PING 2: [7u80] Request for review for CR 4963723: Implement SHA-224

Rob McKenna rob.mckenna at oracle.com
Tue Dec 23 16:57:50 UTC 2014


Gah, apologies, forgot about your note:

Removal of change to java.security.spec.MGF1ParameterSpec to avoid
introducing a new public variable.

No CCC needed.

	-Rob

On 23/12/14 16:56, Rob McKenna wrote:
> Actually, another kink: this requires ccc approval for a backport to 7.
>
>     -Rob
>
> On 23/12/14 16:52, dalibor.topic at oracle.com wrote:
>> Considering that the issue was a P3 RFE rather than a high priority 
>> bug fix, it's not clear to me why it would be necessary to backport 
>> it into 7u80,  at the end point in the release cycle.
>>
>> -- 
>> Oracle <http://www.oracle.com>
>> Dalibor Topic | Principal Product Manager
>> Phone: +494089091214<tel:+494089091214> | 
>> Mobile:+491737185961<tel:+491737185961>
>> Oracle Java Platform Group
>>
>> ORACLE Deutschland B.V. & Co. KG | Kühnehöfe 5 | 22761 Hamburg
>>
>> ORACLE Deutschland B.V. & Co. KG
>> Hauptverwaltung: Riesstr. 25, D-80992 München
>> Registergericht: Amtsgericht München, HRA 95603
>> Geschäftsführer: Jürgen Kunz
>>
>> Komplementärin: ORACLE Deutschland Verwaltung B.V.
>> Hertogswetering 163/167, 3543 AS Utrecht, Niederlande
>> Handelsregister der Handelskammer Midden-Niederlande, Nr. 30143697
>> Geschäftsführer: Alexander van der Ven, Astrid Kepper, Val Maher
>>
>> Green Oracle <http://www.oracle.com/commitment> Oracle is committed 
>> to developing practices and products that help protect the environment
>>
>>> On 23.12.2014, at 17:13, Andrew Hughes <gnu.andrew at redhat.com> wrote:
>>>
>>> ----- Original Message -----
>>>> Valerie Peng (original author) is probably best suited to reviewing 
>>>> this
>>>> but I think she's out of the office the moment and back next week. 
>>>> Let's
>>>> hope we can get an update/review then.
>>> Hi,
>>>
>>> Any movement on this? It's been three months.
>>>
>>> Thanks.
>>>
>>>> regards,
>>>> Sean.
>>>>
>>>>> On 01/10/2014 16:11, Andrew Hughes wrote:
>>>>> ----- Original Message -----
>>>>>> ----- Original Message -----
>>>>>>> Code changes generally require two approvals: codereview, 
>>>>>>> performed by a
>>>>>>> reviewer, (in this case from security-dev) and push approval, 
>>>>>>> performed
>>>>>>> by a gatekeeper. Given your email template matches the push 
>>>>>>> approval
>>>>>>> template I understood that you intended the latter. Generally 
>>>>>>> speaking
>>>>>>> codereview requests would say "Request for review" as opposed to
>>>>>>> "Request for approval" so a reviewer could overlook your mail if 
>>>>>>> you
>>>>>>> intended the former.
>>>>>>>
>>>>>>>       -Rob
>>>>>>>
>>>>>>>> On 18/09/14 00:21, Andrew Hughes wrote:
>>>>>>>> ----- Original Message -----
>>>>>>>>> Hi Andrew,
>>>>>>>>>
>>>>>>>>> Sorry to be a pest, but given the scope of the change I'd feel 
>>>>>>>>> more
>>>>>>>>> comfortable with an explicit codereview for the backport.
>>>>>>>>>
>>>>>>>>>        -Rob
>>>>>>>>>
>>>>>>>>>> On 17/09/14 18:32, Andrew Hughes wrote:
>>>>>>>>>> This is the first of three backports to 7u designed to retain 
>>>>>>>>>> SSL
>>>>>>>>>> compatibility with servers implemented in other languages 
>>>>>>>>>> switching
>>>>>>>>>> to larger key sizes (notably DH >=2048 in Apache 2.4.7 [0]).
>>>>>>>>>>
>>>>>>>>>> This patch is a per-requisite of the patch which brings NSA 
>>>>>>>>>> Suite B
>>>>>>>>>> support to 7. It applies largely unchanged, bar the following:
>>>>>>>>>>
>>>>>>>>>> * Copyright header adjustment
>>>>>>>>>> * Removal of change to java.security.spec.MGF1ParameterSpec 
>>>>>>>>>> to avoid
>>>>>>>>>> introducing a new public variable. The SHA-224 variant is 
>>>>>>>>>> constructed
>>>>>>>>>> directly in com.sun.crypto.provider.OAEPParameters instead.
>>>>>>>>>> * A change to OAEPParameters is dropped as it was already 
>>>>>>>>>> incorporated
>>>>>>>>>> in the backport of 7180907 & 8049480 (addition of SHA-224 to
>>>>>>>>>> convertToStandardName)
>>>>>>>>>>
>>>>>>>>>> Bug: https://bugs.openjdk.java.net/browse/JDK-4963723
>>>>>>>>>> Webrev: 
>>>>>>>>>> http://cr.openjdk.java.net/~andrew/jdk7u/4963723/webrev.01/
>>>>>>>>>>
>>>>>>>>>> [0] https://httpd.apache.org/docs/2.4/mod/mod_ssl.html
>>>>>>>>>>
>>>>>>>>>> Ok to push?
>>>>>>>>>>
>>>>>>>>>> Thanks,
>>>>>>>> Which is what I asked for, no?
>>>>>>>>
>>>>>>>> If I wasn't waiting on a review first, I'd have pushed the change.
>>>>>> This was the only applicable template on:
>>>>>>
>>>>>> http://openjdk.java.net/projects/jdk7u/
>>>>>>
>>>>>> Anyway, now including security-dev for review.
>>>>>> -- 
>>>>>> Andrew :)
>>>>>>
>>>>>> Free Java Software Engineer
>>>>>> Red Hat, Inc. (http://www.redhat.com)
>>>>>>
>>>>>> PGP Key: 248BDC07 (https://keys.indymedia.org/)
>>>>>> Fingerprint = EC5A 1F5E C0AD 1D15 8F1F  8F91 3B96 A578 248B DC07
>>>>> Ping. Any movement on this?
>>> -- 
>>> Andrew :)
>>>
>>> Free Java Software Engineer
>>> Red Hat, Inc. (http://www.redhat.com)
>>>
>>> PGP Key: 248BDC07 (https://keys.indymedia.org/)
>>> Fingerprint = EC5A 1F5E C0AD 1D15 8F1F  8F91 3B96 A578 248B DC07
>>>
>




More information about the security-dev mailing list