RFR: 8301379: Verify TLS_ECDH_* cipher suites cannot be negotiated [v3]
Sean Mullan
mullan at openjdk.org
Wed Jun 14 13:45:59 UTC 2023
On Tue, 13 Jun 2023 11:11:32 GMT, Matthew Donovan <mdonovan at openjdk.org> wrote:
>> test/jdk/javax/net/ssl/TLS/TLSWontNegotiateDisabledCipherAlgos.java line 35:
>>
>>> 33: * @test id=Server
>>> 34: * @bug 8301379
>>> 35: * @summary Verify that Java will not negotiate disabled cipher suites when the
>>
>> This test could be enhanced to test all of the other suites that are disabled. I think that might be a good idea, to centralize that. Although you could do it as a follow-on RFE.
>
> I added all of the disable ciphers that are listed in DisabledAlgorithms. Let me know if this isn't what you were thinking. Thanks!
Yes, this is what I was thinking. There is another test `test/jdk/javax/net/ssl/ciphersuites/DisabledAlgorithms.java` that is very similar to this test. Can you compare these two tests and consider removing that test, or combining them if there are other things that test is testing that this one isn't?
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/14316#discussion_r1229645413
More information about the security-dev
mailing list