RFR: 8281236: (D)TLS key exchange named groups [v4]
Sean Mullan
mullan at openjdk.org
Tue Dec 6 18:14:02 UTC 2022
On Tue, 6 Dec 2022 07:58:02 GMT, Xue-Lei Andrew Fan <xuelei at openjdk.org> wrote:
>> This update is to support key exchange named groups customization for individual (D)TLS connection. Please review the CSR as well:
>> CSR: https://bugs.openjdk.org/browse/JDK-8291950
>> RFE: https://bugs.openjdk.org/browse/JDK-8281236
>> Release-note: https://bugs.openjdk.org/browse/JDK-8291975
>>
>> This is an effort similar to [JDK-8280494: "(D)TLS signature schemes"](https://bugs.openjdk.org/browse/JDK-8280494)
>
> Xue-Lei Andrew Fan has updated the pull request with a new target base due to a merge or a rebase. The pull request now contains six commits:
>
> - check duplicate
> - Merge
> - Merge
> - Merge
> - add test cases
> - 8281236: (D)TLS key exchange algorithms
test/jdk/javax/net/ssl/SSLParameters/NamedGroups.java line 122:
> 120: null,
> 121: false);
> 122: runTest(new String[0],
I think this case will throw IAE when `SSLParameter.setNamedGroups()` is called right? If so, I think you can delete this test (and the one one on line 123) since it is already covered in the NamedGroupsSpec test. Also, this test is coded such that the expected exception is thrown when the TLS handshake is being made in `runClientApplication()`, which is not the case here.
Same comment for the DTLSNamedGroups test.
-------------
PR: https://git.openjdk.org/jdk/pull/9776
More information about the security-dev
mailing list