On Fri, 12 Jun 2026 11:13:55 GMT, Hai-May Chao <[email protected]> wrote:
>> This change adds the `jdk.crypto.legacyAlgorithms` security property to >> `java.security`. At the JCE layer, the JDK checks this property and emits a >> runtime warning when a configured legacy algorithm is requested. >> >> --------- >> - [x] I confirm that I make this contribution in accordance with the >> [OpenJDK Interim AI Policy](https://openjdk.org/legal/ai). > > Hai-May Chao has updated the pull request incrementally with one additional > commit since the last revision: > > Split legacy alg detection from capturing the caller src/java.base/share/conf/security/java.security line 831: > 829: # > 830: #jdk.crypto.disabledAlgorithms= > 831: #jdk.crypto.legacyAlgorithms= Let's put the legacy property before the disabled property as it better matches how an algorithm would be restricted by first adding it to the legacy property and then later adding it to the disabled property. ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/31472#discussion_r3437339463
