Also, although we haven't standardized the keystore types, there is still a possibility that different providers using the same storetype name. How can we ensure everyone honoring the security property?
Max On Jan 19, 2013, at 17:28, Weijun Wang <weijun.w...@oracle.com> wrote: > > > + /** > + * Gets the name of the protection algorithm. > + * If none was set then the default algorithm name is returned. > + * The default algorithm name for a given keystore type is set using > the > + * {@code 'keystore.<type>.entryProtectionAlgorithm'} Security > property. > + * For example, the > + * {@code keystore.PKCS12.entryProtectionAlgorithm} property stores > the > + * name of the default entry protection algorithm used for PKCS12 > + * keystores. > + * > I didn't see the security property used in the pkcs12 codes. > > -Max > On Jan 19, 2013, at 3:53, Vincent Ryan <vincent.x.r...@oracle.com> wrote: > >> Hello, >> >> Please review the fix for 8006591. It introduces a mechanism to enable >> stronger PBE algorithms to be specified when encrypting a keystore entry. >> This allows developers to make use of the new PBE algorithms delivered in >> JEP-121. Note however that PKCS12 is currently the only keystore that >> supports this new feature. >> >> It is a component of the JEP-166 delivery. >> >> Webrev: http://cr.openjdk.java.net/~vinnie/8006591/webrev.00/ >> >> Thanks.