> Please review these changes to add DES/3DES/MD5 to > `jdk.security.legacyAlgorithms` security property, and to add the legacy > algorithm constraint checking to `keytool` commands that are associated with > secret key entries stored in the keystore. These `keytool` commands are > -genseckey, -importpass, -list, and -importkeystore. As a result, `keytool` > will be able to generate warnings when it detects that the secret key based > algorithms and PBE based Mac and cipher algorithms are weak. Also removes the > "This algorithm will be disabled in a future update.” from the existing > warnings for the asymmetric keys/certificates. > Will also file a CSR.
Hai-May Chao has updated the pull request incrementally with one additional commit since the last revision: Skip alg constraint check for PBE secret key entry ------------- Changes: - all: https://git.openjdk.java.net/jdk/pull/8300/files - new: https://git.openjdk.java.net/jdk/pull/8300/files/19afc42e..664f116a Webrevs: - full: https://webrevs.openjdk.java.net/?repo=jdk&pr=8300&range=07 - incr: https://webrevs.openjdk.java.net/?repo=jdk&pr=8300&range=06-07 Stats: 30 lines in 2 files changed: 13 ins; 13 del; 4 mod Patch: https://git.openjdk.java.net/jdk/pull/8300.diff Fetch: git fetch https://git.openjdk.java.net/jdk pull/8300/head:pull/8300 PR: https://git.openjdk.java.net/jdk/pull/8300
