[jdk11u-dev] RFR: 8140466: ChaCha20 and Poly1305 TLS Cipher Suites
Alexey Bakhtin
abakhtin at openjdk.java.net
Wed Jun 23 14:04:42 UTC 2021
This backport adds ChaCha20 cipher suites to 11u implementation for TLSv1.3 and TLSv1.2 protocols.
TLS_CHACHA20_POLY1305_SHA256 is one of the cipher suites SHOULD be implemented according to rfc8446 [1].
The original patch applies almost clean except for the test/jdk/javax/net/ssl/TLSCommon/CipherSuite.java file - the list of cipher suites was reordered by JDK-8210632 [2]
Also, I had to update two jtreg tests with ChaCha cipher suites:
test/jdk/javax/net/ssl/sanity/ciphersuites/CheckCipherSuites.java is updated because of JDK-8217579 [3] backport to 11u missed CHACHA20 cipher suites
test/jdk/javax/net/ssl/sanity/ciphersuites/CipherSuitesInOrder.java is updated because of JDK-8234728 [4] backport to 11u missed CHACHA20 cipher suites
sun/security/ssl and javax/net/ssl tests passed
[1] - https://datatracker.ietf.org/doc/html/rfc8446
[2] - https://bugs.openjdk.java.net/browse/JDK-8210632
[3] - https://bugs.openjdk.java.net/browse/JDK-8217579
[4] - https://bugs.openjdk.java.net/browse/JDK-8234728
-------------
Commit messages:
- Fix trailing whitespaces
- Backport 962e755c3ac6731566fe9f39520a414628f24ee0
Changes: https://git.openjdk.java.net/jdk11u-dev/pull/59/files
Webrev: https://webrevs.openjdk.java.net/?repo=jdk11u-dev&pr=59&range=00
Issue: https://bugs.openjdk.java.net/browse/JDK-8140466
Stats: 611 lines in 7 files changed: 607 ins; 3 del; 1 mod
Patch: https://git.openjdk.java.net/jdk11u-dev/pull/59.diff
Fetch: git fetch https://git.openjdk.java.net/jdk11u-dev pull/59/head:pull/59
PR: https://git.openjdk.java.net/jdk11u-dev/pull/59
More information about the jdk-updates-dev
mailing list