-
Type:
Enhancement
-
Status: Resolved
-
Priority:
P3
-
Resolution: Fixed
-
Affects Version/s: None
-
Fix Version/s: 16
-
Component/s: security-libs
-
Subcomponent:
-
Resolved In Build:b23
Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
---|---|---|---|---|---|---|
JDK-8258403 | 11.0.12-oracle | Prasadarao Koppula | P3 | Open | Unresolved | |
JDK-8258401 | 8u301 | Prasadarao Koppula | P3 | Open | Unresolved | |
JDK-8258402 | 7u311 | Prasadarao Koppula | P3 | Open | Unresolved |
The default PKCS12 algorithms for confidentiality and integrity currently make use of SHA-1 hashes. SHA-1 is no longer universally recommended. We should examine supporting alternative algorithms that are stronger and that make use of SHA-2 hashes.
Interoperability concerns will also need to be examined before upgrading the default algorithms.
- backported by
-
JDK-8258401 Upgrade the default PKCS12 encryption/MAC algorithms
-
- Open
-
-
JDK-8258402 Upgrade the default PKCS12 encryption/MAC algorithms
-
- Open
-
-
JDK-8258403 Upgrade the default PKCS12 encryption/MAC algorithms
-
- Open
-
- csr for
-
JDK-8228481 Upgrade the default PKCS12 encryption/MAC algorithms
-
- Closed
-
- is blocked by
-
JDK-8076190 Customizing the generation of a PKCS12 keystore
-
- Resolved
-
- relates to
-
JDK-8214513 A PKCS12 keystore from Java 8 using custom PBE parameters cannot be read in Java 11
-
- Closed
-
-
JDK-8202837 PBES2 AlgorithmId encoding error in PKCS12 KeyStore
-
- Closed
-
-
JDK-8180710 PBKDF2 SecretKeyFactory and PBES2 Cipher algorithms
-
- Resolved
-
-
JDK-8006591 Protect keystore entries using stronger PBE algorithms
-
- Closed
-
-
JDK-8162628 The CACERTS keystore type
-
- Open
-