From 3497062732844e77dc333f11c5d689639ada036e Mon Sep 17 00:00:00 2001 From: Tao Liu Date: Thu, 4 Jul 2024 14:33:11 -0400 Subject: [PATCH] Update SunJSSE fully-qualified class name in Restricted Security mode In JDK8 or JDK11, the fully-qualified class name for SunJSSE is com.sun.net.ssl.internal.ssl.Provider. In JDK17 and above version, its fully-qualified class name changed to sun.security.ssl.SunJSSE. Signed-off-by: Tao Liu --- src/java.base/share/conf/security/java.security | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/java.base/share/conf/security/java.security b/src/java.base/share/conf/security/java.security index 26fc6b3b37..4c8c3461eb 100644 --- a/src/java.base/share/conf/security/java.security +++ b/src/java.base/share/conf/security/java.security @@ -151,7 +151,7 @@ RestrictedSecurity.NSS.140-2.jce.provider.2 = sun.security.provider.Sun [ \ RestrictedSecurity.NSS.140-2.jce.provider.3 = sun.security.ec.SunEC [{KeyFactory, EC, ImplementedIn=Software: \ SupportedKeyClasses=java.security.interfaces.ECPublicKey|java.security.interfaces.ECPrivateKey: \ KeySize=256}, {AlgorithmParameters, EC, *}] -RestrictedSecurity.NSS.140-2.jce.provider.4 = sun.security.ssl.SunJSSE +RestrictedSecurity.NSS.140-2.jce.provider.4 = com.sun.net.ssl.internal.ssl.Provider RestrictedSecurity.NSS.140-2.keystore.type = PKCS11 RestrictedSecurity.NSS.140-2.javax.net.ssl.keyStore = NONE @@ -188,7 +188,7 @@ RestrictedSecurity.NSS.140-2.securerandom.algorithm = PKCS11 RestrictedSecurity.OpenJCEPlusFIPS.FIPS140-3.desc.name = OpenJCEPlusFIPS Cryptographic Module FIPS 140-3 RestrictedSecurity.OpenJCEPlusFIPS.FIPS140-3.desc.default = false RestrictedSecurity.OpenJCEPlusFIPS.FIPS140-3.desc.fips = true -RestrictedSecurity.OpenJCEPlusFIPS.FIPS140-3.desc.hash = SHA256:e71c49d65fd291efe75993ccbe6999e6cfb26bf9ef3e8424cb086c7e2a225ce6 +RestrictedSecurity.OpenJCEPlusFIPS.FIPS140-3.desc.hash = SHA256:b3e01416cda6ca0134e92940b1c2d94664a742325cbbc8d65b6f536ea3770853 RestrictedSecurity.OpenJCEPlusFIPS.FIPS140-3.desc.number = Certificate #XXX RestrictedSecurity.OpenJCEPlusFIPS.FIPS140-3.desc.policy = https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/ RestrictedSecurity.OpenJCEPlusFIPS.FIPS140-3.desc.sunsetDate = 2026-09-21 @@ -313,7 +313,7 @@ RestrictedSecurity.OpenJCEPlusFIPS.FIPS140-3.jce.provider.2 = sun.security.provi {CertStore, com.sun.security.IndexedCollection, ImplementedIn=Software}, \ {Configuration, JavaLoginConfig, *}, \ {Policy, JavaPolicy, *}] -RestrictedSecurity.OpenJCEPlusFIPS.FIPS140-3.jce.provider.3 = sun.security.ssl.SunJSSE +RestrictedSecurity.OpenJCEPlusFIPS.FIPS140-3.jce.provider.3 = com.sun.net.ssl.internal.ssl.Provider RestrictedSecurity.OpenJCEPlusFIPS.FIPS140-3.javax.net.ssl.keyStore = NONE RestrictedSecurity.OpenJCEPlusFIPS.FIPS140-3.securerandom.provider = OpenJCEPlusFIPS @@ -339,7 +339,7 @@ RestrictedSecurity.OpenJCEPlusFIPS.FIPS140-3-Weakly-Enforced.jce.provider.1 = co RestrictedSecurity.OpenJCEPlusFIPS.FIPS140-3-Weakly-Enforced.jce.provider.2 = sun.security.provider.Sun RestrictedSecurity.OpenJCEPlusFIPS.FIPS140-3-Weakly-Enforced.jce.provider.3 = sun.security.rsa.SunRsaSign RestrictedSecurity.OpenJCEPlusFIPS.FIPS140-3-Weakly-Enforced.jce.provider.4 = sun.security.ec.SunEC -RestrictedSecurity.OpenJCEPlusFIPS.FIPS140-3-Weakly-Enforced.jce.provider.5 = sun.security.ssl.SunJSSE +RestrictedSecurity.OpenJCEPlusFIPS.FIPS140-3-Weakly-Enforced.jce.provider.5 = com.sun.net.ssl.internal.ssl.Provider RestrictedSecurity.OpenJCEPlusFIPS.FIPS140-3-Weakly-Enforced.jce.provider.6 = com.sun.crypto.provider.SunJCE RestrictedSecurity.OpenJCEPlusFIPS.FIPS140-3-Weakly-Enforced.jce.provider.7 = sun.security.jgss.SunProvider RestrictedSecurity.OpenJCEPlusFIPS.FIPS140-3-Weakly-Enforced.jce.provider.8 = com.sun.security.sasl.Provider