RFR: 8064330 - Remove SHA224 from the default support list if SunMSCAPI enabled

Rob McKenna rob.mckenna at oracle.com
Mon Jan 18 06:54:58 UTC 2016


Hi folks,

SunJSSE enables SHA224 as an available signature and hash algorithm of 
TLS 1.2 connections. However, the current implementation of SunMSCAPI 
does not support SHA224 yet, and the private key in SunMSCAPI cannot 
work together with other providers. This may cause problems if 
applications use SunMSCAPI for their private keys and use SHA224 at the 
same time.

The solution is to remove SHA224 from the default support list if MSCAPI 
is enabled:

http://cr.openjdk.java.net/~robm/8064330/webrev.01/

	-Rob




More information about the security-dev mailing list