Code Review Request, JDK-8178728 Check the AlgorithmParameters in algorithm constraints
Xuelei Fan
xuelei.fan at oracle.com
Tue Jun 6 23:04:14 UTC 2017
New webrev:
http://cr.openjdk.java.net/~xuelei/8178728/webrev.01/
On 6/6/2017 1:45 PM, Anthony Scarpino wrote:
> On 06/05/2017 02:15 PM, Xuelei Fan wrote:
>> Hi,
>>
>> Please review the JDK 10 update:
>> http://cr.openjdk.java.net/~xuelei/8178728/webrev.00/
>>
>> This update extends the DisabledAlgorithmConstraints implementation by
>> checking the AlgorithmParameters, which is ignored at present.
>>
>> Thanks,
>> Xuelei
>
> I'm find with the change, but I have an organizational requests
>
> DisabledAlgorithmConstraints.java:253-264:
> Can you move DH/DiffieHellman string value checking into a method in
> AlgorithmDecomposer? All the algorithm name details are handling in
> there. Just to be consistent in keeping them in one place.
>
Good points. Updated accordingly.
I'm not very sure of the impact to decompose the general algorithm names
yet. So I just add a more method (getAliases()), and not touch on the
decomposes() method.
Thanks,
Xuelei
More information about the security-dev
mailing list