RFR[12] JDK-8203687: javax/net/ssl/compatibility/Compatibility.java supports TLS 1.3

sha.jiang at oracle.com sha.jiang at oracle.com
Thu Jan 17 23:42:23 UTC 2019


Hi Xuelei,

On 2019/1/18 02:00, Xuelei Fan wrote:
> Hi John,
>
> Looks fine to me except a minor format comment.
>
> Would you mind check the line length and limit to 80 characters each 
> line?
>
> For example, using "\"  join multiple lines together.
>     // openssl req -x509 -new -key key.pem \
>     //     -subj "/CN=RSA-2048-SHA256" -sha256 -out cer.pem

I should stick to this convention.
Please review this new webrev: 
http://cr.openjdk.java.net/~jjiang/8203687/webrev.01/
Only Cert.java is updated.

Best regards,
John Jiang

>
> Thanks,
> Xuelei
>
> On 1/17/2019 12:26 AM, sha.jiang at oracle.com wrote:
>> Hi,
>> The patch adds TLS 1.3 cases for test 
>> javax/net/ssl/compatibility/Compatibility.java.
>> Beside this enhancement, it also changes the test on the following 
>> points:
>> 1. Re-generate all certificates to use key size 2048 and SHA256 
>> rather than 1024 and SHA1. And new RSA signed EC key certificates are 
>> added.
>> 2. Each JDK build should check if a cipher suite is supported by 
>> itself. It's really unnecessary to maintain a predefined table for it.
>> 3. Uses classes in javax/net/ssl/TLSCommon for defined protocols and 
>> cipher suites. And also adds a new common class for key algorithm.
>> 4. Correct some statements in README.
>>
>> Webrev: http://cr.openjdk.java.net/~jjiang/8203687/webrev.00/
>> Issue: https://bugs.openjdk.java.net/browse/JDK-8203687
>>
>> Best regards,
>> John Jiang
>>
>


More information about the security-dev mailing list