Code Review Request for 7146728 and 7130959 (original) (raw)
Valerie (Yu-Ching) Peng valerie.peng at oracle.com
Wed Feb 22 01:33:55 UTC 2012
- Previous message (by thread): JEP 140: Limited doPrivileged
- Next message (by thread): hg: jdk8/tl: Added tag jdk8-b26 for changeset 2accafff224a
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Brad,
Can you please review the fixes for the following 2 bugs:
7146728: Inconsistent length for the generated secret using DH key agreement impl from SunJCE and PKCS11 o http://cr.openjdk.java.net/~valeriep/7146728/webrev.00/
This impacts both SunJCE provider and SunPKCS11 provider. The implementations are inconsistent within SunJCE provider itself between the engineGenerateSecret() and engineGenerateSecret(byte[], int). Given that RFC 2631 specifies the leading 0s must be preserved so the generated secret has as many octets as the prime P, I have changed both SunJCE and SunPKCS11 provider to do so. When testing against Solaris and NSS libraries, Solaris preserves the leading 0s while NSS trims it off, thus similar handling is also needed in SunPKCS11 provider.7130959: Tweak 7058133 fix for JDK 8 (javah makefile changes) o http://cr.openjdk.java.net/~valeriep/7130959/webrev.00/
Instead of using the -Xbootclasspath, switching over to use -boothclasspath for consistency with the backported changes in the update releases for earlier JDK, e.g. 7u.
Thanks, Valerie
-------------- next part -------------- An HTML attachment was scrubbed... URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20120221/b94a43eb/attachment.htm>
- Previous message (by thread): JEP 140: Limited doPrivileged
- Next message (by thread): hg: jdk8/tl: Added tag jdk8-b26 for changeset 2accafff224a
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]