On Tue, 19 Apr 2022 16:08:28 GMT, Hai-May Chao <hc...@openjdk.org> wrote:
> Please review these changes to add DES/3DES/MD5 to > `jdk.security.legacyAlgorithms` security property, and to add the legacy > algorithm constraint checking to `keytool` commands that are associated with > secret key entries stored in the keystore. These `keytool` commands are > -genseckey, -importpass, -list, and -importkeystore. As a result, `keytool` > will be able to generate warnings when it detects that the secret key based > algorithms and PBE based Mac and cipher algorithms are weak. Also removes the > "This algorithm will be disabled in a future update.” from the existing > warnings for the asymmetric keys/certificates. > Will also file a CSR. This pull request has now been integrated. Changeset: 09e6ee96 Author: Hai-May Chao <hc...@openjdk.org> URL: https://git.openjdk.java.net/jdk/commit/09e6ee96bd448838491e5e8634a898e248f1c44e Stats: 362 lines in 6 files changed: 277 ins; 2 del; 83 mod 8255552: Add DES/3DES/MD5 to jdk.security.legacyAlgorithms Reviewed-by: mullan, weijun ------------- PR: https://git.openjdk.java.net/jdk/pull/8300