Also, although we haven't standardized the keystore types, there is still a
possibility that different providers using the same storetype name. How can we
ensure everyone honoring the security property?
Max
On Jan 19, 2013, at 17:28, Weijun Wang <weijun.w...@oracle.com> wrote:
>
>
> + /**
> + * Gets the name of the protection algorithm.
> + * If none was set then the default algorithm name is returned.
> + * The default algorithm name for a given keystore type is set using
> the
> + * {@code 'keystore.<type>.entryProtectionAlgorithm'} Security
> property.
> + * For example, the
> + * {@code keystore.PKCS12.entryProtectionAlgorithm} property stores
> the
> + * name of the default entry protection algorithm used for PKCS12
> + * keystores.
> + *
> I didn't see the security property used in the pkcs12 codes.
>
> -Max
> On Jan 19, 2013, at 3:53, Vincent Ryan <vincent.x.r...@oracle.com> wrote:
>
>> Hello,
>>
>> Please review the fix for 8006591. It introduces a mechanism to enable
>> stronger PBE algorithms to be specified when encrypting a keystore entry.
>> This allows developers to make use of the new PBE algorithms delivered in
>> JEP-121. Note however that PKCS12 is currently the only keystore that
>> supports this new feature.
>>
>> It is a component of the JEP-166 delivery.
>>
>> Webrev: http://cr.openjdk.java.net/~vinnie/8006591/webrev.00/
>>
>> Thanks.
