[RFR] 8233404: System property to set the number of PBE iterations in JCEKS keystores
Weijun Wang
weijun.wang at oracle.com
Fri Nov 8 03:26:13 UTC 2019
Hi Martin,
Now that this is a system/security property, I suggest clarifying this in java.security. You can see similar words for other such properties like
If the system property x.y.z is also specified, it supersedes the security property value defined here.
Code change looks fine.
I'll read more into the test. It looks like a general test on the privilegedGetOverridable method and there is no read/write of a JCEKS at all (I know it's a bit complex to verify the iteration count). Even so, you haven't cover the case where a system property overriding a security property.
Thanks,
Max
> On Nov 8, 2019, at 12:58 AM, Martin Balao <mbalao at redhat.com> wrote:
>
> Hi,
>
> I'd like to propose Webrev.01 for 8233404 [1]:
>
> * http://cr.openjdk.java.net/~mbalao/webrevs/8233404/8233404.webrev.01/
>
> New in Webrev.01:
>
> * "jdk.jceks.iterationCount" is now a Security property too
> * documented in java.security file
>
> * IterationCount test re-written to cover "jdk.jceks.iterationCount"
> Security property (as well as the System property)
>
> Thanks,
> Martin.-
>
> --
> [1] - https://bugs.openjdk.java.net/browse/JDK-8233404
>
More information about the security-dev
mailing list