On Thu, 11 Jun 2026 04:18:07 GMT, Chen Liang <[email protected]> wrote:
>> Hai-May Chao has updated the pull request incrementally with one additional
>> commit since the last revision:
>>
>> Split legacy alg detection from capturing the caller
>
> src/java.base/share/classes/sun/security/util/CryptoAlgorithmConstraints.java
> line 62:
>
>> 60:
>> 61: private static class DisabledHolder {
>> 62: static final CryptoAlgorithmConstraints DISABLED_CONSTRAINTS =
>
> These holder fields can be private since Java 11 introduced nest access.
Added private.
> src/java.base/share/classes/sun/security/util/CryptoAlgorithmConstraints.java
> line 91:
>
>> 89: }
>> 90:
>> 91: public static void warn(String service, String alg, Class<?>
>> callerClass) {
>
> This API requires all caller to capture the caller class even when service
> and algorithm combination is not legacy. Can this be made cheaper by
> splitting the service and algorithm detection to another cheaper method that
> doesn't capture the caller?
Yes, splitting done. Thanks!
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/31472#discussion_r3402873719
PR Review Comment: https://git.openjdk.org/jdk/pull/31472#discussion_r3402874251
