Loading...

XML

Word

Printable

Type: Enhancement
Resolution: Fixed
Priority: P3
Fix Version/s: 26
Affects Version/s: None
Component/s: security-libs
Labels:
- noreg-jck
- release-note=yes

Subcomponent:
java.security
Resolved In Build:
b09

Remove the the following algorithms from the list of required algorithms as they are no longer recommended, and should not be in wide usage anymore:

AlgorithmParameters: DESede
Cipher:
    DESede/CBC/NoPadding
    DESede/CBC/PKCS5Padding
    DESede/ECB/NoPadding
    DESede/ECB/PKCS5Padding
    RSA/ECB/PKCS1Padding
KeyGenerator: DESede
SecretKeyFactory: DESede

Add the following PBES2 algorithms from PKCS#5 v2.1 as new requirements:

AlgorithmParameters:
    PBEWithHmacSHA256AndAES_128
    PBEWithHmacSHA256AndAES_256
Cipher:
    PBEWithHmacSHA256AndAES_128
    PBEWithHmacSHA256AndAES_256
Mac:
    PBEWithHmacSHA256
SecretKeyFactory:
    PBEWithHmacSHA256AndAES_128
    PBEWithHmacSHA256AndAES_256
    PBKDF2WithHmacSHA256

csr for

JDK-8362549 Remove outdated algorithms from requirements and add PBES2 algorithms

Closed

relates to

JDK-8244336 Restrict algorithms at JCE layer

In Progress

links to

Commit(master) openjdk/jdk/06fdb61e

Review(master) openjdk/jdk/26392

Release Note: Removed DESede and PKCS1Padding Algorithms from Requirements and Added PBES2 Algorithms

Resolved

Sean Mullan

Assignee:: Sean Mullan

Reporter:: Sean Mullan

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Created:: 2025-07-11 06:15

Updated:: 6 hours ago

Resolved:: 2025-07-25 06:00

Details

Description

Attachments

Issue Links

Sub-Tasks

Activity

People

Dates