OpenJDK Security Development

This forum is an archive for the mailing list security-dev@openjdk.java.net (more options) Messages posted here will be sent to this mailing list.
The term "Security" has broad meanings and interpretations. It spans a wide range of areas, including cryptography, public key infrastructure, secure communication, authentication, and access control. The security component thus comprises a large set of APIs, tools, and implementations of commonly-used security algorithms and protocols.

As security concepts such as permissions are tightly interwoven throughout the entire Java source code, these component pages do not address issues in the other primary component areas (language features and virtual machine implementations, core libraries, graphics subsystems, hotspot, serviceability, etc). For a more detailed treatment, please see the corresponding component pages.

The primary emphasis of these pages is to explore the core security components source bases, and hopefully, get developers up to speed quickly.
1234 ... 276
Topics (9627)
Replies Last Post Views
RFR: 8264948: Check for TLS extensions total length by Xue-Lei Andrew Fan
5
by Xue-Lei Andrew Fan
Re: RFR: 8264208: Console charset API [v2] by Naoto Sato-2
1
by Bernd Eckenfels-4
RFR: 8241306: Add SignatureMethodParameterSpec subclass for RSASSA-PSS params by Weijun Wang-2
21
by Weijun Wang-2
RFR: 8261355: No data buffering in SunPKCS11 Cipher encryption when the underlying mechanism has no padding by Martin Balao-2
32
by Valerie Peng-2
Re: RFR: 8264208: Console charset API by Joe Wang-2
2
by Joe Wang-2
RFR: Release Note for JDK-8264968 Provide the support for specifying a signer in keytool -genkeypair command by Hai-May Chao
0
by Hai-May Chao
RFR: 8255410: Add ChaCha20 and Poly1305 support to SunPKCS11 provider by Valerie Peng-2
1
by Valerie Peng-2
RFR: 8048199: Replace anonymous inner classes with lambdas, where applicable, in JNDI by Conor Cleary-3
6
by Roger Riggs-2
RFR: 8260923: Add more tests for SSLSocket input/output shutdown by Abdul Kolarkunnu
5
by Abdul Kolarkunnu
[11u] RFR: 8226374: Restrict TLS signature schemes and named groups by Doerr, Martin
6
by Doerr, Martin
RFR: 8260693: Provide the support for specifying a signer in keytool -genkeypair by Hai-May Chao-2
31
by Hai-May Chao-2
RFR: 8264864: Multiple byte tag not supported by ASN.1 encoding by Weijun Wang-2
14
by Weijun Wang-2
RFR: 8264681: Use the blessed modifier order in java.security by Alex Blewitt-2
1
by Sean Mullan-2
RFR: 8248268: Support KWP in addition to KW by Valerie Peng-2
24
by Greg Rubin-2
RFR: 8262316: Reducing locks in RSA Blinding by Anthony Scarpino-2
17
by Anthony Scarpino-2
RFR: 8262389: Use permitted_enctypes if default_tkt_enctypes or default_tgs_enctypes is not present by Weijun Wang-2
2
by Weijun Wang-2
RFR: 8264554: X509KeyManagerImpl calls getProtectionParameter with incorrect alias by Xue-Lei Andrew Fan
3
by Xue-Lei Andrew Fan
RFR: 8263779: SSLEngine reports NEED_WRAP continuously without producing any further output by Xue-Lei Andrew Fan
1
by Xue-Lei Andrew Fan
RFR: 8264190: Harden TLS interop tests by Fernando Guallini-2
7
by Rajan Halade-2
Re: RFR: 8248862: Implement Enhanced Pseudo-Random Number Generators [v42] by Jim Laskey-3
0
by Jim Laskey-3
[11u] RFR: 8254631: Better support ALPN byte wire values in SunJSSE by Doerr, Martin
2
by Doerr, Martin
Defer disabling TLS 1.0/1.1 by default? by Mathiske, Bernd
1
by Colm MacCárthaigh
Integrated: 8264656: ProblemList sun/security/ssl/SSLSocketImpl/SSLSocketImplThrowsWrongExceptions.java on linux-x64 by Daniel D.Daugherty
3
by Daniel D.Daugherty
RFR: 8264606: More comment for ECDH public key validation by Xue-Lei Andrew Fan
3
by Xue-Lei Andrew Fan
Re: RFR: 8264277: java.xml.crypto module should be granted FilePermission and SocketPermission by Sean Mullan-2
0
by Sean Mullan-2
Request for comment: the session ticket protection scheme for distributed TLS sessions. by Xue-Lei Fan
3
by Xue-Lei Fan
Re: RFR: 8264148: Update spec for exceptions retrofitted for exception chaining by Joe Darcy
0
by Joe Darcy
Re: RFR: 8248862: Implement Enhanced Pseudo-Random Number Generators [v39] by Jim Laskey-3
0
by Jim Laskey-3
Re: RFR: 8248862: Implement Enhanced Pseudo-Random Number Generators [v31] by Jim Laskey-3
2
by Jim Laskey-3
Integrated: 8263754: HexFormat 'fromHex' methods should be static by Roger Riggs-2
0
by Roger Riggs-2
RFR: 8263404: RsaPrivateKeySpec is always recognized as RSAPrivateCrtKeySpec in RSAKeyFactory.engineGetKeySpec by Ziyi Luo
43
by Ziyi Luo
RFR: JDK-8263188: JSSE should fail fast if there isn't supported signature algorithm by John Jiang
5
by John Jiang
RFR: 8264329: Z cannot be 1 for Diffie-Hellman key agreement by Xue-Lei Andrew Fan
5
by Xue-Lei Andrew Fan
Re: RFR: 8263754: HexFormat 'fromHex' methods should be static [v2] by Roger Riggs-2
1
by Claes Redestad-2
Re: RFR: 8248862: Implement Enhanced Pseudo-Random Number Generators [v37] by Jim Laskey-3
0
by Jim Laskey-3
1234 ... 276