On Tue, 23 Jun 2026 21:31:44 GMT, Hai-May Chao <[email protected]> wrote:
>> This change adds the `jdk.crypto.legacyAlgorithms` security property to >> `java.security`. At the JCE layer, the JDK checks this property and emits a >> runtime warning when a configured legacy algorithm is requested. >> >> --------- >> - [x] I confirm that I make this contribution in accordance with the >> [OpenJDK Interim AI Policy](https://openjdk.org/legal/ai). > > Hai-May Chao has updated the pull request incrementally with two additional > commits since the last revision: > > - Update java.security > - Update Javadoc for getInstance() src/java.base/share/classes/java/security/KeyStore.java line 870: > 868: * each legacy keystore type. If the keystore type is also disabled, > 869: * the warning will not be shown. > 870: * If the {@systemProperty jdk.crypto.legacyAlgorithms} is set, When the javadoc is rendered, it doesn't say this is a system property, it just says: `If the jdk.crypto.legacyAlgorithms is set,` So, you should add the words "system property" after `{@systemProperty jdk.crypto.legacyAlgorithms}`. The same comment applies to the existing text above this for the `jdk.crypto.disabledAlgorithms` system property - can you also correct that as part of this change? This comment applies to all `getInstance` methods in this PR. src/java.base/share/conf/security/java.security line 821: > 819: # getInstance(...) methods of the supported Service classes, i.e. Cipher, > 820: # KeyStore, MessageDigest, and Signature. If the algorithm is considered > legacy, the > 821: # JDK emits a warning when the algorithm is requested. Let's add 2 more sentences, same as the text in the `getInstance` methods: "This warning is shown once per caller for each legacy algorithm. If the algorithm is also disabled, the warning will not be shown." src/java.base/share/conf/security/java.security line 821: > 819: # getInstance(...) methods of the supported Service classes, i.e. Cipher, > 820: # KeyStore, MessageDigest, and Signature. If the algorithm is considered > legacy, the > 821: # JDK emits a warning when the algorithm is requested. s/a warning/a warning at runtime/ ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/31472#discussion_r3475383834 PR Review Comment: https://git.openjdk.org/jdk/pull/31472#discussion_r3475472977 PR Review Comment: https://git.openjdk.org/jdk/pull/31472#discussion_r3475475606
