Loading...

XML

Word

Printable

Type: Enhancement
Resolution: Fixed
Priority: P3
Fix Version/s: 20
Affects Version/s: None
Component/s: security-libs
Labels:

Subcomponent:
java.security
Resolved In Build:
b22

Issue	Fix Version	Assignee	Priority	Status	Resolution	Resolved In Build
JDK-8300755	17.0.8-oracle	Prasadarao Koppula	P3	Resolved	Fixed	b01
JDK-8306975	17.0.8	Goetz Lindenmaier	P3	Resolved	Fixed	b01
JDK-8310285	11.0.21	Goetz Lindenmaier	P3	Resolved	Fixed	b01
JDK-8300756	11.0.20-oracle	Prasadarao Koppula	P3	Resolved	Fixed	b01
JDK-8300757	8u381	Prasadarao Koppula	P3	Resolved	Fixed	b01

sun.security.pkcs.PKCS7 uses a SHA1PRNG SecureRandom to generate a nonce for timestamped signatures. SHA1PRNG should be phased out. This should be changed to use the default SecureRandom PRNG which varies depending on the OS. Also, it should call sun.security.jca.JCAUtil.getDefSecureRandom() which reuses a SecureRandom instance for improved performance.

backported by

JDK-8300755 Change PKCS7 code to use default SecureRandom impl instead of SHA1PRNG

Resolved

JDK-8300756 Change PKCS7 code to use default SecureRandom impl instead of SHA1PRNG

Resolved

JDK-8300757 Change PKCS7 code to use default SecureRandom impl instead of SHA1PRNG

Resolved

JDK-8306975 Change PKCS7 code to use default SecureRandom impl instead of SHA1PRNG

Resolved

JDK-8310285 Change PKCS7 code to use default SecureRandom impl instead of SHA1PRNG

Resolved

relates to

JDK-8293412 Remove unnecessary java.security.egd overrides

Resolved

links to

Commit openjdk/jdk11u-dev/2cc45963

Commit openjdk/jdk17u-dev/790802bd

Commit openjdk/jdk/21571457

Review openjdk/jdk11u-dev/1949

Review openjdk/jdk17u-dev/1284

Review openjdk/jdk/10883

(1 relates to, 6 links to)

Assignee:: Sean Mullan

Reporter:: Sean Mullan

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Created:: 2022-09-15 06:13

Updated:: 2023-06-26 11:52

Resolved:: 2022-10-27 10:34

Details

Backports

Description

Attachments

Issue Links

Activity

People

Dates