RFR: 8295803: Console should be usable in jshell and other environments [v2]

Naoto Sato naoto at openjdk.org
Thu Dec 1 19:34:35 UTC 2022


On Thu, 1 Dec 2022 17:53:58 GMT, Weijun Wang <weijun at openjdk.org> wrote:

>> I can still see the password on screen. Here `in` is a `jdk.jshell.execution.Util` so the updated check on line 58 above failed.
>> 
>> $ jshell -C--add-exports -Cjava.base/sun.security.tools.keytool=ALL-UNNAMED -R--add-exports -Rjava.base/sun.security.tools.keytool=ALL-UNNAMED
>> |  Welcome to JShell -- Version 20-internal
>> |  For an introduction type: /help intro
>> 
>> jshell> sun.security.tools.keytool.Main.main("-genkeypair -keyalg EC -alias a -dname CN=A -keystore ks".split(" "))
>> Enter keystore password:  changeit
>> Re-enter new password: changeit
>> Generating 384 bit EC (secp384r1) key pair and self-signed certificate (SHA384withECDSA) with a validity of 90 days
>> 	for: CN=A
>
> What's the expected behavior?

I confirmed that the standalone `keytool` did not echo the input, which should be OK for this IMO.

-------------

PR: https://git.openjdk.org/jdk/pull/11421



More information about the security-dev mailing list