Hi Weijun,Are you available to review my fix for CR 7106773? The fix in JSSE part is straightforward in that the call to SignatureAndHashAlgorithm.getPreferableAlgorithm() needs an additional Key parameter for RSA key exchanges. The significant change is at sun/security/util/DisabledAlgorithmConstraints.java. I modified the code in order to get the key size of the unextractable key in PKCS#11 device.
webrev: http://cr.openjdk.java.net/~xuelei/7106773/webrev.00/ Thanks, Xuelei
