On Thu, 11 Jun 2026 00:37:42 GMT, Hai-May Chao <[email protected]> wrote:
> This change adds the `jdk.crypto.legacyAlgorithms` security property to > `java.security`. At the JCE layer, the JDK checks this property and emits a > runtime warning when a configured legacy algorithm is requested. > > --------- > - [x] I confirm that I make this contribution in accordance with the [OpenJDK > Interim AI Policy](https://openjdk.org/legal/ai). src/java.base/share/classes/sun/security/util/CryptoAlgorithmConstraints.java line 62: > 60: > 61: private static class DisabledHolder { > 62: static final CryptoAlgorithmConstraints DISABLED_CONSTRAINTS = These holder fields can be private since Java 11 introduced nest access. src/java.base/share/classes/sun/security/util/CryptoAlgorithmConstraints.java line 91: > 89: } > 90: > 91: public static void warn(String service, String alg, Class<?> > callerClass) { This API requires all caller to capture the caller class even when service and algorithm combination is not legacy. Can this be made cheaper by splitting the service and algorithm detection to another cheaper method that doesn't capture the caller? ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/31472#discussion_r3393226001 PR Review Comment: https://git.openjdk.org/jdk/pull/31472#discussion_r3393287550
