再次使用javax.crypto JDK源代码 [英] javax.crypto JDK source code, again
问题描述
我一直在寻找javax.crypto JDK源代码,但我找不到它。这可能是由于我的搜索无能为力,或者必须有一个原因导致代码不可用(JDK应该是开源的,对吧?)。我的猜测是当前的jdk javax.crypto有一个NSA强制的后门程序,使得开源发布变得尴尬。
I've been looking for the javax.crypto JDK source code and I could not find it. Either this is due to my abject searching inability or there must be a reason why the code is not available (the JDK is supposed to be open source, right?) . My guess is that the current jdk javax.crypto has a NSA-mandated backdoor, making open-source release awkward.
我的问题如下:
- jdk javax.crypto在哪里源代码?
- 如果我认为jdk javax.crypto源代码不可用,我怎样才能检查我是否担心它包含后门是否已被修改?
推荐答案
来源可通过 Mercurial 获取。例如,源jdk8-B132的 javax.crypto中是这里。
The sources are available over Mercurial. For example, the sources for jdk8-b132's javax.crypto are here.
请注意,如果您怀疑是后门,你没有(简单)的方法验证这些来源实际上是您正在使用的二进制文件的来源。您应该自己构建JDK以确保...
Notice that if you are suspecting a backdoor, you have no (easy) way to verify that those sources are actually the sources of the binaries you are using. You should build the JDK yourself to be sure…
这篇关于再次使用javax.crypto JDK源代码的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
