Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8293858

Change PKCS7 code to use default SecureRandom impl instead of SHA1PRNG

    XMLWordPrintable

Details

    Backports

      Description

        sun.security.pkcs.PKCS7 uses a SHA1PRNG SecureRandom to generate a nonce for timestamped signatures. SHA1PRNG should be phased out. This should be changed to use the default SecureRandom PRNG which varies depending on the OS. Also, it should call sun.security.jca.JCAUtil.getDefSecureRandom() which reuses a SecureRandom instance for improved performance.

        Attachments

          Issue Links

            backported by

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8300755 Change PKCS7 code to use default SecureRandom impl instead of SHA1PRNG

            • P3 - Major loss of function.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8300756 Change PKCS7 code to use default SecureRandom impl instead of SHA1PRNG

            • P3 - Major loss of function.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8300757 Change PKCS7 code to use default SecureRandom impl instead of SHA1PRNG

            • P3 - Major loss of function.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8306975 Change PKCS7 code to use default SecureRandom impl instead of SHA1PRNG

            • P3 - Major loss of function.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8310285 Change PKCS7 code to use default SecureRandom impl instead of SHA1PRNG

            • P3 - Major loss of function.
            • Resolved
            relates to

            Enhancement - null JDK-8293412 Remove unnecessary java.security.egd overrides

            • P4 - Minor loss of function, or other problem where easy workaround is present.
            • Resolved
            links to

            Commit Commit openjdk/jdk11u-dev/2cc45963

            Commit Commit openjdk/jdk17u-dev/790802bd

            Commit Commit openjdk/jdk/21571457

            Review Review openjdk/jdk11u-dev/1949

            Review Review openjdk/jdk17u-dev/1284

            Review Review openjdk/jdk/10883

            Activity

              People

                mullan Sean Mullan
                mullan Sean Mullan
                Votes:
                0 Vote for this issue
                Watchers:
                5 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved: