PING: [7u80] Request for review for CR 4963723: Implement SHA-224

Andrew Hughes gnu.andrew at redhat.com
Wed Oct 1 15:11:38 UTC 2014


----- Original Message -----
> 
> 
> ----- Original Message -----
> > Code changes generally require two approvals: codereview, performed by a
> > reviewer, (in this case from security-dev) and push approval, performed
> > by a gatekeeper. Given your email template matches the push approval
> > template I understood that you intended the latter. Generally speaking
> > codereview requests would say "Request for review" as opposed to
> > "Request for approval" so a reviewer could overlook your mail if you
> > intended the former.
> > 
> >      -Rob
> > 
> > On 18/09/14 00:21, Andrew Hughes wrote:
> > >
> > > ----- Original Message -----
> > >> Hi Andrew,
> > >>
> > >> Sorry to be a pest, but given the scope of the change I'd feel more
> > >> comfortable with an explicit codereview for the backport.
> > >>
> > >>       -Rob
> > >>
> > >> On 17/09/14 18:32, Andrew Hughes wrote:
> > >>> This is the first of three backports to 7u designed to retain SSL
> > >>> compatibility with servers implemented in other languages switching
> > >>> to larger key sizes (notably DH >=2048 in Apache 2.4.7 [0]).
> > >>>
> > >>> This patch is a per-requisite of the patch which brings NSA Suite B
> > >>> support to 7. It applies largely unchanged, bar the following:
> > >>>
> > >>> * Copyright header adjustment
> > >>> * Removal of change to java.security.spec.MGF1ParameterSpec to avoid
> > >>> introducing a new public variable. The SHA-224 variant is constructed
> > >>> directly in com.sun.crypto.provider.OAEPParameters instead.
> > >>> * A change to OAEPParameters is dropped as it was already incorporated
> > >>> in the backport of 7180907 & 8049480 (addition of SHA-224 to
> > >>> convertToStandardName)
> > >>>
> > >>> Bug: https://bugs.openjdk.java.net/browse/JDK-4963723
> > >>> Webrev: http://cr.openjdk.java.net/~andrew/jdk7u/4963723/webrev.01/
> > >>>
> > >>> [0] https://httpd.apache.org/docs/2.4/mod/mod_ssl.html
> > >>>
> > >>> Ok to push?
> > >>>
> > >>> Thanks,
> > >>
> > > Which is what I asked for, no?
> > >
> > > If I wasn't waiting on a review first, I'd have pushed the change.
> > 
> > 
> 
> This was the only applicable template on:
> 
> http://openjdk.java.net/projects/jdk7u/
> 
> Anyway, now including security-dev for review.
> --
> Andrew :)
> 
> Free Java Software Engineer
> Red Hat, Inc. (http://www.redhat.com)
> 
> PGP Key: 248BDC07 (https://keys.indymedia.org/)
> Fingerprint = EC5A 1F5E C0AD 1D15 8F1F  8F91 3B96 A578 248B DC07
> 
> 

Ping. Any movement on this?
-- 
Andrew :)

Free Java Software Engineer
Red Hat, Inc. (http://www.redhat.com)

PGP Key: 248BDC07 (https://keys.indymedia.org/)
Fingerprint = EC5A 1F5E C0AD 1D15 8F1F  8F91 3B96 A578 248B DC07



More information about the security-dev mailing list