RFR: 8313229: DHEKeySizing.java should be modified to use TLS versions TLSv1, TLSv1.1, TLSv1.2
Jamil Nimeh
jnimeh at openjdk.org
Wed Sep 20 20:16:40 UTC 2023
On Wed, 20 Sep 2023 19:51:28 GMT, Sean Mullan <mullan at openjdk.org> wrote:
> Please review this change to ensure this test is tested on different TLS protocols (1.0, 1.1, 1.2)
>
> I added a protocol parameter to the test arguments so that different protocols are tested. I also removed the boolean exportable argument as it wasn't doing anything.
test/jdk/sun/security/ssl/DHKeyExchange/DHEKeySizing.java line 35:
> 33: * @library /javax/net/ssl/templates
> 34: * @run main/othervm -Djdk.tls.client.enableSessionTicketExtension=false
> 35: * DHEKeySizing TLS_DHE_RSA_WITH_AES_128_CBC_SHA 1645 267 TLSv1
Just curious why the server key exchange length went up in size by a couple bytes. Was 1643 incorrect before this change?
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/15846#discussion_r1332124810
More information about the security-dev
mailing list