OpenJDK Security Development

This forum is an archive for the mailing list security-dev@openjdk.java.net (more options) Messages posted here will be sent to this mailing list.
The term "Security" has broad meanings and interpretations. It spans a wide range of areas, including cryptography, public key infrastructure, secure communication, authentication, and access control. The security component thus comprises a large set of APIs, tools, and implementations of commonly-used security algorithms and protocols.

As security concepts such as permissions are tightly interwoven throughout the entire Java source code, these component pages do not address issues in the other primary component areas (language features and virtual machine implementations, core libraries, graphics subsystems, hotspot, serviceability, etc). For a more detailed treatment, please see the corresponding component pages.

The primary emphasis of these pages is to explore the core security components source bases, and hopefully, get developers up to speed quickly.
12345 ... 245
Topics (8553)
Replies Last Post Views
SSLEngine weird behavior in 11+21? by Simone Bordet
28
by Simone Bordet
[12] RFR 8208602: Cannot read PEM X.509 cert if there is whitespace after the header or footer by Weijun Wang
1
by Xue-Lei Fan
CFV: New Security Group Member: Adam Petcher by Sean Mullan
6
by Bradford Wetmore
Please review EdDSA API by Adam Petcher
7
by Adam Petcher
New candidate JEP: 339: Edwards-Curve Digital Signature Algorithm (EdDSA) by mark.reinhold
0
by mark.reinhold
RFR[11] JDK-8206258: [Test Error] sun/security/pkcs11 tests fail if NSS libs not found by sha.jiang
7
by Valerie Peng
RFR: Backport for JDK-8207237 to JDK 11 by Jamil Nimeh
1
by Xue-Lei Fan
About Password security : new JEP needed ? by Philippe Poulard
0
by Philippe Poulard
RFR [11] 8207846: Generalize the jdk.net.includeInExceptions security property by Chris Hegarty
12
by Chris Hegarty
EC weirdness by Michael StJohns
3
by Adam Petcher
Bug in HttpClient by Thomas Lußnig-2
3
by Chris Hegarty
[11] RFR 8207223: SSL Handshake failures are reported with more generic SSLException by Weijun Wang
2
by Weijun Wang
RFR(xs) 8206968: java/net/httpclient/CancelledResponse.java fails after TLS1.3 changeset by Anthony Scarpino
0
by Anthony Scarpino
RFR(s): 8204196: integer cleanup by Anthony Scarpino
1
by Xue-Lei Fan
[11] RFR 8202837: PBES2 AlgorithmId encoding error in PKCS12 KeyStore by Weijun Wang
1
by Xue-Lei Fan
RFR 8207250: setUseClientMode post handshake with the same value as before does not throw IAE by Weijun Wang
1
by Xue-Lei Fan
RFR: 8203230: update VerifyCACerts tests by Rajan Halade
1
by Sean Mullan
RFR: JDK-8207237: SSLSocket#setEnabledCipherSuites is accepting empty string by Jamil Nimeh
1
by Xue-Lei Fan
RFR 8206929: Check session context for TLS session resumption by Adam Petcher
15
by Adam Petcher
[11] RFR 8207318: KeyStore#getInstance(File, LoadStoreParameter) does not load the keystore by Weijun Wang
1
by Sean Mullan
Trouble with SPNEGO by tom
3
by Nagaraju Chitimilla
RFR: 8207321: Merge error with 8199779 by Rajan Halade
1
by Sean Mullan
RFR[12] JDK-8206443: Update security libs manual test to cope with removal of javac -source/-target 6 by sha.jiang
1
by Xue-Lei Fan
RFR: 8199779: Add T-Systems, GlobalSign and Starfield services root certificates by Rajan Halade
1
by Sean Mullan
Code Review Request, JDK-8207029 Unable to use custom SSLEngine with default TrustManagerFactory after updating to JDK 11 b21 by Xue-Lei Fan
4
by Xue-Lei Fan
RFR 8207031 : CKM_SSL3_PRE_MASTER_KEY_GEN used without need in P11RSACipher.class by Ivan Gerasimov
0
by Ivan Gerasimov
RFR[12] JDK-8179098 "Crypto AES/ECB encryption/decryption performance regression (introduced in jdk9b73)" by Valerie Peng
6
by Valerie Peng
RFR 8206915: XDH TCK issues by Adam Petcher
6
by Xue-Lei Fan
[11] RFR 8206189: sun/security/pkcs12/EmptyPassword.java fails with Sequence tag error by Weijun Wang
1
by Xue-Lei Fan
security/infra/java/security/cert/CertPathValidator/certification/QuoVadisCA.java fails in jdk by Baesken, Matthias
2
by Baesken, Matthias
Re: Unable to use custom SSLEngine with default TrustManagerFactory after updating to ea20 (and later) by Alan Bateman
7
by Xue-Lei Fan
JDK 11+21 SSLSocket.close() deadlock? by Simone Bordet
2
by Simone Bordet
RFR[11] JDK-8199645: javax/net/ssl/SSLSession/TestEnabledProtocols.java failed with Connection reset by sha.jiang
2
by sha.jiang
(Open) RFR: 8205967: Remove sun/security/krb5/auto/UnboundSSL.java from ProblemList.txt by Andrew Wong
1
by Xue-Lei Fan
RFR: 8148188: Enhance the security libraries to record events of interest by Seán Coffey
8
by Seán Coffey
12345 ... 245