RFR: 8244336: Restrict algorithms at JCE layer [v4]
Valerie Peng
valeriep at openjdk.org
Wed Aug 6 04:50:07 UTC 2025
On Tue, 5 Aug 2025 19:43:19 GMT, Artur Barashev <abarashev at openjdk.org> wrote:
>> Valerie Peng has updated the pull request incrementally with one additional commit since the last revision:
>>
>> Added support for overriding the security property with a system
>> property using the same property name.
>
> src/java.base/share/classes/sun/security/util/CryptoAlgorithmConstraints.java line 49:
>
>> 47: private static class CryptoHolder {
>> 48: static final CryptoAlgorithmConstraints CONSTRAINTS =
>> 49: new CryptoAlgorithmConstraints("jdk.crypto.disabledAlgorithms");
>
> Current convention is to declare security property as `public static final String` at the top of the class.
Ok, I can do that as well.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/26377#discussion_r2255852462
More information about the security-dev
mailing list