Quantcast

OpenJDK Security Development

This forum is an archive for the mailing list security-dev@openjdk.java.net (more options) Messages posted here will be sent to this mailing list.
The term "Security" has broad meanings and interpretations. It spans a wide range of areas, including cryptography, public key infrastructure, secure communication, authentication, and access control. The security component thus comprises a large set of APIs, tools, and implementations of commonly-used security algorithms and protocols.

As security concepts such as permissions are tightly interwoven throughout the entire Java source code, these component pages do not address issues in the other primary component areas (language features and virtual machine implementations, core libraries, graphics subsystems, hotspot, serviceability, etc). For a more detailed treatment, please see the corresponding component pages.

The primary emphasis of these pages is to explore the core security components source bases, and hopefully, get developers up to speed quickly.
123456 ... 234
Topics (8168)
Replies Last Post Views
RFR: 8037325: Class.getConstructor() performance regression by Christoph Dreis
1
by Claes Redestad
RFR 8172422: jarsigner needs to understand -? by Weijun Wang
1
by Sean Mullan
Is it possible to find out the key size of the signer if we only have the signature by Weijun Wang
2
by Michael StJohns
RFR 8171423: Relocate /test/lib/security/SecurityTools.java by Amanda Jiang
2
by Weijun Wang
RFR: release note for JDK-7004967 SecureRandom should be more explicit about threading by Weijun Wang
1
by Sean Mullan
Code Review Request JDK-8172273, SSLEngine.unwrap fails with ArrayIndexOutOfBoundsException by Xuelei Fan-2
1
by Bradford Wetmore
Code Review Request JDK-8129988 JSSE should create a single instance of the cacerts KeyStore by Xuelei Fan-2
12
by Sean Mullan
RE: [8u] RFA for backport of JDK-8157665: ProblemList.txt needs to be updated as 7041639 closed by Nikita Jain
1
by Seán Coffey
Code Review Request JDK-8172217, Need debug log for the intermittent failure of AnonCipherWithWantClientAuth by Xuelei Fan-2
4
by Bradford Wetmore
TLS-PSK status ? by Simone Bordet
3
by Xuelei Fan-2
RFR 8170732: GssKrb5Client sends non-zero buffer size when qop is "auth" by Weijun Wang
2
by Xuelei Fan-2
RFR 8172003: getInstance() with unknown provider throws NPE by Adam Petcher
1
by Sean Mullan
RFR 8172017: Two tests sun/security/krb5/auto/ReplayCacheTestProc.java and rcache_usemd5.sh fail on Solaris (Additional pre-authentication required) by Weijun Wang
2
by Sean Mullan
RFR 8157389: Release Note: New default -sigalg for jarsigner and keytool by Weijun Wang
4
by Sean Mullan
RFR: 8172048: Re-examine use of AtomicReference in java.security.Policy by Claes Redestad
8
by David Holmes
An Unexpected I/O exception with AsyncHttpClient while performing SSL requests by Shlomi Abramoviz
2
by dalibor topic-2
[9] RFR 8171443: (spec) An ALPN callback function may also ignore ALPN by Vincent Ryan
4
by Bradford Wetmore
[9] RFR:8168769: javax/net/ssl/TLSv12/DisabledShortRSAKeys.java timed out by Tim Du
2
by Xuelei Fan-2
Code Review Request, 6972386 issues with String.toLowerCase/toUpperCase by Xuelei Fan-2
1
by Weijun Wang
RFR 8170900: Issue with FilePermission::implies for wildcard flag(-) by Weijun Wang
5
by Weijun Wang
[9] RFR 8161232: AsyncSSLSocketClose.java test fails timeout. by Sibabrata Sahoo
1
by Xuelei Fan-2
RFR[9] JDK-8168935: sun/security/ssl/SSLContextImpl/TrustTrustedCert.java failed Intermittently by John Jiang
3
by Xuelei Fan-2
[PATCH] 8170876: NPE in Cipher with java.security.debug=provider by Adam Petcher
3
by Adam Petcher
Code Review Request, JDK-8171337 Check for correct SSLEngineImpl/SSLSocketImpl.setSSLParameters handshaker update method by Xuelei Fan-2
2
by Xuelei Fan-2
RFR 8075618: Create tests to check jarsigner work with multi-version jar by Amanda Jiang
9
by Weijun Wang
RFR 8171353: New home for SecurityTools.java test utility by Weijun Wang
1
by Artem Smotrakov
[9] RFR 8170282: Enable ALPN parameters to be supplied during the TLS handshake by Vincent Ryan
13
by Vincent Ryan
RFR 8171340: HttpNegotiateServer/java test should not use system proxy on Mac by Weijun Wang
1
by Chris Hegarty
[9] RFR: 8166531: sun/security/ssl/SocketCreation/SocketCreation.java fails intermittently by Artem Smotrakov
2
by Artem Smotrakov
RFR[9] JDK-8171297: ProblemList javax/net/ssl/DTLS/PacketLossRetransmission.java due to JDK-8169086 by John Jiang
1
by Xuelei Fan-2
RFR[9] JDK-8164595: javax/net/ssl/FixingJavadocs/SSLSessionNulls.java fails intermittently with javax.net.ssl.SSLHandshakeException: Remote host terminated the handshake by John Jiang
4
by Xuelei Fan-2
RFR 8171190: Bump reference of NIST 800-57 Part 1 Rev 3 to Rev 4 in JarSigner API spec by Weijun Wang
3
by Weijun Wang
RFR 8168979: @implNote for invalid FilePermission by Weijun Wang
5
by Weijun Wang
On 8171135: Include javadoc on JarSigner API in security doc by Weijun Wang
2
by Weijun Wang
[PATCH] 8165751: NPE in Signature with java.security.debug=provider by Adam Petcher
9
by Xuelei Fan-2
123456 ... 234