RFR: 8281236: (D)TLS key exchange named groups [v4]
Sean Mullan
mullan at openjdk.org
Tue Dec 6 18:56:37 UTC 2022
On Tue, 6 Dec 2022 07:58:02 GMT, Xue-Lei Andrew Fan <xuelei at openjdk.org> wrote:
>> This update is to support key exchange named groups customization for individual (D)TLS connection. Please review the CSR as well:
>> CSR: https://bugs.openjdk.org/browse/JDK-8291950
>> RFE: https://bugs.openjdk.org/browse/JDK-8281236
>> Release-note: https://bugs.openjdk.org/browse/JDK-8291975
>>
>> This is an effort similar to [JDK-8280494: "(D)TLS signature schemes"](https://bugs.openjdk.org/browse/JDK-8280494)
>
> Xue-Lei Andrew Fan has updated the pull request with a new target base due to a merge or a rebase. The pull request now contains six commits:
>
> - check duplicate
> - Merge
> - Merge
> - Merge
> - add test cases
> - 8281236: (D)TLS key exchange algorithms
src/java.base/share/classes/sun/security/ssl/NamedGroup.java line 454:
> 452: }
> 453:
> 454: static NamedGroup getPreferredGroup(
Add a comment describing what this method does. And the method on line 471.
src/java.base/share/classes/sun/security/ssl/SSLConfiguration.java line 279:
> 277: String[] ngs = params.getNamedGroups();
> 278: if (ngs != null) {
> 279: // Note if 'ss' is empty, then no signature schemes should be
The comment needs to be updated for named groups. It looks like it was copied from line 272.
-------------
PR: https://git.openjdk.org/jdk/pull/9776
More information about the security-dev
mailing list