Quantcast

OpenJDK Security Development

This forum is an archive for the mailing list security-dev@openjdk.java.net (more options) Messages posted here will be sent to this mailing list.
The term "Security" has broad meanings and interpretations. It spans a wide range of areas, including cryptography, public key infrastructure, secure communication, authentication, and access control. The security component thus comprises a large set of APIs, tools, and implementations of commonly-used security algorithms and protocols.

As security concepts such as permissions are tightly interwoven throughout the entire Java source code, these component pages do not address issues in the other primary component areas (language features and virtual machine implementations, core libraries, graphics subsystems, hotspot, serviceability, etc). For a more detailed treatment, please see the corresponding component pages.

The primary emphasis of these pages is to explore the core security components source bases, and hopefully, get developers up to speed quickly.
12345 ... 234
Topics (8188)
Replies Last Post Views
RFR 8176715: sun/security/krb5/auto/HttpNegotiateServer.java does not compile by Weijun Wang
2
by Sean Mullan
RFR: JDK-8176503: Disable SHA-1 TLS Server Certificates by Sean Mullan
1
by Vincent Ryan
RFR 8176542: Missing @Deprecated arguments for jdk.policytool by Weijun Wang
1
by Sean Mullan
RFR 8176350: Usage constraints don't take effect when using PKIX by Anthony Scarpino
6
by Sean Mullan
[9] RFR: 8176183: sun/security/mscapi/SignedObjectChain.java fails on Windows by Artem Smotrakov
4
by Artem Smotrakov
RFR 8176400: Problemlist sun/security/ssl/X509KeyManager/PreferredKey.java due to JDK-8176354 by Amanda Jiang
1
by Xuelei Fan-2
9 RFR of JDK-8176337: Mark several tests as intermittently failing by Hamlin Li
3
by Xuelei Fan-2
RFR 8176320: security/tools/jarsigner/TsacertOptionTest.java compilation error, all mach 5 tier 2 platforms broken. by Weijun Wang
1
by Xuelei Fan-2
RFR 8175846: Provide javadoc descriptions for jdk.policytool and jdk.crypto.* modules by Weijun Wang
4
by Weijun Wang
RFR 8171319: keytool should print out warnings when reading or generating cert/cert req using weak algorithms by Weijun Wang
8
by Seán Coffey
RFR(s): 8176213: 78 sun/security/krb5/auto tests failing due to undeclared dependecies by Sergei Kovalev
5
by Weijun Wang
JDK 9 RFR of JDK-8176182: 4 security tests are not run by Amy Lu-2
2
by Amy Lu-2
JDK-8133634 ava gets SunMSCAPI entry as TrustedCertificateEntry instead of PrivateKeyEntry by Bernd Eckenfels-4
0
by Bernd Eckenfels-4
RFR 8175250: Manifest checking throws exception with no entry by Anthony Scarpino
2
by Sean Mullan
[jdk9] Webstart app is logging a SecurityException by Reto Merz-2
0
by Reto Merz-2
RFR 8006259: Test example vectors from NIST SP 800-38A by Adam Petcher
3
by Valerie Peng
[JDK-8146293] - Proposal to fix RSASSA-PSS AlgorithmChecker constraints for TLS 1.2 by Christopher Fox
3
by Sean Mullan
RFR 8175120: Remove old tests on kdc timeout policy by Weijun Wang
1
by Xuelei Fan-2
RFR: 8175079: Lazy initialization of ImageReader breaks rmid by Claes Redestad
2
by Claes Redestad
RFR 8168410: Multiple JCK tests are failing due to SecurityException is not thrown. by Weijun Wang
7
by Weijun Wang
[RFR] 8174849: Change SHA1 certpath restrictions by Anthony Scarpino
4
by Jim Manico
RFR 8174909: Doc error in SecureRandom by Weijun Wang
1
by Sean Mullan
JDK 9 RFR of JDK-8174887: Problem list javax/net/ssl/DTLS/RespondToRetransmit.java by Amy Lu-2
1
by Xuelei Fan-2
RFR: 8174837: Add "since=9" to deprecated ContentSigner and ContentSignerParameters classes by Sean Mullan
2
by Weijun Wang
RFR release notes for multiple enhancements: krb5, SASL, JAAS, policytool by Weijun Wang
8
by Sean Mullan
TlsRsaPremasterSecretParameterSpec by Gardiner Michael
3
by Seán Coffey
[9] RFR: 8168423: Test Task: Custom system class loader + security manager + malformed policy file = recursive initialization by Sibabrata Sahoo
6
by Sean Mullan
RFR 8174157: Backout 8151116 by Anthony Scarpino
1
by Sean Mullan
RFR: 8160655 Fix denyAfter and usage types for security properties by Anthony Scarpino
11
by Sean Mullan
RFR [9] 8173708: Re-enable AES cipher with CFB128 mode for Ucrypto provider by Valerie Peng
1
by Brad R. Wetmore
RFR : 8173783: IllegalArgumentException: jdk.tls.namedGroups by Seán Coffey
4
by Seán Coffey
RFR 8173410: Add commented config line for jdk.security.provider.preferred by Anthony Scarpino
2
by Anthony Scarpino
[9] 8173956: KeyStore regression due to default keystore being changed to PKCS12 by Vincent Ryan
1
by Xuelei Fan-2
JDK 10 RFR of JDK-8173903: Update various tests to pass under JDK 10 by joe darcy
4
by David Holmes
RFR: 8173827: Remove forRemoval=true from several deprecated security APIs by Sean Mullan
4
by Claes Redestad
12345 ... 234