OpenJDK Security Development

This forum is an archive for the mailing list security-dev@openjdk.java.net (more options) Messages posted here will be sent to this mailing list.
The term "Security" has broad meanings and interpretations. It spans a wide range of areas, including cryptography, public key infrastructure, secure communication, authentication, and access control. The security component thus comprises a large set of APIs, tools, and implementations of commonly-used security algorithms and protocols.

As security concepts such as permissions are tightly interwoven throughout the entire Java source code, these component pages do not address issues in the other primary component areas (language features and virtual machine implementations, core libraries, graphics subsystems, hotspot, serviceability, etc). For a more detailed treatment, please see the corresponding component pages.

The primary emphasis of these pages is to explore the core security components source bases, and hopefully, get developers up to speed quickly.
1234 ... 246
Topics (8597)
Replies Last Post Views
Conceptual feedback on new ECC JEP by Adam Petcher
23
by Michael StJohns
RFR (12): 8191053: Provide a mechanism to make system's security manager immutable by Sean Mullan
34
by Alan Bateman
security/infra/java/security/cert/CertPathValidator/certification/QuoVadisCA.java fails in jdk by Baesken, Matthias
4
by Rajan Halade
sun.security.ssl.ProtocolVersion.valueOf(...) in Java8 and TLSv1.3 by Norman Maurer
2
by Norman Maurer
RFR 6913047: SunPKCS11 memory leak by Martin Balao
14
by Martin Balao
Java 11 - SSL handshake for ECDH cipher suites trigger Invalid ECDH ServerKeyExchange with non-default security provider by Jaikiran Pai
1
by Jaikiran Pai
Expose SSLContextImpl#AbstractTrustManagerWrapper so it can be used with custom SSLEngine / SSLContextSPI implementations as well by Norman Maurer
8
by Pallavi Sonal
RFR 8210821: Support dns_canonicalize_hostname in krb5.conf by Weijun Wang
2
by Weijun Wang
Java 11 RC - Handshake failure in certain specific cases throws a different exception than previous versions by Jaikiran Pai
3
by Jaikiran Pai
RFR(s): 8208641: SSLSocket should throw an exception when configuring DTLS by Anthony Scarpino
2
by Anthony Scarpino
TLSv.1.3 interropt problems with OpenSSL 1.1.1 when used on the client side with mutual auth by Norman Maurer
8
by Norman Maurer
Re: SSL session cache default maximum number of entries by Sean Mullan
2
by Sean Mullan
Re: <AWT Dev> [12] Review Request: 8210692 The "com.sun.awt.SecurityWarning" class can be dropped by Alan Bateman
1
by Mandy Chung
RFR 8210786 : Typo s/overriden/overridden/ in several places by Ivan Gerasimov
3
by Weijun Wang
[PATCH] Trivial typo fix in X509ExtendedKeyManager javadoc by Jaikiran Pai
2
by Jaikiran Pai
RFR 8210736: jdk/javax/xml/crypto/dsig/GenerationTests.java slow on linux by Weijun Wang
3
by Sean Mullan
Re: [12] Review Request: 8210692 The "com.sun.awt.SecurityWarning" class can be dropped by Stuart Marks
0
by Stuart Marks
Code Review Request, JDK-8209916 : NPE in SupportedGroupsExtension by Xuelei Fan-2
4
by Bradford Wetmore
NPE in SupportedGroupsExtension by Thomas Lu├čnig-2
7
by Bradford Wetmore
Re: [RFR] 8205525 : Improve exception messages during manifest parsing of jar archives by Sean Mullan
50
by Langer, Christoph
RFR JDK-8029661: JDK-Support TLS v1.2 algorithm in SunPKCS11 provider by Martin Balao
22
by Martin Balao
RSACore$BlindingParameters not using user-provided SecureRandom by Weijun Wang
0
by Weijun Wang
RFR: JDK-8210274: Source Launcher should work with a security manager by Jonathan Gibbons
7
by Mandy Chung
RFR 8205507: jdk/javax/xml/crypto/dsig/GenerationTests.java timed out by Weijun Wang
1
by Sean Mullan
RFR 8171279: Support X25519 and X448 in TLS 1.3 by Adam Petcher
23
by Xuelei Fan-2
RE: RFR: 8209452: VerifyCACerts.java failed with "At least one cacert test failed" (gtecybertrustglobalca certificate) by Langer, Christoph
3
by Sean Mullan
RFR: JDK-8140466: ChaCha20-Poly1305 TLS cipher suites by Jamil Nimeh
3
by Xuelei Fan-2
RFR (JDK 12): 6899533: SecureClassLoader and URLClassLoader have unnecessary check for createClassLoader permission by Sean Mullan
1
by Mandy Chung
RFR: 8210432: Add additional TeliaSonera root certificate by Rajan Halade
1
by Sean Mullan
Code Review Request, JDK-8210334, TLS 1.3 server fails if ClientHello doesn't have pre_shared_key and psk_key_exchange_modes by Xuelei Fan-2
2
by Bradford Wetmore
RFR 8210395: Add doc to SecurityTools.java by Weijun Wang
0
by Weijun Wang
RFR 8210338: Better output for GenerationTests.java by Weijun Wang
1
by Xuelei Fan-2
How does securely obtain and verify openjdk repositories as a non-contributor? by David Black
2
by Bradford Wetmore
Release note review, JDK-8210070, Release Note: The "supported_groups" extension should not present in the ServerHellos handshake message by Xuelei Fan-2
3
by Alan Bateman
RFR[12] JDK-8209362: sun/security/ssl/SSLSocketImpl/ReuseAddr.java failed due to "BindException: Address already in use (Bind failed)" by sha.jiang
5
by Xuelei Fan-2
1234 ... 246