OpenJDK Security Development

This forum is an archive for the mailing list security-dev@openjdk.java.net (more options) Messages posted here will be sent to this mailing list.
The term "Security" has broad meanings and interpretations. It spans a wide range of areas, including cryptography, public key infrastructure, secure communication, authentication, and access control. The security component thus comprises a large set of APIs, tools, and implementations of commonly-used security algorithms and protocols.

As security concepts such as permissions are tightly interwoven throughout the entire Java source code, these component pages do not address issues in the other primary component areas (language features and virtual machine implementations, core libraries, graphics subsystems, hotspot, serviceability, etc). For a more detailed treatment, please see the corresponding component pages.

The primary emphasis of these pages is to explore the core security components source bases, and hopefully, get developers up to speed quickly.
123456 ... 237
Topics (8289)
Replies Last Post Views
How do I know which granted permission is not needed? by Weijun Wang
5
by Weijun Wang
RFR 8181975: Run sun/security/pkcs11 tests on Mac by Bhanu Prakash Gopula...
1
by Seán Coffey
RFR 8182118: Package summary is missing in jdk.security.auth module by Weijun Wang
8
by Mandy Chung
[10] RFR: 8182388: Backout 8182143 by Artem Smotrakov
2
by Bernd Eckenfels-4
RFR [9]: 8181295: Document that SecurityManager::checkPackageAccess may be called by the VM by Sean Mullan
3
by Mandy Chung
[10] RFR: 8182143: SHA224-based signature algorithms are not enabled for TLSv12 on Windows by Artem Smotrakov
6
by Artem Smotrakov
Stricter Public Key checking corrupts JKS by Bernd Eckenfels-4
3
by Bernd Eckenfels-4
RFR 8181841: A TSA server returns timestamp with precision higher than milliseconds by Weijun Wang
6
by Michael StJohns
[9] RFR 8181978: Keystore probing mechanism fails for large PKCS12 keystores by Vincent Ryan
1
by Sean Mullan
RFR[10] JDK-8179564: Missing @bug for tests added with JDK-8165367 by sha.jiang
1
by Weijun Wang
Untranslated common (ZIPCode OID.2.5.4.17) attribute by Bernd Eckenfels-4
0
by Bernd Eckenfels-4
RSASSA_PSS (for Certificates) by Bernd Eckenfels-4
1
by Brad R. Wetmore
Code Review Request, JDK-8178728 Check the AlgorithmParameters in algorithm constraints by Xuelei Fan-2
5
by Xuelei Fan-2
RFR : 8181205:JRE fails to load/register security providers when started from UNC pathname by Seán Coffey
3
by Seán Coffey
RFR 8181461: sun/security/krb5/auto/KdcPolicy.java fails with java.lang.Exception: Does not match by Weijun Wang
2
by Xuelei Fan-2
RFR 8181299/10, Several jdk tests fail with java.lang.NoClassDefFoundError: jdk/test/lib/process/StreamPumper by FELIX YANG
23
by Igor Ignatyev
Code Review Request, JDK-8181439 Test the jdk.tls.namedGroups System Property by Xuelei Fan-2
1
by Valerie Peng
JPMS Access Checks, Verification and the Security Manager by Volker Simonis
11
by Volker Simonis
[9] RFR 8180635: (doc) Clarify the compatibility and interoperability issue when using provider default values by Valerie Peng
6
by Valerie Peng
RFR(XS) : 8180895 : java/security/AccessController/DoPrivAccompliceTest.java has to be improved by Igor Ignatyev
1
by Artem Smotrakov
RFR 8178794: krb5 client should ignore sname in incoming tickets by Weijun Wang
2
by Sean Mullan
Code Review Request, JDK-8180856 Remove RecordType.java by Xuelei Fan-2
1
by Weijun Wang
ECC Key Usage ignored with and ECDH(E) ciphers by Bernd Eckenfels-4
3
by Xuelei Fan-2
RFR 8172244: AIOOBE in KeyStore.getCertificateAlias on Windows by Adam Petcher
1
by Vincent Ryan
[jdk8u-dev] Review Request and Approval to Backport: 8140436: Support the FFDHE TLS extension by Ivan Gerasimov
1
by Seán Coffey
[9] RFR: 8180307: Add new JDK 9 Required Algorithms to Cipher class by Sean Mullan
4
by Sean Mullan
RFR 9 test-only RFR 8177328 : java/lang/ClassLoader/securityManager/ClassLoaderTest.java times out with -Xcomp by Brent Christian-2
14
by Brent Christian-2
FW: SecurityManager.checkPackageAccess for qualified exports by Langer, Christoph
5
by Mandy Chung
RFR: Update tables in java.base to be HTML5-friendly. by Jonathan Gibbons
13
by Jonathan Gibbons
[10] RFR 8179389: X509Certificate generateCRLs is extremely slow using a PEM crl list by Weijun Wang
1
by Sean Mullan
Re: RFR: JDK-8178278 Move Standard Algorithm Names document to specs directory by Erik Joelsson
2
by Erik Joelsson
JEP-123: Configurable Secure Random-Number Generation by Milton Smith-2
0
by Milton Smith-2
RFR[9] 8179451: Confidential copyright header in openjdk by sha.jiang
3
by Weijun Wang
RFR 8176457: Add verbose option to java.security.debug by Anthony Scarpino
1
by Vincent Ryan
RFR: 8178014: CryptoPolicyParser's API comment contains < and > characters by Brad R. Wetmore
2
by Kumar Srinivasan
123456 ... 237