RFR[12] JDK-8203687: javax/net/ssl/compatibility/Compatibility.java supports TLS 1.3

Xuelei Fan xuelei.fan at oracle.com
Fri Jan 18 05:57:09 UTC 2019


Thanks for the update.  No more comments.

Xuelei

On 1/17/2019 3:42 PM, sha.jiang at oracle.com wrote:
> Hi Xuelei,
> 
> On 2019/1/18 02:00, Xuelei Fan wrote:
>> Hi John,
>>
>> Looks fine to me except a minor format comment.
>>
>> Would you mind check the line length and limit to 80 characters each 
>> line?
>>
>> For example, using "\"  join multiple lines together.
>>     // openssl req -x509 -new -key key.pem \
>>     //     -subj "/CN=RSA-2048-SHA256" -sha256 -out cer.pem
> 
> I should stick to this convention.
> Please review this new webrev: 
> http://cr.openjdk.java.net/~jjiang/8203687/webrev.01/
> Only Cert.java is updated.
> 
> Best regards,
> John Jiang
> 
>>
>> Thanks,
>> Xuelei
>>
>> On 1/17/2019 12:26 AM, sha.jiang at oracle.com wrote:
>>> Hi,
>>> The patch adds TLS 1.3 cases for test 
>>> javax/net/ssl/compatibility/Compatibility.java.
>>> Beside this enhancement, it also changes the test on the following 
>>> points:
>>> 1. Re-generate all certificates to use key size 2048 and SHA256 
>>> rather than 1024 and SHA1. And new RSA signed EC key certificates are 
>>> added.
>>> 2. Each JDK build should check if a cipher suite is supported by 
>>> itself. It's really unnecessary to maintain a predefined table for it.
>>> 3. Uses classes in javax/net/ssl/TLSCommon for defined protocols and 
>>> cipher suites. And also adds a new common class for key algorithm.
>>> 4. Correct some statements in README.
>>>
>>> Webrev: http://cr.openjdk.java.net/~jjiang/8203687/webrev.00/
>>> Issue: https://bugs.openjdk.java.net/browse/JDK-8203687
>>>
>>> Best regards,
>>> John Jiang
>>>
>>



More information about the security-dev mailing list