RFR: 8244336: Restrict algorithms at JCE layer [v8]

Artur Barashev abarashev at openjdk.org
Thu Aug 14 13:42:16 UTC 2025


On Thu, 14 Aug 2025 01:07:47 GMT, Valerie Peng <valeriep at openjdk.org> wrote:

>> test/jdk/java/security/KeyStore/TestDisabledAlgorithms.java line 34:
>> 
>>> 32:  * @run main/othervm -Djdk.crypto.disabledAlgorithms="keystore.jkS" TestDisabledAlgorithms keySTORE.jceKs true
>>> 33:  * @run main/othervm -Djdk.crypto.disabledAlgorithms="KEYstORE.what" TestDisabledAlgorithms KeYStore.JKs false
>>> 34:  * @run main/othervm -Djdk.crypto.disabledAlgorithms="keystOre.jceKS" TestDisabledAlgorithms KEysTORE.JKS false
>> 
>> Why do we set `jdk.crypto.disabledAlgorithms` property on the command line and also inside the test's `main` method?
>
> This is for checking that same-name system property overrides the security property.

I see, thanks!

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/26377#discussion_r2276670657


More information about the security-dev mailing list