OpenJDK Security Development

This forum is an archive for the mailing list security-dev@openjdk.java.net (more options) Messages posted here will be sent to this mailing list.
The term "Security" has broad meanings and interpretations. It spans a wide range of areas, including cryptography, public key infrastructure, secure communication, authentication, and access control. The security component thus comprises a large set of APIs, tools, and implementations of commonly-used security algorithms and protocols.

As security concepts such as permissions are tightly interwoven throughout the entire Java source code, these component pages do not address issues in the other primary component areas (language features and virtual machine implementations, core libraries, graphics subsystems, hotspot, serviceability, etc). For a more detailed treatment, please see the corresponding component pages.

The primary emphasis of these pages is to explore the core security components source bases, and hopefully, get developers up to speed quickly.
12345 ... 248
Topics (8674)
Replies Last Post Views
Code Review Request, JDK-8212738, Incorrectly named signature scheme ecdsa_secp512r1_sha512 by Xuelei Fan-2
1
by Anthony Scarpino
Hashing in Java and Java Cryptography Architecture (JCA) design by John Newman
3
by Adam Petcher
RFR 8213031: (zipfs) Add support for POSIX file permissions (was: Enhance jdk.nio.zipfs to support Posix File Permissions) by Langer, Christoph
2
by Langer, Christoph
RFR 8213007: Update the link in test/jdk/sun/security/provider/SecureRandom/DrbgCavp.java by Weijun Wang
3
by Sean Mullan
RFR 8212867: Link to DRBG test vectors is redirected to a broken link by Weijun Wang
4
by Sean Mullan
security/infra/java/security/cert/CertPathValidator/certification/QuoVadisCA.java fails in jdk by Baesken, Matthias
5
by Baesken, Matthias
SSLSession#getPeerCertificates and resumed TLSv1.3 sessions by Oleg Kalnichevski
2
by Oleg Kalnichevski
RFR [12]: 8211883: Disable anon and NULL cipher suites by Sean Mullan
1
by Jamil Nimeh
RFR 8212216: JGSS: Fix leak in exception cases in getJavaOID() by Weijun Wang
2
by Weijun Wang
[PATCH] Typo in SSL log message related to inactive/disabled signature scheme by Jaikiran Pai
2
by Jaikiran Pai
RFR JDK-8211806: TLS 1.3 handshake server name indication is missing on a session resume by Jamil Nimeh
5
by Bradford Wetmore
RFR 8205476: KeyAgreement#generateSecret is not reset for ECDH based algorithm by Adam Petcher
2
by Sean Mullan
RFR [12]: 8195793: Remove GTE CyberTrust Global Root by Sean Mullan
2
by Seán Coffey
Upgrade to RSAKeyGenParameterSpec.F4 for RSA Keypair generation test? by Liu, Xin
1
by Seán Coffey
RFR 8201355 : Avoid native memory allocation in sun.security.mscapi.PRNG.generateSeed by Ivan Gerasimov
1
by Weijun Wang
Fluent builder API for JCA/JSSE classes by Will Sargent
4
by Weijun Wang
RFR[12] JDK-8212562: To remove lib/security from test/jdk/TEST.groups by sha.jiang
1
by Seán Coffey
RFR [12]: 8210448: Copy Java XML Digital Signature API Specification into java.xml.crypto javadocs by Sean Mullan
3
by Weijun Wang
RFR: JDK-8211866 TLS 1.3 CertificateRequest message sometimes offers disallowed signature algorithms by Jamil Nimeh
2
by Jamil Nimeh
RFR: 8210989 TLSv1.2 not authenticating using PSS certificates by Jamil Nimeh
2
by Jamil Nimeh
RFR[12] JDK-8210632: Add key exchange algorithm to javax/net/ssl/TLSCommon/CipherSuite.java by sha.jiang
2
by Xuelei Fan-2
RFR JDK-8211971: Move security/cacerts/VerifyCACerts.java and security/CheckBlacklistedCerts.java by sha.jiang
1
by Weijun Wang
Re: RFR[12] JDK-8211978: move testlibrary/jdk/testlibrary/SimpleSSLContext.java and testkeys to network testlibrary by Weijun Wang
7
by Chris Hegarty
RFR 8212165: JGSS: Fix cut/paste error in NativeUtil.c by Weijun Wang
1
by Alan Bateman
RFR: 8211426: SSL handshake succeeds under JDK 9 (and earlier) but not under JDK 11 by Anthony Scarpino
0
by Anthony Scarpino
DSA default algorithm for keytool -genkeypair. Bad choice? by Severin Gehwolf
17
by Weijun Wang
RFR: 8209862:CipherCore performance improvement by Seán Coffey
6
by Anthony Scarpino
RFR 8076190: Support passwordless access to PKCS12 keystores by Weijun Wang
24
by Martin Buchholz-3
RFR [12]: 8211878: Bad/broken links in docs/api/java.xml.crypto/javax/xml/crypto/dsig/Reference.html by Sean Mullan
1
by Jonathan Gibbons
RFR 8211969: test/jdk/lib/security/CheckBlacklistedCerts.java searching for wrong paths by Weijun Wang
1
by Sean Mullan
JGSS Enhancements (contribution by Two Sigma Open Source) by Nico Williams-2
15
by Sean Mullan
RFR 8210821: Support dns_canonicalize_hostname in krb5.conf by Weijun Wang
9
by Weijun Wang
RFR: 8211860: Avoid reading security properties eagerly on Manifest class initialization by Claes Redestad
4
by Claes Redestad
Jar's CodeSigner null on Java 10, non-null on Java 8 by Scott Palmer
6
by Weijun Wang
Jar's CodeSigner null on Java 10, non-null on Java 8 by Scott Palmer
2
by Bernd Eckenfels-4
12345 ... 248