-
Enhancement
-
Resolution: Fixed
-
P3
-
None
| Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
|---|---|---|---|---|---|---|
| JDK-8057187 | 9 | Sirisha Bhusarapu | P3 | Resolved | Fixed |
See: http://docs.oracle.com/javase/8/docs/technotes/guides/security/crypto/CryptoSpec.html#PBEEx
This example uses a weak algorithm: PBEWithMD5AndDES
This example should be updated to use a stronger alg (ex: PBEWithHmacSHA256AndAES_256) that was added in JDK 8 as part of JEP 121.
There is also a similar example in the Managing Algorithm Parameters section for Cipher in the JCA guide: http://docs.oracle.com/javase/8/docs/technotes/guides/security/crypto/CryptoSpec.html#Cipher
This example uses a weak algorithm: PBEWithMD5AndDES
This example should be updated to use a stronger alg (ex: PBEWithHmacSHA256AndAES_256) that was added in JDK 8 as part of JEP 121.
There is also a similar example in the Managing Algorithm Parameters section for Cipher in the JCA guide: http://docs.oracle.com/javase/8/docs/technotes/guides/security/crypto/CryptoSpec.html#Cipher
- backported by
-
JDK-8057187 Password Based Encryption example in JCA guide should be updated to use new JDK 8 strong PBE algs
-
- Resolved
-