[jdk11u-dev] RFR: 8140466: ChaCha20 and Poly1305 TLS Cipher Suites
Martin Doerr
mdoerr at openjdk.java.net
Thu Jun 24 13:14:34 UTC 2021
On Wed, 23 Jun 2021 13:46:57 GMT, Alexey Bakhtin <abakhtin at openjdk.org> wrote:
> This backport adds ChaCha20 cipher suites to 11u implementation for TLSv1.3 and TLSv1.2 protocols.
> TLS_CHACHA20_POLY1305_SHA256 is one of the cipher suites SHOULD be implemented according to rfc8446 [1].
>
> The original patch applies almost clean except for the test/jdk/javax/net/ssl/TLSCommon/CipherSuite.java file - the list of cipher suites was reordered by JDK-8210632 [2]
>
> Also, I had to update two jtreg tests with ChaCha cipher suites:
> test/jdk/javax/net/ssl/sanity/ciphersuites/CheckCipherSuites.java is updated because of JDK-8217579 [3] backport to 11u missed CHACHA20 cipher suites
>
> test/jdk/javax/net/ssl/sanity/ciphersuites/CipherSuitesInOrder.java is updated because of JDK-8234728 [4] backport to 11u missed CHACHA20 cipher suites
>
> sun/security/ssl and javax/net/ssl tests passed
>
> [1] - https://datatracker.ietf.org/doc/html/rfc8446
> [2] - https://bugs.openjdk.java.net/browse/JDK-8210632
> [3] - https://bugs.openjdk.java.net/browse/JDK-8217579
> [4] - https://bugs.openjdk.java.net/browse/JDK-8234728
Looks good. Thanks for backporting!
-------------
Marked as reviewed by mdoerr (Reviewer).
PR: https://git.openjdk.java.net/jdk11u-dev/pull/59
More information about the jdk-updates-dev
mailing list