they've been reviewed in the past so most
issues have already been dealt with:
* SSLExtension.java
o 39: Silly nit - you could update this to say R
On 6/7/2018 3:27 PM, Valerie Peng wrote:
Hi Xuelei,
There seems to be inconsistency in
whether you can override the internal md5, sha1 digest objects through
the engineSetParameter(String, Object) call.
I agreed. The use of RSASignature is limited in the provider. The
engineSetParameter()
Looks all good catches to me. Please take care of the update as well.
Thanks,
Xuelei
On 6/7/2018 4:03 PM, Anthony Scarpino wrote:
Xuelei,
I'll push updates if you're are ok with the changes.
Tony
---
ServerHandshakeContext.java
ServerHello.java
- spelling nits only
HandshakeContext.java
-
Xuelei,
I'll push updates if you're are ok with the changes.
Tony
---
ServerHandshakeContext.java
ServerHello.java
- spelling nits only
HandshakeContext.java
- Could getActiveCipherSuites() compile a list of cipher suites once per
ProtocolVersion instead doing it for each instance of ServerHe
Hi Xuelei,
There seems to be inconsistency in
whether you can override the internal md5, sha1 digest objects through
the engineSetParameter(String, Object) call. Assuming we no longer need
to override the internal digest objects, we can remove
getInternalInstance(), setHashes(...). Also, not
Hello there! Only nits for these two files (and possibly more based on
a method name change), but they've been reviewed in the past so most
issues have already been dealt with:
* SSLExtension.java
o 39: Silly nit - you could update this to say RFC 6066, since
we're probably workin
Yes, I'll delete that commented line and rework the absolute put later
tonight.
--Jamil
On 06/06/2018 05:44 PM, Xuelei Fan wrote:
Hi Jamil,
All good catches to me. Would you mind take care of the update as well?
Thanks,
Xuelei
On 6/6/2018 3:19 PM, Jamil Nimeh wrote:
Hello, comments below
Hi Jamil,
All good catches to me. Would you mind take care of the update as well?
Thanks,
Xuelei
On 6/6/2018 3:19 PM, Jamil Nimeh wrote:
Hello, comments below, minor stuff for the most part:
* KeyUpdate.java
o 128-129: Spelling nit: REQUSTED --> REQUESTED
o That change will hav
Hello, comments below, minor stuff for the most part:
* KeyUpdate.java
o 128-129: Spelling nit: REQUSTED --> REQUESTED
o That change will have to get sprinkled throughout the code
* OutputRecord.java
o 291-295: It seems like using an absolute put would simplify this
code a
Thanks for the review. The update will be in next webrev.
Thanks,
Xuelei
On 3/23/2018 12:35 PM, Adam Petcher wrote:
Note: I am not a Reviewer. This is not a Review.
I took a look at some of the files that I was working in during my
extension development. I just have a few minor comments:
T
Note: I am not a Reviewer. This is not a Review.
I took a look at some of the files that I was working in during my
extension development. I just have a few minor comments:
TransportContext.java, line 428: It's not clear why the outbound
direction is closed here. Consider adding more comments
This approach is only necessary when running a test that exercises a
class with package-private visibility. The test itself has to run from
within sun/security/ssl in this case. Originally some of my OCSP
stapling tests for internal classes did this, but didn't use this exact
approach and the
test/jdk/sun/security/ssl/internal/TEST.properties
test/jdk/sun/security/ssl/internal/TestRun.java
test/jdk/sun/security/ssl/internal/java.base/sun/security/ssl/TestHkdf.java
--
Why put the test in a internal/java.base/.. sub-directory? I did not
get the point why it cannot b
Updated to use package private HKDF implementation.
webrev (based on JDK-8185576):
http://cr.openjdk.java.net/~xuelei/8196584/webrev-step.01
webrev (including JDK-8185576):
http://cr.openjdk.java.net/~xuelei/8196584/webrev-full.01
Thanks,
Xuelei
On 2/20/2018 11:57 AM, Xuelei Fan wr
I have an update. :)
I've spoken with everyone I could find who deals with user
configurations which may include these cipher suites, and they all
agree that users are no longer using TLS KRB5 and that it is no longer
recommended either. So, from our perspective, it would be OK to drop
these afte
Thanks for the feed back. It's good enough to get KRB5 cipher suites back.
Regards,
Xuelei
On 2/21/2018 5:06 AM, David Lloyd wrote:
On Tue, Feb 20, 2018 at 1:57 PM, Xuelei Fan wrote:
In this implementation, I removed:
1. the KRB5 cipher suite implementation.
Please let me know if you are sti
On Tue, Feb 20, 2018 at 1:57 PM, Xuelei Fan wrote:
> In this implementation, I removed:
> 1. the KRB5 cipher suite implementation.
> Please let me know if you are still using KRB5 cipher suite. I may not add
> them back if no objections.
I am given to understand that we have multiple users using
27 matches
Mail list logo