> On Dec 16, 2014, at 04:19, Matthew Hall wrote:
>
> It's really useful for things like bootstrapping keystores for symmetric keys.
For a program? It's super easy for a program to create an empty keystore.
>
> Many StackOverflows exist of people doing it manually to "work around" this
> limi
Artem,
Here are my comments:
1) Three tests under com/sun/crypto/provider directory do not specify a
provider when calling Mac.getInstance(). Since they are under the
regression tests directory for SunJCE, perhaps we should specify SunJCE
provider to be used.
2) 'ALGORITHMS' seems redundant f
It's really useful for things like bootstrapping keystores for symmetric keys.
Many StackOverflows exist of people doing it manually to "work around" this
limitation.
I've done it myself especially when working on an identity management
appliance.
Matthew.
On Mon, Dec 15, 2014 at 09:54:53AM +
One further update: introduced a new security property to explicitly disable
compatibility mode
for JKS and PKCS12 keystores. By default, compatibility mode is enabled for JKS
and PKCS12
to aid applications that expect the previous default keystore type (JKS).
http://cr.openjdk.java.net/~vinnie
