OpenJDK Security Development

This forum is an archive for the mailing list security-dev@openjdk.java.net (more options) Messages posted here will be sent to this mailing list.
The term "Security" has broad meanings and interpretations. It spans a wide range of areas, including cryptography, public key infrastructure, secure communication, authentication, and access control. The security component thus comprises a large set of APIs, tools, and implementations of commonly-used security algorithms and protocols.

As security concepts such as permissions are tightly interwoven throughout the entire Java source code, these component pages do not address issues in the other primary component areas (language features and virtual machine implementations, core libraries, graphics subsystems, hotspot, serviceability, etc). For a more detailed treatment, please see the corresponding component pages.

The primary emphasis of these pages is to explore the core security components source bases, and hopefully, get developers up to speed quickly.
12345 ... 242
Topics (8445)
Replies Last Post Views
RFR 8196540: [Testbug] java/security/AccessController/DoPrivAccompliceTest.java doesn't handle unrelated warnings by Bhanu Prakash Gopula...
1
by Sean Mullan
RFR JDK-8029661: JDK-Support TLS v1.2 algorithm in SunPKCS11 provider by Jack Ottofaro
0
by Jack Ottofaro
JEP 332: Transport Layer Security (TLS) 1.3 by mark.reinhold
2
by Sean Mullan
RFR 8190333: sun/security/ssl/X509KeyManager/PreferredKey.java failed with "Failed to get the preferable key aliases" by Amanda Jiang
1
by Sean Mullan
[11] RFR: 8187218: GSSCredential.getRemainingLifetime() returns negative value for TTL > 24 days. by Prasadrao Koppula
2
by Sean Mullan
RFR JDK-8200403: javax/net/ssl/sanity/interop/ClientJSSEServerJSSE.java needs to clarify the relation between cipher suites and protocols by sha.jiang
0
by sha.jiang
RFR 8171277: Elliptic Curves for Security in Crypto (part 2) by Adam Petcher
1
by Sean Mullan
Re: -Djava.security.manager=problems for service providers by Alan Bateman
7
by naoto.sato
RFR 8178370 : [TEST_BUG] java/security/Signature/SignatureLength.java fails by Ivan Gerasimov
2
by Sean Mullan
Comment on https://bugs.openjdk.java.net/browse/JDK-8145252 - TLS 1.3 formally adopted by IETF by R Wagner
2
by Sean Mullan
[11] RFR: 8193032: Remove terminally deprecated SecurityManager APIs by Sean Mullan
2
by Sean Mullan
RFR 8180570: Refactor sun/security/mscapi shell tests to plain java tests by Weijun Wang
4
by Weijun Wang
JEP 329: ChaCha20 and Poly1305 Cryptographic Algorithms by mark.reinhold
2
by Jamil Nimeh
Draft JEP: TLS 1.3 by Xuelei Fan-2
1
by Sean Mullan
RFR 8186228: sun/security/krb5/auto/KdcPolicy.java fails with "java.lang.Exception: Does not match. Output is c30000c30000c30000" by Weijun Wang
1
by Sean Mullan
RFR 8171277: Elliptic Curves for Security in Crypto by Adam Petcher
5
by Adam Petcher
RFR 8181594: Efficient and constant-time modular arithmetic by Adam Petcher
6
by Xuelei Fan-2
RFR: 8165996:PKCS11 using NSS throws an error regarding secmod.db when NSS uses sqlite by Seán Coffey
5
by Martin Balao
Integration and Junit test cases for security by Yogesh Dabhi
1
by Bernd Eckenfels-4
Algorithm aliases of SHA-1 in DisabledAlgorithmConstraints by Weijun Wang
8
by Sean Mullan
PKCS#11 provider issues with min and max size by Tomas Gustavsson
8
by Tomas Gustavsson
About duplicate aliases in MSCAPI keystore by Weijun Wang
0
by Weijun Wang
RFR 8199154: Accessibility issues in jdk.security.auth by Weijun Wang
2
by Weijun Wang
RFR 8199198: Remove unused functions in jdk.crypto.mscapi native code by Weijun Wang
2
by Vincent Ryan
RFR 8193262: JNI array not released in libsunmscapi convertToLittleEndian by Weijun Wang
2
by Anthony Scarpino
RFR 8198898: Compilation errors in jdk.crypto.mscapi with VS 2017 by Weijun Wang
2
by Weijun Wang
RFR: 8199018: Test crypto provider not registering by Seán Coffey
3
by Bradford Wetmore
[PATCH]: Support for brainpool curves from CurveDB in SunEC by Tobias Wagner
5
by Tobias Wagner
RFR 8191139: Remove deprecated javax.security.auth.Policy API by Weijun Wang
3
by Sean Mullan
RFR JDK-8029661: JDK-Support TLS v1.2 algorithm in SunPKCS11 provider by Martin Balao
4
by Martin Balao
provider registration by Bernd Eckenfels-4
2
by Bernd Eckenfels-4
[PATCH] JDK-8194630: Uninitialized initiator_address in native GSS by Jan Kalina
4
by Valerie Peng
RFR 8197518: Kerberos krb5 authentication: AuthList's put method leads to performance issue by Weijun Wang
12
by Daniel Fuchs
RFR: 8193892: Impact of noncloneable MessageDigest implementation by Seán Coffey
5
by Seán Coffey
Re: RFR 8198645 Use System.lineSeparator() instead of getProperty("line.separator") by Xuelei Fan-2
0
by Xuelei Fan-2
12345 ... 242