[11] RFR: JDK-8205111: Develop new Test to verify different key types for supported TLS protocols.

Xuelei Fan xuelei.fan at oracle.com
Thu Jun 21 13:58:06 UTC 2018


Note that rsa_pss_pss cannot work with TLS_RSA_WITH cipher suites, as 
this algorithm is limited to signature whiel TLS_RSA cipher suites need 
key encipherment.  In lines 135-156, you can replace the TLS_RSA cipher 
suite with DHE or ECDHE_RSA.

For the re-handshake part, please read/write something after the call to 
startHandshake() in each side.  Otherwise, the key-update and session 
resumption may not complete before socket close.

Otherwise, looks fine to me.

Thanks,
Xuelei

On 6/20/2018 11:58 PM, Sibabrata Sahoo wrote:
> Hi Xuelei,
> 
> Please review the patch for,
> 
> JBS: https://bugs.openjdk.java.net/browse/JDK-8205111
> 
> Webrev: http://cr.openjdk.java.net/~ssahoo/8205111/webrev.00/
> 
> Change:
> 
> This Test file verifies all TLS protocols with the supported keytypes.
> 
> Thanks,
> 
> Siba
> 


More information about the security-dev mailing list