RFR 8076190: Customizing the generation of a PKCS12 keystore
Weijun Wang
weijun.wang at oracle.com
Tue Oct 2 00:02:10 UTC 2018
> On Oct 2, 2018, at 2:49 AM, Sean Mullan <sean.mullan at oracle.com> wrote:
>
> Looks good. After you update the CSR with these changes, I can review it.
Sure.
How do you think of the following change? Shall I also add it?
diff --git a/src/java.base/share/classes/java/security/KeyStore.java b/src/java.base/share/classes/java/security/KeyStore.java
--- a/src/java.base/share/classes/java/security/KeyStore.java
+++ b/src/java.base/share/classes/java/security/KeyStore.java
@@ -318,7 +318,7 @@
* for a given keystore type is set using the
* {@code 'keystore.<type>.keyProtectionAlgorithm'} security property.
* For example, the
- * {@code keystore.PKCS12.keyProtectionAlgorithm} property stores the
+ * {@code keystore.pkcs12.keyProtectionAlgorithm} property stores the
* name of the default key protection algorithm used for PKCS12
* keystores. If the security property is not set, an
* implementation-specific algorithm will be used.
Shall I add some word to this method saying we should use lowercase or are we going to live with this lower+UPPER for every keystore type forever?
If yes, there will also be some text for its compatibility risk.
Thanks
Max
>
> --Sean
>
> On 9/28/18 9:36 AM, Weijun Wang wrote:
>> Webrev updated at
>> http://cr.openjdk.java.net/~weijun/8076190/webrev.04/
>> Major changes:
>> 1. Comment out key=value lines in java.security
>> 2. Fix a bug in PBES2Parameters.java
>> 3. Test no longer depends on openssl. Instead, use openssl to generate some pkcs12 files and included in the test.
>> 4. A new test KeyProtAlgCompat.java to ensure compatibility on pkcs12/PKCS12 names
>> I haven't made any change to KeyStore.java yet. CSR is also not updated.
>> Thanks
>> Max
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20181002/acab968b/attachment.htm>
More information about the security-dev
mailing list