[11u] RFR(M): 8234728: Some security tests should support TLSv1.3
Lindenmaier, Goetz
goetz.lindenmaier at sap.com
Fri Apr 3 11:26:02 UTC 2020
Hi,
I would like to downport this for parity with 11.0.8-oracle.
http://cr.openjdk.java.net/~goetz/wr20/8234728-security_tests-jdk11/webrev/
Although this change claims it is a test fix, it touches
java.base. It fixes some type-os there.
Some of the comments fixed are not in CipherSuite.java in
11u, so the patch did not apply. I had to skip these.
Also, the change did not cleanly apply to the the test NullHostnameCheck.java
because "8228967: Trust/Key store and SSL context utilities for tests" is not
in 11. I adapted it. The TLS level is now passed to the test.
The change makes TLSCipherSuitesOrder.java fail.
First, it looks for a Cipher Suite not in 11. I removed this.
Second, it depends on a change by "8171279: Support X25519 and
X448 in TLS". This is a big change and only a single function
call is needed. I added only the required changes of 8171279 to
TLSSocketTemplate.java in this change.
I also changed CipherSuitesInOrder.java so that it passes.
I kept the old list of supportedCipherSuites, and
added TLS_AES_128_GCM_SHA256 and TLS_AES_256_GCM_SHA384.
Please review.
Original change:
https://bugs.openjdk.java.net/browse/JDK-8234728
https://hg.openjdk.java.net/jdk/jdk14/rev/fa82151f29c4
More information about the jdk-updates-dev
mailing list