OpenJDK Security Development

This forum is an archive for the mailing list security-dev@openjdk.java.net (more options) Messages posted here will be sent to this mailing list.
The term "Security" has broad meanings and interpretations. It spans a wide range of areas, including cryptography, public key infrastructure, secure communication, authentication, and access control. The security component thus comprises a large set of APIs, tools, and implementations of commonly-used security algorithms and protocols.

As security concepts such as permissions are tightly interwoven throughout the entire Java source code, these component pages do not address issues in the other primary component areas (language features and virtual machine implementations, core libraries, graphics subsystems, hotspot, serviceability, etc). For a more detailed treatment, please see the corresponding component pages.

The primary emphasis of these pages is to explore the core security components source bases, and hopefully, get developers up to speed quickly.
123456 ... 242
Topics (8445)
Replies Last Post Views
Update mechanism for the upcoming trust store by Fotis Loukos-2
5
by Fotis Loukos-2
[8u] [RFR] Request for Review of JDK-8196952: Bad primeCertainty value setting in DSAParameterGenerator by Andrew Hughes-8
2
by Andrew Hughes-8
[11] RFR: JDK-8197441: Signature#initSign/initVerify for an invalid private/public key fails with ClassCastException for SunPKCS11 provider by Valerie Peng
2
by Valerie Peng
RFR JDK-8195607: NSS + Sqlite DB by Martin Balao
1
by Martin Balao
RFR 8191438: jarsigner should print when a timestamp will expire by Weijun Wang
3
by Weijun Wang
AW: [PATCH]: Support for brainpool curves from CurveDB in SunEC by Tobias Wagner
0
by Tobias Wagner
contribute to the OpenJDK security group by Leo Grove
6
by Tomas Gustavsson
RFR 8196215: sun/security/util/Resources/customSysClassLoader/MessageFormatting.java failed on ar_SA locale. by Adam Petcher
7
by Adam Petcher
RFR (fix+CSR) 8196823: jarsigner should not create a signed jar if the signing fails by Weijun Wang
1
by Sean Mullan
RFR 8194251: Deadlock between UsageTracker and System.getProperty() when using a malformed security policy by Adam Petcher
2
by Sean Mullan
Webservice error - 2 counts of InaccessibleWSDLException - due to JDK update from 112 to 121 by Patrick Goovaerts
1
by Sean Mullan
JDK 11 RFR of JDK-8196414: Update ProviderVersionCheck.java to pass on updated JDK versions by joe darcy
3
by Sean Mullan
Da Capo: JSON "clear text" signatures by Anders Rundgren
2
by Anders Rundgren
Proposal: ChaCha20 and ChaCha20-Poly1305 Cipher implementations by Jamil Nimeh
6
by Jamil Nimeh
RFR 8177398: Exclude dot files ending with .conf from krb5.conf's includedir by Weijun Wang
1
by Sean Mullan
RFR JDK-8186098: sun/security/pkcs11/KeyStore/SecretKeysBasic.sh failed due to libnss3 version cannot be parsed by sha.jiang
7
by Xuelei Fan-2
Code Review Request, JDK-8185576 : New handshake implementation by Xuelei Fan-2
5
by Xuelei Fan-2
sunrsasign.jar still searched in java 8? by Bernd Eckenfels-4
6
by Bradford Wetmore
[11] RFR: 8194486: Several krb5 tests failed in Mac. by Sibabrata Sahoo
5
by Weijun Wang
RFR [10]: 8194307: KeyStore#getInstance with custom LoadStoreParameter succeeds with invalid password by Sean Mullan
2
by Sean Mullan
RFR JDK-8195667: ProblemList PKCS11 tests Secmod/AddTrustedCert.java and tls/TestKeyMaterial.java due to JDK-8180837 by sha.jiang
1
by Weijun Wang
RFR JDK-8194864: Outputs more details for PKCS11 tests if the NSS lib version cannot be determined by sha.jiang
1
by Xuelei Fan-2
JCEKS Keystore problem by Brendan McKenna
2
by Brendan McKenna
RFR: 8194960: Add a test for trust manager and cacerts keystore sanity by Martin Buchholz-3
2
by Martin Buchholz-3
[PATCH]: Support for brainpool curves from CurveDB in SunEC by Tobias Wagner
1
by Adam Petcher
RFR 8014628: Support AES Encryption with HMAC-SHA2 for Kerberos 5 by Weijun Wang
15
by Sean Mullan
RFR 8195119: Fine-tune output text in keytool by Weijun Wang
1
by Sean Mullan
[PATCH] Crypto EC - avoids possible memset compiler optimisation by DEV Nexen
3
by Christopher Schultz
[10] RFR 8194959: Correct test tag to move bugid from @test to @bug by Amy Lu-2
3
by Amy Lu-2
About signature algorithm and provider name in SignedObject spec by Weijun Wang
1
by Sean Mullan
RFR JDK-8194257: javax/net/ssl/compatibility/Compatibility.java should be updated for JDK 6 after JDK-8174748 by sha.jiang
1
by Xuelei Fan-2
[10] RFR 8194666: ProblemList update for bugid associated with PreferredKey.java, ConcurrentHashMapTest and SSLSocketParametersTest.sh by Amy Lu-2
1
by Xuelei Fan-2
Bug in SunNativeProvider by Jan Kalina
5
by Valerie Peng
[PATCH]: Support for brainpool curves from CurveDB in SunEC by Tobias Wagner
1
by Adam Petcher
RFR JDK-8189760: sun/security/ssl/CertPathRestrictions/TLSRestrictions.java failed with unexpected Exception intermittently by sha.jiang
1
by Xuelei Fan-2
123456 ... 242