On 14/06/2016 04:28, Wang Weijun wrote:
OK, please take a review at the new version at
http://cr.openjdk.java.net/~weijun/8130302/webrev.04/
Changes from webrev.03:
1. The new option name -addprovider is used, along with the changes in
Resources.java.
2. In KeyStoreUtil::loadProviderByClass, special treatment for
"sun.security.pkcs11.SunPKCS11" and
"com.oracle.security.crypto.UcryptoProvider".
3. In KeyStoreUtil::loadProviderByName, check if the name is already loaded,
configure and add it if necessary. As I said in my previous mail, this can be
useful if something like SunPKCS11 is defined inside java.base.
4. Valarie asked me to bring in a change to the OracleUcrypto provider, which
allows arbitrary config file. Changes are inside java.policy and
UcryptoProvider.java.
I assume someone folks on security libraries will review this. A general
comment is that the options looks good to me. A minor comment is that
the I assume it should be "class name" rather than "classname" in usage
message.
-Alan.