RFR: 8282633: jarsigner output does not explain why an EC key is disabled if its curve has been disabled [v2]
Weijun Wang
weijun at openjdk.java.net
Tue Mar 15 15:46:45 UTC 2022
On Tue, 15 Mar 2022 15:37:25 GMT, Hai-May Chao <hchao at openjdk.org> wrote:
>> When a named curve is disabled in `jdk.disabled.namedCurves` property which is included in `jdk.jar.disabledAlgorithms` and `jdk.certpath.disabledAlgorithms`, `jarsigner` should display the disabled named curve as a result of its disabled algorithm constraint checking. This clarifies why an EC key is disabled in its warning and verbose output.
>
> Hai-May Chao has updated the pull request incrementally with one additional commit since the last revision:
>
> Check curve in jdk.security.legacyAlgorithms, and update testcase
Change looks fine to me. Thanks.
-------------
Marked as reviewed by weijun (Reviewer).
PR: https://git.openjdk.java.net/jdk/pull/7810
More information about the security-dev
mailing list