infernap12/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2026-02-05 07:58:40 +00:00
Code Issues Packages Projects Releases Wiki Activity
86,986 Commits 342 Branches 1,071 Tags
Commit Graph

84 Commits

Author SHA1 Message Date
Weijun Wang
e51ccef9cb 8347938: Add Support for the Latest ML-KEM and ML-DSA Private Key Encodings 
Reviewed-by: mullan, bperez, mpowers
 2026-02-03 16:32:21 +00:00
Jamil Nimeh
07f981f6b0 8368032: Enhance Certificate Checking 
Reviewed-by: ahgross, coffeys, rhalade, mullan, abarashev
 2026-01-18 20:22:55 -08:00
Mark Powers
92abc6dfe4 8369282: Distrust TLS server certificates anchored by Chunghwa ePKI Root CA 
Reviewed-by: mullan
 2026-01-08 17:35:43 +00:00
Mark Powers
1781b186b5 8343232: PKCS#12 KeyStore support for RFC 9879: Use of Password-Based Message Authentication Code 1 (PBMAC1) 
Reviewed-by: weijun, mullan
 2025-10-31 17:52:48 +00:00
Daniel Fuchs
e8db14f584 8349910: Implement JEP 517: HTTP/3 for the HTTP Client API 
Co-authored-by: Aleksei Efimov <aefimov@openjdk.org>
Co-authored-by: Bradford Wetmore <wetmore@openjdk.org>
Co-authored-by: Daniel Jeliński <djelinski@openjdk.org>
Co-authored-by: Darragh Clarke <dclarke@openjdk.org>
Co-authored-by: Jaikiran Pai <jpai@openjdk.org>
Co-authored-by: Michael McMahon <michaelm@openjdk.org>
Co-authored-by: Volkan Yazici <vyazici@openjdk.org>
Co-authored-by: Conor Cleary <conor.cleary@oracle.com>
Co-authored-by: Patrick Concannon <patrick.concannon@oracle.com>
Co-authored-by: Rahul Yadav <rahul.r.yadav@oracle.com>
Co-authored-by: Daniel Fuchs <dfuchs@openjdk.org>
Reviewed-by: djelinski, jpai, aefimov, abarashev, michaelm
 2025-09-22 10:12:12 +00:00
Valerie Peng
35dabb1a5f 8244336: Restrict algorithms at JCE layer 
Reviewed-by: mullan, ascarpino, abarashev
 2025-09-12 20:16:33 +00:00
Sean Mullan
b5334fe237 8314180: Disable XPath in XML Signatures 
Reviewed-by: weijun
 2025-06-13 12:15:27 +00:00
Michael McMahon
b6f827ef05 8348986: Improve coverage of enhanced exception messages 
Reviewed-by: dfuchs
 2025-06-03 15:36:29 +00:00
Anthony Scarpino
bb2c80c0e9 8298420: Implement JEP 470: PEM Encodings of Cryptographic Objects (Preview) 
Reviewed-by: weijun, mr, mullan, jnimeh
 2025-05-28 19:52:18 +00:00
Artur Barashev
dfa79c3730 8340321: Disable SHA-1 in TLS/DTLS 1.2 handshake signatures 
Reviewed-by: mullan
 2025-04-08 13:02:50 +00:00
Artur Barashev
9c06dcb439 8349583: Add mechanism to disable signature schemes based on their TLS scope 
Reviewed-by: mullan, ascarpino
 2025-03-31 16:45:40 +00:00
Artur Barashev
7a2e198e9f 8352277: java.security documentation: incorrect regex syntax describing "usage" algorithm constraint 
Reviewed-by: mullan, hchao, ascarpino
 2025-03-31 15:48:03 +00:00
Mark Powers
907350e9e8 8346587: Distrust TLS server certificates anchored by Camerfirma Root CAs 
Reviewed-by: mullan
 2025-01-24 23:05:34 +00:00
Artur Barashev
882d635807 8245545: Disable TLS_RSA cipher suites 
Reviewed-by: mullan
 2024-11-21 14:14:30 +00:00
Artur Barashev
697f27c5d5 8341964: Add mechanism to disable different parts of TLS cipher suite 
Reviewed-by: mullan, ascarpino
 2024-11-14 17:44:13 +00:00
Sean Mullan
db85090553 8338411: Implement JEP 486: Permanently Disable the Security Manager 
Co-authored-by: Sean Mullan <mullan@openjdk.org>
Co-authored-by: Alan Bateman <alanb@openjdk.org>
Co-authored-by: Weijun Wang <weijun@openjdk.org>
Co-authored-by: Aleksei Efimov <aefimov@openjdk.org>
Co-authored-by: Brian Burkhalter <bpb@openjdk.org>
Co-authored-by: Daniel Fuchs <dfuchs@openjdk.org>
Co-authored-by: Harshitha Onkar <honkar@openjdk.org>
Co-authored-by: Joe Wang <joehw@openjdk.org>
Co-authored-by: Jorn Vernee <jvernee@openjdk.org>
Co-authored-by: Justin Lu <jlu@openjdk.org>
Co-authored-by: Kevin Walls <kevinw@openjdk.org>
Co-authored-by: Lance Andersen <lancea@openjdk.org>
Co-authored-by: Naoto Sato <naoto@openjdk.org>
Co-authored-by: Roger Riggs <rriggs@openjdk.org>
Co-authored-by: Brent Christian <bchristi@openjdk.org>
Co-authored-by: Stuart Marks <smarks@openjdk.org>
Co-authored-by: Ian Graves <igraves@openjdk.org>
Co-authored-by: Phil Race <prr@openjdk.org>
Co-authored-by: Erik Gahlin <egahlin@openjdk.org>
Co-authored-by: Jaikiran Pai <jpai@openjdk.org>
Reviewed-by: kevinw, aivanov, rriggs, lancea, coffeys, dfuchs, ihse, erikj, cjplummer, coleenp, naoto, mchung, prr, weijun, joehw, azvegint, psadhukhan, bchristi, sundar, attila
 2024-11-12 17:16:15 +00:00
Rajan Halade
f554c3ffce 8341059: Change Entrust TLS distrust date to November 12, 2024 
Reviewed-by: mullan
 2024-09-27 17:16:13 +00:00
Francisco Ferrari Bihurriet
c6f1d5f374 8319332: Security properties files inclusion 
Co-authored-by: Francisco Ferrari Bihurriet <fferrari@openjdk.org>
Co-authored-by: Martin Balao <mbalao@openjdk.org>
Reviewed-by: weijun, mullan, kdriver
 2024-09-23 17:45:38 +00:00
Mark Powers
bbb516163d 8337664: Distrust TLS server certificates issued after Oct 2024 and anchored by Entrust Root CAs 
Reviewed-by: mullan, rhalade
 2024-09-03 19:55:58 +00:00
Weijun Wang
da3001daf7 8331975: Enable case-insensitive check in ccache and keytab entry lookup 
Reviewed-by: mpowers, valeriep
 2024-05-24 01:16:43 +00:00
Bradford Wetmore
4276d5c004 8329637: Apparent typo in java.security file property jdk.tls.keyLimits 
Reviewed-by: ascarpino
 2024-04-04 17:48:41 +00:00
Jamil Nimeh
282a93a4cc 8300285: Enhance TLS data handling 
Reviewed-by: ahgross, ascarpino, rhalade
 2023-07-18 21:17:06 +00:00
Sergey Bylokhov
bdd81b3182 8304885: Reuse stale data to improve DNS resolver resiliency 
Reviewed-by: michaelm, dfuchs
 2023-06-09 23:20:06 +00:00
Weijun Wang
f0aebc8141 8305972: Update XML Security for Java to 3.0.2 
Reviewed-by: mullan
 2023-05-19 17:46:41 +00:00
Sean Mullan
7901f459dc 8301260: Add system property to toggle XML Signature secure validation mode 
Reviewed-by: weijun, coffeys
 2023-02-09 18:18:21 +00:00
Sean Coffey
d0a7938eb7 8286575: Document how properties in java.security are parsed 
Reviewed-by: mullan
 2022-11-21 14:28:07 +00:00
Sean Mullan
00d22f605d 8279164: Disable TLS_ECDH_* cipher suites 
Reviewed-by: xuelei, rhalade, wetmore
 2022-11-07 14:07:10 +00:00
Sean Mullan
16744b3449 8256660: Disable DTLS 1.0 
Reviewed-by: xuelei, hchao, wetmore
 2022-10-31 16:46:40 +00:00
Aleksei Efimov
d37ce4cdd1 8290368: Introduce LDAP and RMI protocol-specific object factory filters to JNDI implementation 
Reviewed-by: dfuchs, rriggs, jpai
 2022-10-19 14:41:28 +00:00
Sean Coffey
9d7c13eb14 8155246: Throw error if default java.security file is missing 
Reviewed-by: mullan
 2022-08-15 09:07:17 +00:00
Hai-May Chao
2ed75be659 8286090: Add RC2/RC4 to jdk.security.legacyAlgorithms 
Reviewed-by: mullan
 2022-05-17 21:47:54 +00:00
Hai-May Chao
09e6ee96bd 8255552: Add DES/3DES/MD5 to jdk.security.legacyAlgorithms 
Reviewed-by: mullan, weijun
 2022-05-04 20:35:16 +00:00
Weijun Wang
cfcba1fccc 8285827: Describe the keystore.pkcs12.legacy system property in the java.security file 
Reviewed-by: mullan
 2022-05-02 14:03:24 +00:00
Michael McMahon
7f2a3ca289 8281561: Disable http DIGEST mechanism with MD5 and SHA-1 by default 
Reviewed-by: weijun, dfuchs
 2022-03-28 13:51:55 +00:00
Weijun Wang
ab867f6c7c 8272162: S4U2Self ticket without forwardable flag 
Reviewed-by: valeriep
 2021-12-01 00:48:28 +00:00
Sean Mullan
6d91a3eb7b 8269039: Disable SHA-1 Signed JARs 
Reviewed-by: weijun
 2021-09-21 13:45:47 +00:00
Roger Riggs
6889a39a3f 8268826: Cleanup Override in Context-Specific Deserialization Filters 
Reviewed-by: dfuchs, bchristi
 2021-07-09 14:33:56 +00:00
Weijun Wang
e2d7ec38af 8267100: [BACKOUT] JDK-8196415 Disable SHA-1 Signed JARs 
Co-authored-by: Sean Mullan <mullan@openjdk.org>
Reviewed-by: hchao, xuelei
 2021-06-22 00:41:45 +00:00
Roger Riggs
13d6180421 8264859: Implement Context-Specific Deserialization Filters 
Reviewed-by: bchristi, dfuchs, chegar
 2021-06-09 12:30:07 +00:00
Stuart Marks
7c85f3510c 8267123: Remove RMI Activation 
Reviewed-by: erikj, rriggs, alanb
 2021-05-27 15:19:45 +00:00
Sean Mullan
278057756a 8196415: Disable SHA-1 Signed JARs 
Reviewed-by: coffeys
 2021-04-28 17:13:21 +00:00
Aleksei Efimov
17a741d6bc 8244473: Contextualize registration for JNDI 
Also reviewed by Chris Ries <chris.ries@oracle.com>

Reviewed-by: dfuchs, rriggs, rhalade, skoivu, mullan
 2021-04-20 21:45:52 +00:00
Sean Mullan
a6427c85ee 8259709: Disable SHA-1 XML Signatures 
Reviewed-by: rhalade, weijun
 2021-03-04 17:21:37 +00:00
Sean Mullan
baf46bac41 8259801: Enable XML Signature secure validation mode by default 
Reviewed-by: weijun, rhalade
 2021-01-28 14:28:27 +00:00
Jamil Nimeh
8554fe6ebc 8253866: Security Libs Terminology Refresh 
Reviewed-by: erikj, weijun, mullan
 2021-01-14 16:36:51 +00:00
Bradford Wetmore
fe5cccc1ec 8254631: Better support ALPN byte wire values in SunJSSE 
Reviewed-by: xuelei, dfuchs
 2020-12-02 04:14:28 +00:00
Sean Mullan
3a4b90f086 8202343: Disable TLS 1.0 and 1.1 
Reviewed-by: xuelei, dfuchs, coffeys
 2020-11-19 14:15:57 +00:00
Weijun Wang
f77a658557 8153005: Upgrade the default PKCS12 encryption/MAC algorithms 
Reviewed-by: mullan
 2020-10-30 13:23:33 +00:00
Anthony Scarpino
0b83fc0150 8235710: Remove the legacy elliptic curves 
Reviewed-by: xuelei, erikj
 2020-09-25 02:40:36 +00:00
Mikael Vidstedt
071bd521bc 8244224: Implementation of JEP 381: Remove the Solaris and SPARC Ports 
Reviewed-by: alanb, bchristi, dcubed, dfuchs, eosterlund, erikj, glaubitz, ihse, iignatyev, jjiang, kbarrett, ksrini, kvn, naoto, prr, rriggs, serb, sspitsyn, stefank, tschatzl, valeriep, weijun, weijun
 2020-05-20 17:33:37 -07:00