javax.crypto JDK source code, again

StackOverflow https://stackoverflow.com/questions/18181023

  •  24-06-2022
  •  | 
  •  

Question

I've been looking for the javax.crypto JDK source code and I could not find it. Either this is due to my abject searching inability or there must be a reason why the code is not available (the JDK is supposed to be open source, right?) . My guess is that the current jdk javax.crypto has a NSA-mandated backdoor, making open-source release awkward.

My questions are the following:

  1. Where is the jdk javax.crypto source code?
  2. If, as I believe, the jdk javax.crypto source code is not available, how can I check whether my fears that it contains a backdoor are justfied or not?

See Where do I find the javax.crypto source code?

Was it helpful?

Solution

The sources are available over Mercurial. For example, the sources for jdk8-b132's javax.crypto are here.

Notice that if you are suspecting a backdoor, you have no (easy) way to verify that those sources are actually the sources of the binaries you are using. You should build the JDK yourself to be sure…

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top