On 10/1/18 8:02 PM, Weijun Wang wrote:
On Oct 2, 2018, at 2:49 AM, Sean Mullan <sean.mul...@oracle.com
<mailto:sean.mul...@oracle.com>> wrote:
Looks good. After you update the CSR with these changes, I can review it.
Sure.
How do you think of the following change? Shall I also add it?
Yes.
*diff --git a/src/java.base/share/classes/java/security/KeyStore.java
b/src/java.base/share/classes/java/security/KeyStore.java*
*--- a/src/java.base/share/classes/java/security/KeyStore.java*
*+++ b/src/java.base/share/classes/java/security/KeyStore.java*
@@ -318,7 +318,7 @@
* for a given keystore type is set using the
* {@code 'keystore.<type>.keyProtectionAlgorithm'} security
property.
* For example, the
- * {@code keystore.PKCS12.keyProtectionAlgorithm} property
stores the
+ * {@code keystore.pkcs12.keyProtectionAlgorithm} property
stores the
* name of the default key protection algorithm used for PKCS12
* keystores. If the security property is not set, an
* implementation-specific algorithm will be used.
Shall I add some word to this method saying we should use lowercase or
are we going to live with this lower+UPPER for every keystore type
forever?
No. Let's just continue to check in the code for both variants of the
above property, but remove all references to the upper-case variant from
the javadocs and java.security file.
--Sean
If yes, there will also be some text for its compatibility risk.
Thanks
Max
--Sean
On 9/28/18 9:36 AM, Weijun Wang wrote:
Webrev updated at
http://cr.openjdk.java.net/~weijun/8076190/webrev.04/
<http://cr.openjdk.java.net/%7Eweijun/8076190/webrev.04/>
Major changes:
1. Comment out key=value lines in java.security
2. Fix a bug in PBES2Parameters.java
3. Test no longer depends on openssl. Instead, use openssl to
generate some pkcs12 files and included in the test.
4. A new test KeyProtAlgCompat.java to ensure compatibility on
pkcs12/PKCS12 names
I haven't made any change to KeyStore.java yet. CSR is also not updated.
Thanks
Max
