');mask-image:url('data:image/svg+xml;utf8, ');content:'';margin:0 .4rem;display:inline-block;vertical-align:middle;line-height:1}.breadcrumb-trail .trail-items li:last-child:after{display:none}.bloghash-breadcrumbs{font-size:1.4rem;border-width:0}#page .page-header .bloghash-breadcrumbs a>span{color:inherit}#bloghash-copyright .bloghash-flex-row>div:empty{display:none}#bloghash-copyright>.bloghash-container>.bloghash-flex-row>div{width:auto;padding-top:.6rem;padding-bottom:.6rem}.bloghash-copyright-layout-1 #bloghash-copyright>.bloghash-container>.bloghash-flex-row>div{-ms-flex-preferred-size:100%;flex-basis:100%;-ms-flex-negative:0;flex-shrink:0;-webkit-box-pack:center;-ms-flex-pack:center;justify-content:center}#bloghash-scroll-top{-webkit-box-align:center;-ms-flex-align:center;align-items:center;-webkit-box-pack:center;-ms-flex-pack:center;justify-content:center;position:fixed;bottom:2.5rem;right:2rem;z-index:997;width:4rem;height:4rem;opacity:0;-webkit-transform:translate3d(0,3rem,0);transform:translate3d(0,3rem,0)}#bloghash-scroll-top .bloghash-scroll-icon{overflow:hidden;z-index:2}#bloghash-scroll-top .bloghash-icon{-webkit-box-align:center;-ms-flex-align:center;align-items:center;-webkit-box-pack:center;-ms-flex-pack:center;justify-content:center;height:2rem;color:var(--bloghash-white);-webkit-transform:translateY(1.1rem);-ms-transform:translateY(1.1rem);transform:translateY(1.1rem)}#bloghash-scroll-top:before{content:'';z-index:1;border-radius:10rem;background-color:var(--bloghash-primary);-webkit-transform:scale(1);-ms-transform:scale(1);transform:scale(1);border:.1rem solid rgba(185,185,185,.4)}#bloghash-scroll-top svg{fill:var(--bloghash-white)}.bloghash-widget.widget:not(.widget_text):not(.hester-core-custom-list-widget) ol{list-style:none;margin-left:0;margin-right:0}#main .bloghash-widget{overflow:hidden}#main .bloghash-widget{margin-bottom:4rem}.widget ol{line-height:1.5}.widget ol:last-child{margin-bottom:0}.widget ol li{margin-bottom:1rem}.widget.bloghash-entry p{margin-top:1.6rem;margin-bottom:1.6rem}.widget.bloghash-entry p:last-child{margin-bottom:0}.widget.widget_block li a{position:relative;z-index:0}.widget.widget_recent_comments li{margin-bottom:1.6rem}.bloghash-entry>:first-child{margin-top:0}.bloghash-entry>:last-child{margin-bottom:0}.bloghash-entry ol{margin-left:4rem}.bloghash-entry ol{margin-bottom:2rem;margin-top:2rem}.bloghash-entry p{margin-bottom:1.5rem;margin-top:1.5rem}.entry-media{margin-bottom:2.5rem}.entry-media img{margin:0 auto;display:block}.single-post .entry-media{margin-bottom:4rem}.single .post-category{margin-bottom:.3rem;font-size:1.4rem}.single .post-category a{-js-display:inline-flex;display:-webkit-inline-box;display:-ms-inline-flexbox;display:inline-flex;margin:0 .4rem .8rem}.single .post-nav .nav-previous .nav-content span{padding-right:2rem}.single.bloghash-page-title-align-left .bloghash-article>.post-category{text-align:start}#cancel-comment-reply-link{font-size:1.3rem;border-radius:var(--bloghash-normal-radius);border:.2rem solid currentColor;font-weight:500;padding:.4rem .7rem;line-height:1;text-decoration:none;text-transform:capitalize;margin-left:1.4rem;color:inherit}button.bloghash-animate-arrow{-webkit-appearance:none;border:none;-webkit-box-shadow:none;box-shadow:none;background:0 0;outline:none}.bloghash-animate-arrow .arrow-bar{-webkit-transform:scaleX(0);-ms-transform:scaleX(0);transform:scaleX(0)}.bloghash-animate-arrow svg{vertical-align:middle}.bloghash-animate-arrow.right-arrow svg{-webkit-transform:rotate(180deg);-ms-transform:rotate(180deg);transform:rotate(180deg)}.bloghash-animate-arrow.right-arrow .arrow-bar{-webkit-transform-origin:100% 0;-ms-transform-origin:100% 0;transform-origin:100% 0}.bloghash-animate-arrow.right-arrow .arrow-handle{-webkit-transform:translateX(.6rem);-ms-transform:translateX(.6rem);transform:translateX(.6rem)}.bloghash-hamburger{padding:0;display:inline-block;font:inherit;color:inherit;text-transform:none;background-color:transparent;border:0;margin:0;overflow:visible}.hamburger-box{width:2.5rem;height:1.4rem;display:inline-block;position:relative}.hamburger-inner{display:block;top:50%;margin-top:-.1rem}.hamburger-inner,.hamburger-inner:before,.hamburger-inner:after{width:2.8rem;height:2px;background-color:#111827;border-radius:var(--bloghash-normal-radius);position:absolute}.hamburger-inner:before,.hamburger-inner:after{content:"";display:block}.hamburger-inner:before{top:-5px}.hamburger-inner:after{bottom:-5px}.bloghash-mobile-nav{order:1;display:none;margin-left:2.4rem}.bloghash-hamburger,.bloghash-mobile-nav{-webkit-box-align:center;-ms-flex-align:center;align-items:center}body:not(.is-mobile-menu-active) .bloghash-hamburger .hamburger-box .hamburger-inner:before{width:1.5rem}.bloghash-hamburger{-js-display:inline-flex;display:-webkit-inline-box;display:-ms-inline-flexbox;display:inline-flex;border-radius:var(--bloghash-normal-radius)}.bloghash-hamburger .hamburger-inner,.bloghash-hamburger .hamburger-inner:before,.bloghash-hamburger .hamburger-inner:after{background-color:currentColor}#bloghash-header:after{content:'';position:fixed;top:100%;left:0;right:0;height:100vh;background-color:rgba(255,255,255,.85);z-index:991;opacity:0;visibility:hidden;will-change:opacity,visibility;-webkit-transform:translate3d(0,0,0);transform:translate3d(0,0,0)}@media only screen and (min-width:600px){.site .bloghash-flex-row .start-sm{-webkit-box-pack:start;-ms-flex-pack:start;justify-content:flex-start;text-align:start}.site .bloghash-flex-row .end-sm{-webkit-box-pack:end;-ms-flex-pack:end;justify-content:flex-end;text-align:end;margin-left:auto}}@media only screen and (min-width:782px){.site .bloghash-flex-row .col-md{-webkit-box-flex:1;-ms-flex-positive:1;flex-grow:1;-ms-flex-negative:1;flex-shrink:1;max-width:100%;-ms-flex-preferred-size:0;flex-basis:0}.site .bloghash-flex-row .col-md.flex-basis-auto{-ms-flex-preferred-size:auto;flex-basis:auto}.site .bloghash-flex-row .end-md{-webkit-box-pack:end;-ms-flex-pack:end;justify-content:flex-end;text-align:end;margin-left:auto}}@media only screen and (max-width:868px){.bloghash-hide-mobile-tablet{display:none!important}.bloghash-container{padding:0 3rem}.bloghash-header-widgets .bloghash-header-widget,.bloghash-header-widgets .bloghash-header-widget.bloghash-header-widget__button{padding-left:1rem;padding-right:1rem}.bloghash-mobile-nav{margin-left:1.6rem}}@media only screen and (max-width:599px){#bloghash-header-inner .bloghash-widget-wrapper,.bloghash-header-element,.bloghash-header-widgets .bloghash-header-widget{position:static}.bloghash-header-widgets .dropdown-item:after{display:none}.page-header>.bloghash-container{-webkit-box-align:start;-ms-flex-align:start;align-items:flex-start;-webkit-box-orient:vertical;-webkit-box-direction:normal;-ms-flex-direction:column;flex-direction:column}}@media only screen and (max-width:480px){#page{min-height:-webkit-fill-available}}@media only screen and (max-width:960px){#bloghash-topbar>.bloghash-container>.bloghash-flex-row>div .bloghash-topbar-widget{padding-top:.6rem;padding-bottom:.6rem}#bloghash-topbar .bloghash-topbar-widget{padding-left:.8rem;padding-right:.8rem}.bloghash-topbar__separators-regular #bloghash-topbar .bloghash-topbar-widget:after{margin-left:.8rem}#main>.bloghash-container{display:block}#primary{max-width:100%!important;padding-left:0!important;padding-right:0!important;margin-top:4rem}.site-main #secondary{width:100%;margin-top:4rem}}@media all and (-ms-high-contrast:none),(-ms-high-contrast:active){.site .bloghash-flex-row:after{content:'';display:block;min-height:inherit;font-size:0}.bloghash-btn{height:1rem}#main>.bloghash-container #primary{-ms-flex-preferred-size:0%;flex-basis:0%}}.bloghash-btn{background-color:var(--bloghash-primary)}#bloghash-topbar .bloghash-topbar-widget__text .bloghash-icon{color:var(--bloghash-primary)}#masthead .bloghash-header-widgets .dropdown-item:after,.bloghash-nav>ul .sub-menu:after{border-bottom-color:var(--bloghash-primary);outline:none!important}.bloghash-header-widgets .dropdown-item,.bloghash-nav .sub-menu{border-top-color:var(--bloghash-primary)}::-webkit-selection{background-color:var(--bloghash-primary);color:var(--bloghash-white)}::-webkit-scrollbar-thumb{background:rgba(0,0,0,.2)}::-webkit-scrollbar-thumb:hover{background:rgba(0,0,0,.4)}.mr-1{margin-right:.4rem}a.bloghash-btn i{font-size:105%;vertical-align:baseline}a.bloghash-btn i:before{display:inline-block;vertical-align:middle}a.bloghash-btn span{vertical-align:baseline;line-height:normal}@media (prefers-reduced-motion:reduce){*{animation-duration:0s!important}}.bloghash-glassmorphism{position:fixed;right:0;left:0;bottom:0;display:flex;overflow:hidden;z-index:-1}.bloghash-glassmorphism .block{width:28.8rem;height:28.8rem;filter:blur(64px);mix-blend-mode:multiply;border-radius:999px;display:block;opacity:.1}.bloghash-glassmorphism .block.one{margin-top:5rem;background-color:rgba(239,35,60)}.bloghash-glassmorphism .block.two{margin-top:16rem;margin-left:-8rem;background-color:rgba(4,134,139)}@media only screen and (min-width:768px){.bloghash-glassmorphism{top:4rem}}@media only screen and (min-width:1024px){.bloghash-glassmorphism .block{width:38.4rem;height:38.4rem}}@media only screen and (min-width:1280px){.bloghash-glassmorphism{top:8rem}}.post-category .cat-links a.cat-31{color:#f43676;background:#fdd7e4}:root{--bloghash-primary:#f43676;--bloghash-primary_80:#fdd7e4;--bloghash-primary_15:#f6558b;--bloghash-primary_27:rgba(244,54,118,.27);--bloghash-primary_10:rgba(244,54,118,.1)}#bloghash-topbar{background:#f43676;background:-webkit-linear-gradient(45deg,#f43676 0,rgba(226,181,181,.39) 100%);background:-o-linear-gradient(45deg,#f43676 0,rgba(226,181,181,.39) 100%);background:linear-gradient(45deg,#f43676 0,rgba(226,181,181,.39) 100%)}#bloghash-topbar{border-style:solid}.bloghash-topbar-widget:after{background-color:#ccc}#bloghash-topbar{color:#002050}.bloghash-topbar-widget .bloghash-nav>ul>li>a,#bloghash-topbar .bloghash-topbar-widget__text .bloghash-icon{color:#302d55}#bloghash-header-inner{background:#fff}#bloghash-header,.bloghash-header-widgets a:not(.bloghash-btn),.bloghash-logo a,.bloghash-hamburger{color:#131315}#bloghash-header-inner{border-color:rgba(185,185,185,.4);border-bottom-width:1px}.bloghash-header-widget:after{background-color:#ccc}@media screen and (max-width:960px){#bloghash-header-inner .bloghash-nav{display:none;color:#000}.bloghash-mobile-toggen,.bloghash-mobile-nav{display:inline-flex}#bloghash-header-inner{position:relative}#bloghash-header-inner .bloghash-nav>ul>li>a{color:inherit}#bloghash-header-inner .site-navigation{display:none;position:absolute;top:100%;width:100%;height:100%;min-height:100vh;left:0;right:0;margin:-1px 0 0;background:#fff;border-top:1px solid #eaeaea;box-shadow:0 15px 25px -10px rgba(50,52,54,.125);z-index:999;font-size:1.7rem;padding:0}#bloghash-header-inner .site-navigation>ul{overflow-y:auto;max-height:68vh;display:block}#bloghash-header-inner .site-navigation>ul>li>a{padding:0!important}#bloghash-header-inner .site-navigation>ul li{display:block;width:100%;padding:0;margin:0;margin-left:0!important}#bloghash-header-inner .site-navigation>ul .sub-menu{position:static;display:none;border:none;box-shadow:none;border:0;opacity:1;visibility:visible;font-size:1.7rem;transform:none;background:#f8f8f8;min-width:initial;left:0;padding:0;margin:0;border-radius:0;line-height:inherit}#bloghash-header-inner .site-navigation>ul .sub-menu>li>a>span{padding-left:50px!important}#bloghash-header-inner .site-navigation>ul .sub-menu a>span{padding:10px 30px 10px 50px}#bloghash-header-inner .site-navigation>ul a{padding:0;position:relative;background:0 0}#bloghash-header-inner .site-navigation>ul li{border-bottom:1px solid #eaeaea}#bloghash-header-inner .site-navigation>ul>li:last-child{border-bottom:0}#bloghash-header-inner .site-navigation>ul a>span{padding:10px 30px!important;width:100%;display:block}#bloghash-header-inner .site-navigation>ul a>span:after,#bloghash-header-inner .site-navigation>ul a>span:before{display:none!important}#bloghash-header-inner .site-navigation>ul .menu-item-has-children>a{display:inline-flex;width:100%;max-width:calc(100% - 50px)}#bloghash-header-inner .bloghash-nav .menu-item-has-children>a>span{border-right:1px solid rgba(185,185,185,.4)}#bloghash-header-inner .bloghash-nav .menu-item-has-children>a>.bloghash-icon{transform:none;width:50px;margin:0;position:absolute;right:0;height:1em;display:none}.bloghash-mobile-toggen{width:50px;height:1em;background:0 0;border:none}.bloghash-mobile-toggen .bloghash-icon{transform:none;width:50px;margin:0;position:absolute;right:0;height:1em}}.bloghash-nav.bloghash-header-element,.bloghash-header-layout-1 .bloghash-header-widgets{font-weight:600;font-family:"Inter Tight",Helvetica,Arial,sans-serif;font-size:1.7rem;line-height:1.5}#secondary{width:30%}body:not(.bloghash-no-sidebar) #primary{max-width:70%}.bloghash-layout__boxed-separated #content>article,.bloghash-layout__boxed-separated.bloghash-sidebar-style-2 #secondary .bloghash-widget{background-color:#fff}body{color:#002050}a{color:#302d55}:root{--bloghash-secondary:#302d55}.bloghash-container{max-width:1480px}.bloghash-logo img{max-height:45px}.bloghash-logo .logo-inner{margin-top:27px;margin-right:10px;margin-bottom:27px;margin-left:10px}@media only screen and (max-width:768px){.bloghash-logo .logo-inner{margin-top:25px;margin-right:1px;margin-bottom:25px}}.page-header{background:rgba(244,54,118,.1)}.page-header{border-color:rgba(0,0,0,.062);border-style:solid;border-bottom-width:1px}.bloghash-breadcrumbs{padding-top:15px;padding-bottom:15px}html{font-size:62.5%}@media only screen and (max-width:768px){html{font-size:53%}}@media only screen and (max-width:480px){html{font-size:50%}}*{-moz-osx-font-smoothing:grayscale;-webkit-font-smoothing:antialiased}body{font-weight:400;font-family:"Be Vietnam Pro",Helvetica,Arial,sans-serif;font-size:1.7rem;line-height:1.75}.bloghash-btn{color:#fff;border-color:rgba(0,0,0,.12);border-width:.1rem;border-top-left-radius:.8rem;border-top-right-radius:.8rem;border-bottom-right-radius:.8rem;border-bottom-left-radius:.8rem}.bloghash-btn{font-weight:500;font-family:"Be Vietnam Pro",Helvetica,Arial,sans-serif;font-size:1.8rem}.ss-on-media-wrapper .ss-social-icons-container>li>.ss-ss-on-media-button,.ss-popup-overlay .ss-copy-action .ss-button,.ss-popup-overlay .ss-popup .ss-close-modal,.ss-popup-overlay .ss-popup .ss-popup-networks .ss-popup-network>a{border:0;text-shadow:none;-webkit-box-shadow:none;box-shadow:none;outline:0;text-decoration:none;text-transform:none;letter-spacing:0}.ss-on-media-wrapper .ss-social-icons-container>li>.ss-pinit-button,.ss-social-icons-container>li .ss-ss-on-media-button:after{outline:0}.ss-svg-icon{height:16px;width:auto;vertical-align:text-bottom;fill:currentColor}.ss-envelope-color{background-color:#323b43}.ss-facebook-color{background-color:#1877f2}.ss-twitter-color{background-color:#000}.ss-linkedin-color{background-color:#2867b2}.ss-pinterest-color{background-color:#bd081c}.ss-copy-color{background-color:#323b43}.ss-print-color{background-color:#323b43}.ss-mix-color{background-color:#ff8226}.ss-clearfix:after{content:"";display:table;clear:both}:root{--ss-wpadminbar-height:0px}.ss-on-media-image-wrap{display:inline-block!important;position:relative!important;line-height:0}.ss-on-media-image-wrap>img{margin:0!important}.ss-on-media-container{position:relative;margin:0!important;line-height:0}.ss-on-media-container.wp-post-image{text-align:center}.ss-on-media-wrapper{display:none}.ss-on-media-wrapper.ss-on-media-always-visible .ss-social-icons-container{opacity:1}.ss-on-media-wrapper .ss-social-icons-container{opacity:0;position:absolute;z-index:1;display:-webkit-box;display:-ms-flexbox;display:flex;padding:0!important;max-width:initial!important}.ss-on-media-wrapper .ss-social-icons-container>li{display:inline-block;float:left}.ss-on-media-wrapper .ss-social-icons-container>li>.ss-ss-on-media-button{display:-webkit-inline-box;display:-ms-inline-flexbox;display:inline-flex}.ss-on-media-wrapper .ss-social-icons-container>li>.ss-ss-on-media-button span{position:relative}.ss-on-media-wrapper .ss-social-icons-container>li>.ss-pinit-button{-webkit-box-orient:horizontal;-webkit-box-direction:normal;-ms-flex-direction:row;flex-direction:row;white-space:nowrap;font-family:-apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,Oxygen-Sans,Ubuntu,Cantarell,Arial,"Helvetica Neue",sans-serif;font-weight:400;height:auto!important;width:auto!important;line-height:1!important;padding:10px 16px}.ss-on-media-wrapper .ss-social-icons-container>li>.ss-pinit-button .ss-on-media-content{display:-webkit-box;display:-ms-flexbox;display:flex}.ss-on-media-wrapper .ss-social-icons-container>li>.ss-pinit-button svg{width:auto;margin-right:6px}.ss-on-media-wrapper.ss-top-left-on-media .ss-social-icons-container{top:15px;left:15px}.ss-on-media-wrapper.ss-with-spacing.ss-top-left-on-media .ss-social-icons-container{left:12px}.ss-on-media-wrapper.ss-regular-icons .ss-social-icons-container>li>.ss-pinit-button{padding:12px 18px}.ss-popup-overlay{display:none;font-family:-apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,Oxygen-Sans,Ubuntu,Cantarell,Arial,"Helvetica Neue",sans-serif;-webkit-font-smoothing:initial;content:"";position:fixed;top:0;bottom:0;left:0;right:0;z-index:99999;background:rgba(202,202,202,.75);opacity:0}.ss-popup-overlay .ss-copy-action{position:relative;display:none}.ss-popup-overlay .ss-copy-action .ss-copy-action-field{border:1px solid rgba(0,0,0,.1);border-radius:2px;color:#323b43;font-family:inherit;font-size:16px;-webkit-box-sizing:border-box;box-sizing:border-box;width:100%;height:48px!important;line-height:48px!important;padding:0 120px 0 50px!important;text-shadow:none;-webkit-box-shadow:none;box-shadow:none;outline:0;background-color:#fff;margin:0}.ss-popup-overlay .ss-copy-action .ss-button{font-weight:400;font-family:inherit;position:absolute;right:6px;top:5px;background-color:#557ceb;color:#fff;padding:0;line-height:38px;height:38px;width:105px;font-size:16px;z-index:9;border-radius:2px}.ss-popup-overlay .ss-copy-action svg{position:absolute;height:24px;width:24px;top:50%;left:15px;margin-top:-12px;fill:#dadada}.ss-popup-overlay .ss-popup{opacity:0;border-radius:2px;max-width:90%;max-height:90%;width:720px;height:auto}.ss-popup-overlay .ss-popup .ss-popup-heading{display:block;display:-webkit-box;display:-ms-flexbox;display:flex;-webkit-box-align:center;-ms-flex-align:center;align-items:center;font-size:16px;font-weight:300;color:#323b43;background-color:#fff;line-height:58px;height:58px;padding:0 0 0 24px;margin:0;border-top-left-radius:4px;border-top-right-radius:4px}.ss-popup-overlay .ss-popup .ss-close-modal{margin-left:auto;padding:0 24px;height:100%;display:-webkit-box;display:-ms-flexbox;display:flex;-webkit-box-align:center;-ms-flex-align:center;align-items:center;color:#a9a9a9}.ss-popup-overlay .ss-popup .ss-close-modal svg{width:16px;height:16px}.ss-popup-overlay .ss-popup .ss-popup-content{position:relative;top:3px;left:0;right:0;bottom:0;max-height:70vh;background-color:#fff;overflow-y:scroll;padding:24px 24px 20px;border-bottom-left-radius:4px;border-bottom-right-radius:4px}.ss-popup-overlay .ss-popup .ss-popup-networks{display:-webkit-box;display:-ms-flexbox;display:flex;-webkit-box-orient:horizontal;-webkit-box-direction:normal;-ms-flex-direction:row;flex-direction:row;-ms-flex-wrap:wrap;flex-wrap:wrap;margin:0 -6px}.ss-popup-overlay .ss-popup .ss-popup-networks .ss-popup-network{-webkit-box-sizing:border-box;box-sizing:border-box;width:33.33%;padding:0 6px 6px;-ms-flex-negative:0;flex-shrink:0;float:left;display:inline-block}.ss-popup-overlay .ss-popup .ss-popup-networks .ss-popup-network>a{position:relative;-webkit-box-sizing:border-box;box-sizing:border-box;height:40px;padding:0 15px 0 0;display:-webkit-box;display:-ms-flexbox;display:flex;line-height:40px;-webkit-box-align:center;-ms-flex-align:center;align-items:center;-webkit-box-orient:horizontal;-webkit-box-direction:normal;-ms-flex-direction:row;flex-direction:row;color:#fff;border-radius:2px;font-weight:500;font-size:13px;vertical-align:middle;-webkit-backface-visibility:hidden;white-space:nowrap;text-overflow:ellipsis}.ss-popup-overlay .ss-popup .ss-popup-networks .ss-popup-network>a span:first-child{position:relative;z-index:2;height:40px;width:40px;text-align:center;line-height:40px;font-size:16px;margin-right:10px;background-color:rgba(0,0,0,.15);display:-webkit-box;display:-ms-flexbox;display:flex;-webkit-box-align:center;-ms-flex-align:center;align-items:center}.ss-popup-overlay .ss-popup .ss-popup-networks .ss-popup-network>a svg{fill:#fff;height:16px;width:inherit;z-index:1}.ss-popup-overlay .ss-popup .ss-popup-networks .ss-popup-network>a span:first-child:before{content:"";position:absolute;left:0;top:0;background-color:rgba(0,0,0,.1)}.ss-popup-overlay .ss-popup .ss-popup-networks .ss-popup-network>a span{position:relative;z-index:3}.ss-popup-overlay .ss-popup .ss-popup-networks .ss-popup-network>a:before{position:absolute;content:"";background-color:rgba(255,255,255,0);top:0;left:0;bottom:0;right:0;z-index:1}.ss-share-network-tooltip{font-family:-apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,Oxygen-Sans,Ubuntu,Cantarell,Arial,"Helvetica Neue",sans-serif;-webkit-font-smoothing:initial;position:absolute;line-height:1;left:100%;margin-left:12px;background-color:rgba(56,70,84,.85);top:50%;width:auto;white-space:nowrap;padding:8px 10px;border-radius:2px;font-size:12px;color:rgba(255,255,255,.9);z-index:2;opacity:0;-webkit-transform:translateX(-7px) translateY(-50%);-ms-transform:translateX(-7px) translateY(-50%);transform:translateX(-7px) translateY(-50%)}.ss-copy-action .ss-share-network-tooltip{left:auto;margin-left:0;right:100%;margin-right:12px;-webkit-transform:translateX(7px) translateY(-50%);-ms-transform:translateX(7px) translateY(-50%);transform:translateX(7px) translateY(-50%)}.ss-social-icons-container>li .ss-ss-on-media-button:after{content:"";background-color:rgba(0,0,0,0);position:absolute;top:0;left:0;right:0;bottom:0;z-index:1}.ss-on-media-wrapper.ss-circle-icons .ss-social-icons-container>li>.ss-ss-on-media-button{border-radius:52px}.ss-on-media-wrapper.ss-with-spacing .ss-social-icons-container>li{padding:0 3px!important}.ss-on-media-wrapper{font-family:-apple-system,BlinkMacSystemFont,"Segoe UI",Roboto,Oxygen-Sans,Ubuntu,Cantarell,Arial,"Helvetica Neue",sans-serif}.ss-on-media-wrapper .ss-social-icons-container{margin:0!important;padding:0;list-style:none}.ss-on-media-wrapper .ss-social-icons-container>li{position:relative;list-style:none;margin:0;padding:0}.ss-on-media-wrapper .ss-social-icons-container>li:before{display:none}.ss-on-media-wrapper .ss-social-icons-container>li>.ss-ss-on-media-button{position:relative;-webkit-box-sizing:border-box;box-sizing:border-box;-webkit-box-align:center;-ms-flex-align:center;align-items:center;-webkit-box-pack:center;-ms-flex-pack:center;justify-content:center;text-align:center;width:52px;height:52px;line-height:52px;color:#fff;overflow:hidden;vertical-align:middle;font-size:16px;text-decoration:none!important}.ss-on-media-wrapper .ss-social-icons-container>li>.ss-ss-on-media-button svg{height:16px;width:inherit;z-index:1}@media screen and (max-width:782px){.ss-popup-overlay .ss-popup .ss-popup-networks .ss-popup-network{width:50%}}@media screen and (max-width:500px){.ss-popup-overlay .ss-popup .ss-popup-networks .ss-popup-network{width:100%}}
Java 22 brings security enhancements by StuffsEarth - StuffsEarth
Skip to content
Posted by
Alienx
March 22, 2024
Java Development Kit (JDK) 22, released by Oracle March 19 as the latest version of standard Java, offers a number of security enhancements, covering areas ranging from an asymmetric key interface to a new security
option for -XshowSettings
that allows developers to easily display security-related settings.
In a March 20 blog post on Oracle’s inside.java web page, Sean Mullan, technical lead of the Java Security libraries team and lead of the OpenJDK Security Group, detailed the security enhancements in JDK 22.
The java -Xshowsettings
option, which can be used to print system settings and other useful information about the current JDK configuration, has been enhanced to show details about security-related settings. -Xshowsettings:security
will show all security settings. Other options will show the values of security properties, the installed security providers and their supported algorithms, or the enabled TLS protocols and cipher suites.
For cryptography, a new standard interface, java.security.AsymmetricKey
, has been added. It is a subinterface of java.security.key
and represents an asymmetric key, which can either be private or public. Existing java.security.PublicKey
and java.security.PrivateKey
classes have been retrofitted to be subinterfaces of AsymmetricKey
. As future asymmetric algorithms are introduced, the AsymmetricKey
interface will allow earlier versions of Java SE to more easily support new asymmetric algorithms representing parameters as a NamedParameterSpec
, Mullan said.
Also, the jdk.crytpo.ec
module has been deprecated, with the intent to eventually remove it. All code from the jdk.crytp.ec
module has been moved to the java.base
module, including the SunEC
security provider. The jdk.crypto.ec
module is now empty but still exists. This change will make it easier to deploy applications depending on elliptic curve cryptographic algorithims.
For PKI (public key infrastructure), 10 new root CA certificates have been added to the cacerts
keystore, including three eMudhra Technologies root CA certificates, four DigiCert root CA certificates, and one each from Let’s Encrypt, Telia, and Certigna.
For TLS (Transport Layer Security), additional properties were added to control the maximum length of client and server certificate chains. And for XML signatures, the JDK implementation now supports XML signatures signed with RSA signature algorithms with SHA-3 digests.
JDK 22 extends functionaility for JCE (Java Cryptography Extension) support for the HSS/LMS signature algorithm, adding HSS/LMS support to jarsigner
and keytool
utilities. Also, jarsigner
now supports signing and verifying JAR files with the HSS/LMS algorithm while keytool
now supports generation of HSS/LMS public key pairs. However, JDK only supports HSS/LMS signature verification. Developers will need a third-party provider to sign JAR files with HSS/LMS.
Copyright © 2024 IDG Communications, Inc.
Reference :
Reference link
Scroll to Top