Hi Brad,
Looks pretty good. You should also send this to build-dev to review the
Makefile changes. Just a few comments:
- src/java.base/share/conf/security/policy/README.txt
17 contain no restrictions on cryptographic strengths, but they must
s/must/must be/
18 specifically activated by updating the "crypto.policy" entry in the
s/entry/Security property/
33 Please see The Java(TM) Cryptography Architecture (JCA) Reference
Is "TM" really necessary here?
-
src/java.base/share/conf/security/policy/unlimited/default_US_export.policy
1 // Manufacturing policy file.
The term "Manufacturing" is odd. Can we just say this is the "Default
local policy file"?
- src/java.base/share/conf/security/java.security
854 crypto.policy=policydir-tbd
The policydir-tbd value is a little confusing in that it isn't a real
value. What about just setting this to the empty string?
- src/java.base/share/classes/javax/crypto/JceSecurity.java
255 String cryptoPolicyDir =
Security.getProperty("crypto.policy");
256 Path cryptoPolicyPath = Paths.get(cryptoPolicyDir);
What happens if crypto.policy is not set or is set to ""?
302 // I/O error encounted during the iteration,
s/encounted/encountered/
--Sean
On 08/04/2016 03:35 PM, Bradford Wetmore wrote:
https://bugs.openjdk.java.net/browse/JDK-8061842
http://cr.openjdk.java.net/~wetmore/8061842/webrev.00/
The proposal is to move the configuration files from the jar files in
<java-home>/lib/security to a series of subdirectories under a new
"policy" subdirectory in <java-home>/conf/security. Each subdirectory
within that directory will represent a complete policy configuration.
The existing jar files will be split into flat text files such that the
current/existing policies remain.
The default set of policy files (i.e. directory) is configured using a
new java.security.Security property called "crypto.policy" which will be
added to the <java-home>/conf/security/java.security file. The default
initial options are "limited" or "unlimited", however additional
directories could potentially be created that specify other
as-yet-unknown policies.
The default value of this property will be "limited" which corresponds
to our current policy for JRE/JDK export/import around the world.
However, the build respects the following "configure" option:
--enable-unlimited-crypto
Enable unlimited crypto policy [disabled]
Within the directory, our implementation will look for files using the
standard filename prefix above ("default_" or "exempt_"), thus new
additional policy restrictions/abstractions can be added with a simple
file addition.
Brad
