RFR: 8064330 - Remove SHA224 from the default support list if SunMSCAPI enabled

Xuelei Fan xuelei.fan at oracle.com
Mon Jan 18 10:53:35 UTC 2016


Looks fine to me.

Xuelei

On 1/18/2016 2:54 PM, Rob McKenna wrote:
> Hi folks,
> 
> SunJSSE enables SHA224 as an available signature and hash algorithm of
> TLS 1.2 connections. However, the current implementation of SunMSCAPI
> does not support SHA224 yet, and the private key in SunMSCAPI cannot
> work together with other providers. This may cause problems if
> applications use SunMSCAPI for their private keys and use SHA224 at the
> same time.
> 
> The solution is to remove SHA224 from the default support list if MSCAPI
> is enabled:
> 
> http://cr.openjdk.java.net/~robm/8064330/webrev.01/
> 
>     -Rob
> 




More information about the security-dev mailing list