Integrated: 8255552: Add DES/3DES/MD5 to jdk.security.legacyAlgorithms
Hai-May Chao
hchao at openjdk.java.net
Wed May 4 20:37:53 UTC 2022
On Tue, 19 Apr 2022 16:08:28 GMT, Hai-May Chao <hchao at openjdk.org> wrote:
> Please review these changes to add DES/3DES/MD5 to `jdk.security.legacyAlgorithms` security property, and to add the legacy algorithm constraint checking to `keytool` commands that are associated with secret key entries stored in the keystore. These `keytool` commands are -genseckey, -importpass, -list, and -importkeystore. As a result, `keytool` will be able to generate warnings when it detects that the secret key based algorithms and PBE based Mac and cipher algorithms are weak. Also removes the "This algorithm will be disabled in a future update.” from the existing warnings for the asymmetric keys/certificates.
> Will also file a CSR.
This pull request has now been integrated.
Changeset: 09e6ee96
Author: Hai-May Chao <hchao at openjdk.org>
URL: https://git.openjdk.java.net/jdk/commit/09e6ee96bd448838491e5e8634a898e248f1c44e
Stats: 362 lines in 6 files changed: 277 ins; 2 del; 83 mod
8255552: Add DES/3DES/MD5 to jdk.security.legacyAlgorithms
Reviewed-by: mullan, weijun
-------------
PR: https://git.openjdk.java.net/jdk/pull/8300
More information about the security-dev
mailing list