RFR: 8064330 - Remove SHA224 from the default support list if SunMSCAPI enabled
Rob McKenna
rob.mckenna at oracle.com
Mon Jan 18 06:54:58 UTC 2016
Hi folks,
SunJSSE enables SHA224 as an available signature and hash algorithm of
TLS 1.2 connections. However, the current implementation of SunMSCAPI
does not support SHA224 yet, and the private key in SunMSCAPI cannot
work together with other providers. This may cause problems if
applications use SunMSCAPI for their private keys and use SHA224 at the
same time.
The solution is to remove SHA224 from the default support list if MSCAPI
is enabled:
http://cr.openjdk.java.net/~robm/8064330/webrev.01/
-Rob
More information about the security-dev
mailing list