8214483: Remove algorithms that use MD5 or DES from security requirements

Reviewed-by: xuelei
2025-08-27 06:45:07 +02:00 · 2019-11-13 13:43:06 -05:00 · 2019-11-13 13:43:06 -05:00 · b171594072
commit b171594072
parent 71a86af40e
6 changed files with 6 additions and 18 deletions
--- a/src/java.base/share/classes/javax/crypto/Cipher.java
+++ b/src/java.base/share/classes/javax/crypto/Cipher.java
@ -147,10 +147,6 @@ import sun.security.jca.*;
 * <li>{@code AES/ECB/NoPadding} (128)</li>
 * <li>{@code AES/ECB/PKCS5Padding} (128)</li>
 * <li>{@code AES/GCM/NoPadding} (128)</li>
- * <li>{@code DES/CBC/NoPadding} (56)</li>
- * <li>{@code DES/CBC/PKCS5Padding} (56)</li>
- * <li>{@code DES/ECB/NoPadding} (56)</li>
- * <li>{@code DES/ECB/PKCS5Padding} (56)</li>
 * <li>{@code DESede/CBC/NoPadding} (168)</li>
 * <li>{@code DESede/CBC/PKCS5Padding} (168)</li>
 * <li>{@code DESede/ECB/NoPadding} (168)</li>
--- a/src/java.base/share/classes/javax/crypto/KeyGenerator.java
+++ b/src/java.base/share/classes/javax/crypto/KeyGenerator.java
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2017, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2019, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -97,7 +97,6 @@ import sun.security.util.Debug;
 * parentheses:
 * <ul>
 * <li>{@code AES} (128)</li>
- * <li>{@code DES} (56)</li>
 * <li>{@code DESede} (168)</li>
 * <li>{@code HmacSHA1}</li>
 * <li>{@code HmacSHA256}</li>
--- a/src/java.base/share/classes/javax/crypto/Mac.java
+++ b/src/java.base/share/classes/javax/crypto/Mac.java
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1998, 2017, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1998, 2019, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -56,7 +56,6 @@ import sun.security.jca.GetInstance.Instance;
 * <p> Every implementation of the Java platform is required to support
 * the following standard {@code Mac} algorithms:
 * <ul>
- * <li>{@code HmacMD5}</li>
 * <li>{@code HmacSHA1}</li>
 * <li>{@code HmacSHA256}</li>
 * </ul>
--- a/src/java.base/share/classes/javax/crypto/SecretKeyFactory.java
+++ b/src/java.base/share/classes/javax/crypto/SecretKeyFactory.java
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2017, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2019, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -52,16 +52,13 @@ import sun.security.jca.GetInstance.Instance;
 * {@link #generateSecret(java.security.spec.KeySpec) generateSecret} and
 * {@link #getKeySpec(javax.crypto.SecretKey, java.lang.Class) getKeySpec}
 * methods.
- * For example, the DES secret-key factory supplied by the "SunJCE" provider
- * supports {@code DESKeySpec} as a transparent representation of DES
- * keys, and that provider's secret-key factory for Triple DES keys supports
- * {@code DESedeKeySpec} as a transparent representation of Triple DES
- * keys.
+ * For example, the DESede (Triple DES) secret-key factory supplied by the
+ * "SunJCE" provider supports {@code DESedeKeySpec} as a transparent
+ * representation of Triple DES keys.
 *
 * <p> Every implementation of the Java platform is required to support the
 * following standard {@code SecretKeyFactory} algorithms:
 * <ul>
- * <li>{@code DES}</li>
 * <li>{@code DESede}</li>
 * </ul>
 * These algorithms are described in the <a href=
@ -74,7 +71,6 @@ import sun.security.jca.GetInstance.Instance;
 * @author Jan Luehe
 *
 * @see SecretKey
- * @see javax.crypto.spec.DESKeySpec
 * @see javax.crypto.spec.DESedeKeySpec
 * @see javax.crypto.spec.PBEKeySpec
 * @since 1.4