RFR: 8282633: jarsigner output does not explain why an EC key is disabled if its curve has been disabled [v2]

Hai-May Chao hchao at openjdk.java.net
Tue Mar 15 15:37:25 UTC 2022


> When a named curve is disabled in `jdk.disabled.namedCurves` property which is included in `jdk.jar.disabledAlgorithms` and `jdk.certpath.disabledAlgorithms`, `jarsigner` should display the disabled named curve as a result of its disabled algorithm constraint checking. This clarifies why an EC key is disabled in its warning and verbose output.

Hai-May Chao has updated the pull request incrementally with one additional commit since the last revision:

  Check curve in jdk.security.legacyAlgorithms, and update testcase

-------------

Changes:
  - all: https://git.openjdk.java.net/jdk/pull/7810/files
  - new: https://git.openjdk.java.net/jdk/pull/7810/files/cea8113f..993e09fc

Webrevs:
 - full: https://webrevs.openjdk.java.net/?repo=jdk&pr=7810&range=01
 - incr: https://webrevs.openjdk.java.net/?repo=jdk&pr=7810&range=00-01

  Stats: 45 lines in 3 files changed: 36 ins; 1 del; 8 mod
  Patch: https://git.openjdk.java.net/jdk/pull/7810.diff
  Fetch: git fetch https://git.openjdk.java.net/jdk pull/7810/head:pull/7810

PR: https://git.openjdk.java.net/jdk/pull/7810



More information about the security-dev mailing list