Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8267168

Release Note: Upgraded the Default PKCS12 Encryption and MAC Algorithms

    XMLWordPrintable

Details

    Description

      The default encryption algorithms used in a PKCS #12 keystore have been updated. The new algorithms are based on AES-256 and SHA-256 and are stronger than the old algorithms that were based on RC2, DESede, and SHA-1. See the security properties starting with `keystore.pkcs12` in the `java.security` file for detailed information.

      For compatibility, a new system property named `keystore.pkcs12.legacy` is defined that will revert the algorithms to use the older, weaker algorithms. There is no value defined for this property.

      Attachments

        Issue Links

          backport of

          Sub-task - The sub-task of the issue JDK-8242069 Release Note: Upgraded the Default PKCS12 Encryption and MAC Algorithms

          • P4 - Minor loss of function, or other problem where easy workaround is present.
          • Closed

          Activity

            People

              cwayne Clifford Wayne (Inactive)
              weijun Weijun Wang
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: