On Thu, 1 Apr 2021 16:53:31 GMT, Weijun Wang wrote:
>> Hai-May Chao has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> Updated with review comments
>
> src/java.base/share/classes/sun/security/tools/keytool/CertAndKeyGen.java
> line 88:
>
On Thu, 1 Apr 2021 16:34:43 GMT, Hai-May Chao wrote:
>> Please review the changes that adds the -signer option to keytool
>> -genkeypair command. As key agreement algorithms do not have a signing
>> algorithm, the specified signer's private key will be used to sign and
>> generate a key
On Thu, 1 Apr 2021 16:25:49 GMT, Hai-May Chao wrote:
>> src/java.base/share/classes/sun/security/tools/keytool/Main.java line 1941:
>>
>>> 1939: signerFlag = true;
>>> 1940:
>>> 1941: if (keyStore.containsAlias(signerAlias) == false) {
>>
>> It's probably more precise
On Thu, 1 Apr 2021 16:34:43 GMT, Hai-May Chao wrote:
>> Please review the changes that adds the -signer option to keytool
>> -genkeypair command. As key agreement algorithms do not have a signing
>> algorithm, the specified signer's private key will be used to sign and
>> generate a key
On Thu, 1 Apr 2021 16:26:39 GMT, Hai-May Chao wrote:
>> src/java.base/share/classes/sun/security/tools/keytool/Main.java line 2013:
>>
>>> 2011: }
>>> 2012:
>>> 2013: X509Certificate[] chain = new X509Certificate[1];
>>
>> Since the chain might contain one, I'd suggest we just
On Thu, 1 Apr 2021 16:25:13 GMT, Hai-May Chao wrote:
>> src/java.base/share/classes/sun/security/tools/keytool/CertAndKeyGen.java
>> line 114:
>>
>>> 112: }
>>> 113:
>>> 114: /**
>>
>> The original constructor can be modified to call
>> `this(keyType,sigAlg,providerName,null,null)`.
> Please review the changes that adds the -signer option to keytool -genkeypair
> command. As key agreement algorithms do not have a signing algorithm, the
> specified signer's private key will be used to sign and generate a key
> agreement certificate.
> CSR review is at:
On Wed, 31 Mar 2021 13:36:39 GMT, Weijun Wang wrote:
>> Hai-May Chao has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> Updated with review comments
>
> Some comments on the CSR:
> 1. In the "Solution" section, we might need to point out