On Wed, 4 May 2022 20:16:12 GMT, Hai-May Chao <hc...@openjdk.org> wrote:
>> Please review these changes to add DES/3DES/MD5 to >> `jdk.security.legacyAlgorithms` security property, and to add the legacy >> algorithm constraint checking to `keytool` commands that are associated with >> secret key entries stored in the keystore. These `keytool` commands are >> -genseckey, -importpass, -list, and -importkeystore. As a result, `keytool` >> will be able to generate warnings when it detects that the secret key based >> algorithms and PBE based Mac and cipher algorithms are weak. Also removes >> the "This algorithm will be disabled in a future update.” from the existing >> warnings for the asymmetric keys/certificates. >> Will also file a CSR. > > Hai-May Chao has updated the pull request incrementally with one additional > commit since the last revision: > > Updated comment and getKeys() Marked as reviewed by weijun (Reviewer). Most of my comments are all resolved. The cast to `SecretKey` one is not a real issue and I'm OK with it now. ------------- PR: https://git.openjdk.java.net/jdk/pull/8300