答复: Code review request, 7106773: 512 bits RSA key cannot work withSHA384 and SHA512

Vincent Ryan vincent.x.ryan at oracle.com
Tue Jan 10 15:47:39 UTC 2012


On 01/10/12 03:19 PM, Xuelei Fan wrote:
> On 1/10/2012 11:09 PM, Weijun Wang wrote:
>> It's late night and I'll read it tomorrow. But can you choose another
>> word instead of Lengthable? Length is not a verb.
>>
> ;-) The name took me a lot of time, searching by google, dictionary, and
> any possible English translation. I have to agree that I failed to find
> a suitable name. I tried hardly to persuade myself that "lengthable" is
> also used by someother application code, so it might not too bad to use
> it here.
> 
> With the word "lengthable", I want to express that the length is
> measurable. Any suggestion for the better one?
> 

Measurable ;-)


> Thanks,
> Xuelei
> 
>> Max
>> ------------------------------------------------------------------------
>> 发件人: Xuelei Fan
>> 发送时间: 2012/1/10 22:51
>> 收件人: Weijun Wang
>> 抄送: OpenJDK
>> 主题: Re: Code review request, 7106773: 512 bits RSA key cannot work
>> withSHA384 and SHA512
>>
>> It has been around 50 days passed since the last day we talked about the
>> issue. Hope you can recall it from the deep memory. ;-)
>>
>> webrev: http://javaweb.us.oracle.com/~xufan/bugbios/7106773/webrev.04/
>>
>> In this update, as we agreed, a new Oracle private interface was
>> introduced: sun.security.util.Lengthable, and Lengthable.length() is
>> defined to get the length an object. sun.security.pkcs11.P11Key and
>> sun.security.mscapi.Key will implements the interface. As will easy and
>> speedup (comparing with reflection approach) the getting of key length
>> of those unextractable keys in hardware device.
>>
>> In the webrev, I should also include another two signed jars,
>> sunpkcs11.jar and sunmscapi.jar. I will include them when I get the
>> official signed jars.
>>
>> Thanks,
>> Xuelei
>>
>> On 11/22/2011 8:41 AM, Weijun Wang wrote:
>>> I really like this one.
>>>
>>> Thanks
>>> Max
>>>
>>> On 11/21/2011 08:05 PM, Xuelei Fan wrote:
>>>>>>  How about this approach? This looks very safe.
>>>>>>
>>>> I also prefer this approach, although it need more updates in PKCS11 and
>>>> MSCPI source code. If you vote for this approach, I will try to
>>>> implement it.
>>>>
>>
> 




More information about the security-dev mailing list