Please review these changes to add DES/3DES/MD5 to `jdk.security.legacyAlgorithms` security property, and to add the legacy algorithm constraint checking to `keytool` commands that are associated with secret key entries stored in the keystore. These `keytool` commands are -genseckey, -importpass, -list, and -importkeystore. As a result, `keytool` will be able to generate warnings when it detects that the secret key based algorithms and PBE based Mac and cipher algorithms are weak. Also removes the "This algorithm will be disabled in a future update.” from the existing warnings for the asymmetric keys/certificates. Will also file a CSR.
------------- Commit messages: - 8255552: Add DES/3DES/MD5 to jdk.security.legacyAlgorithms Changes: https://git.openjdk.java.net/jdk/pull/8300/files Webrev: https://webrevs.openjdk.java.net/?repo=jdk&pr=8300&range=00 Issue: https://bugs.openjdk.java.net/browse/JDK-8255552 Stats: 319 lines in 7 files changed: 233 ins; 0 del; 86 mod Patch: https://git.openjdk.java.net/jdk/pull/8300.diff Fetch: git fetch https://git.openjdk.java.net/jdk pull/8300/head:pull/8300 PR: https://git.openjdk.java.net/jdk/pull/8300
