OpenJDK Security Development

This forum is an archive for the mailing list security-dev@openjdk.java.net (more options) Messages posted here will be sent to this mailing list.
The term "Security" has broad meanings and interpretations. It spans a wide range of areas, including cryptography, public key infrastructure, secure communication, authentication, and access control. The security component thus comprises a large set of APIs, tools, and implementations of commonly-used security algorithms and protocols.

As security concepts such as permissions are tightly interwoven throughout the entire Java source code, these component pages do not address issues in the other primary component areas (language features and virtual machine implementations, core libraries, graphics subsystems, hotspot, serviceability, etc). For a more detailed treatment, please see the corresponding component pages.

The primary emphasis of these pages is to explore the core security components source bases, and hopefully, get developers up to speed quickly.
1234 ... 252
Topics (8805)
Replies Last Post Views
RFR[13] JDK-8220410: sun/security/tools/jarsigner/warnings/NoTimestampTest.java failed with missing expected output by sha.jiang
6
by Weijun Wang
RFR: release note for JDK-8218723 by Jamil Nimeh
2
by Jamil Nimeh
RFR 8147502: Digest is incorrectly truncated for ECDSA signatures... by Adam Petcher
1
by Jamil Nimeh
RFR 8218723: SecretKeyFactory.getInstance( algo_, provider_ ) ignores the provider argument. by Jamil Nimeh
9
by Adam Petcher
RFR 8220753: Re-introduce the test case for TLS 1.2 algorithms in SunPKCS11 crypto provider by Martin Balao
0
by Martin Balao
[RFR] [8u] 8220641, , New test KdcPolicy.java introduced by JDK-8164656 needs same change as JDK-8190690 by Andrew Hughes-8
4
by Andrew Hughes-8
Use of OpenSSL as JCE security provider if available on system by Steve Groeger
7
by Norman Maurer
[SSL Config] Pull certificate from Window's certificate store by Manu G Raj
0
by Manu G Raj
CSR Review Request: JDK-8220531, SecretKeyFactory.getInstance( algo_, provider_ ) ignores the provider argument. by Jamil Nimeh
5
by Jamil Nimeh
Re: [8u] [RFR] 8175120: Remove old tests on kdc timeout policy by Severin Gehwolf
3
by Aleksey Shipilev-4
sspi_bridge We have implemented this code, here are the changes we had to make by Bruce Robb
2
by Weijun Wang
SunJSSE and SunPKCS11 (NSS + FIPS) by Martin Balao
3
by Xuelei Fan-2
[13] RFR JDK-8220016 "SunRsaSignEntries were mistakenly added to the SunJSSE provider" by Valerie Peng
7
by Sean Mullan
SSLEngine.wrap(...) returns NOT_HANDSHAKING even when the alert was not consumed yet in latest JDK12 release (possible regression). by Norman Maurer
12
by Xuelei Fan-2
RFR [13] JDK-8160247 : Mark deprecated javax.security.cert APIs with forRemoval=true by Xuelei Fan-2
1
by Weijun Wang
RFR 8220513: Wrapper Key may get deleted when closing sessions in SunPKCS11 crypto provider by Martin Balao
0
by Martin Balao
RFR 8220256: fix headings in java.security.sasl by Weijun Wang
1
by Sean Mullan
CSR Review Request JDK-816826, Use server cipher suites preference by default by Xuelei Fan-2
3
by Sean Mullan
[13] RFR JDK-8220258 "fix headings in java.smartcardio" by Valerie Peng
1
by Anthony Scarpino
Re: Disable TLS 1.3 backward compatibility mode? by Sean Mullan
1
by Xuelei Fan-2
Re: Java SSLSocketChannel/SSLSelector? by Sean Mullan
14
by Alan Bateman
RFR [13] 8220165: Encryption using GCM results in RuntimeException- input length out of bound by Anthony Scarpino
3
by Valerie Peng
[13] RFR JDK-8213008 "Cipher with UNWRAP_MODE should support the generation of an AES key type" by Valerie Peng
1
by Anthony Scarpino
ManifestDigester fails with a manifest ending in CR by Philipp Kunz
5
by Philipp Kunz
TLSv1.3 HttpsServer endless loop based on client socket i/o shutdown by Jay Modi
4
by Daniel Fuchs
CSR Review Request, JDK-8163326, The default enabled cipher suites should prefer forward secrecy by Xuelei Fan-2
2
by Bernd Eckenfels-4
JGSS Enhancements (contribution by Two Sigma Open Source) by Nico Williams-2
20
by Weijun Wang
RFR [13]: 8218618: Program fails when using JDK addressed by UNC path and using Security Manager by Sean Mullan
0
by Sean Mullan
RFR [13] 8217878: ENVELOPING XML signature no longer works in JDK 11 by Sean Mullan
4
by Weijun Wang
RFR 8157404: Unable to read certain PKCS12 keystores from SequenceInputStream by Weijun Wang
0
by Weijun Wang
RFR 8180573: Refactor sun/security/tools shell tests to plain java tests by Weijun Wang
3
by Weijun Wang
RFR [13] JDK-8219994: CheckSecurityProvider.java fails with unexpected sun.security.ssl.SunJSSE by Xuelei Fan-2
2
by Bradford Wetmore
RFR [13] JDK-8219990, Backout JDK-8219658 by Xuelei Fan-2
1
by Daniel Fuchs
RFR [13] JDK-8215430: Remove the internal package com.sun.net.ssl by Xuelei Fan-2
6
by Xuelei Fan-2
RFR[13] JDK-8219723: javax/net/ssl/compatibility/Compatibility.java failed on some SNI cases by sha.jiang
3
by sha.jiang
1234 ... 252