Re: RFR: 8260693: Provide the support for specifying a signer in keytool -genkeypair [v2]

On Thu, 1 Apr 2021 16:53:31 GMT, Weijun Wang wrote: >> Hai-May Chao has updated the pull request incrementally with one additional >> commit since the last revision: >> >> Updated with review comments > > src/java.base/share/classes/sun/security/tools/keytool/CertAndKeyGen.java > line 88: >

Re: RFR: 8260693: Provide the support for specifying a signer in keytool -genkeypair [v2]

On Thu, 1 Apr 2021 16:34:43 GMT, Hai-May Chao wrote: >> Please review the changes that adds the -signer option to keytool >> -genkeypair command. As key agreement algorithms do not have a signing >> algorithm, the specified signer's private key will be used to sign and >> generate a key

Re: RFR: 8260693: Provide the support for specifying a signer in keytool -genkeypair [v2]

On Thu, 1 Apr 2021 16:25:49 GMT, Hai-May Chao wrote: >> src/java.base/share/classes/sun/security/tools/keytool/Main.java line 1941: >> >>> 1939: signerFlag = true; >>> 1940: >>> 1941: if (keyStore.containsAlias(signerAlias) == false) { >> >> It's probably more precise

Re: RFR: 8260693: Provide the support for specifying a signer in keytool -genkeypair [v2]

On Thu, 1 Apr 2021 16:34:43 GMT, Hai-May Chao wrote: >> Please review the changes that adds the -signer option to keytool >> -genkeypair command. As key agreement algorithms do not have a signing >> algorithm, the specified signer's private key will be used to sign and >> generate a key

Re: RFR: 8260693: Provide the support for specifying a signer in keytool -genkeypair [v2]

On Thu, 1 Apr 2021 16:26:39 GMT, Hai-May Chao wrote: >> src/java.base/share/classes/sun/security/tools/keytool/Main.java line 2013: >> >>> 2011: } >>> 2012: >>> 2013: X509Certificate[] chain = new X509Certificate[1]; >> >> Since the chain might contain one, I'd suggest we just

Re: RFR: 8260693: Provide the support for specifying a signer in keytool -genkeypair [v2]

On Thu, 1 Apr 2021 16:25:13 GMT, Hai-May Chao wrote: >> src/java.base/share/classes/sun/security/tools/keytool/CertAndKeyGen.java >> line 114: >> >>> 112: } >>> 113: >>> 114: /** >> >> The original constructor can be modified to call >> `this(keyType,sigAlg,providerName,null,null)`.

Re: RFR: 8260693: Provide the support for specifying a signer in keytool -genkeypair [v2]

> Please review the changes that adds the -signer option to keytool -genkeypair > command. As key agreement algorithms do not have a signing algorithm, the > specified signer's private key will be used to sign and generate a key > agreement certificate. > CSR review is at:

Re: RFR: 8260693: Provide the support for specifying a signer in keytool -genkeypair [v2]

On Wed, 31 Mar 2021 13:36:39 GMT, Weijun Wang wrote: >> Hai-May Chao has updated the pull request incrementally with one additional >> commit since the last revision: >> >> Updated with review comments > > Some comments on the CSR: > 1. In the "Solution" section, we might need to point out