-
Type:
Sub-task
-
Resolution: Delivered
-
Priority:
P4
-
Affects Version/s: 17.0.13-oracle, 21.0.5-oracle, 22
-
Component/s: security-libs
| Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
|---|---|---|---|---|---|---|
| JDK-8337215 | 21.0.5-oracle | Marc Palmerjohnson | P4 | Resolved | Delivered | |
| JDK-8337218 | 17.0.13-oracle | Marc Palmerjohnson | P4 | Resolved | Delivered |
When instantiating a third-party security provider's implementation (class) of a `KEM` algorithm, the framework will determine the provider's codebase (JAR file) and verify its signature. In this way, JCA authenticates the provider and ensures that only providers signed by a trusted entity can be plugged into the JCA. This is consistent with other JCE service classes, such as `Cipher`, `Mac`, `KeyAgreement`, and others.
- backported by
-
-
- Resolved
-
-
-
- Resolved
-