JDK-8234728 : Some security tests should support TLSv1.3
  • Type: Bug
  • Component: security-libs
  • Sub-Component: javax.net.ssl
  • Affected Version: 8,11,14
  • Priority: P4
  • Status: Resolved
  • Resolution: Fixed
  • Submitted: 2019-11-25
  • Updated: 2021-01-26
  • Resolved: 2019-12-13
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 11 JDK 13 JDK 14 JDK 15 JDK 8 Other
11.0.8-oracleFixed 13.0.4Fixed 14 b28Fixed 15Fixed 8u261Fixed openjdk8u292Fixed
Related Reports
Relates :  
JDK-8235874 - The ordering of Cipher Suites is not maintained provided through ���jdk.tls.client.cipherSuites��� and ���jdk.tls.server.cipherSuites��� system property.
Description
open/test/jdk/javax/net/ssl/sanity/ciphersuites/CipherSuitesInOrder.java
open/test/jdk/sun/security/mscapi/ShortRSAKeyWithinTLS.java
open/test/jdk/sun/security/ssl/HandshakeHash/HandshakeHashCloneExhaustion.java
open/test/jdk/sun/security/util/HostnameMatcher/NullHostnameCheck.java

2 more Tests newly added to verify CipherSuites order.
test/jdk/javax/net/ssl/sanity/ciphersuites/SystemPropCipherSuitesOrder.java
test/jdk/javax/net/ssl/sanity/ciphersuites/TLSCipherSuitesOrder.java
Comments
Fix request (8u) I'd like to have this improvement in 8u, as it will enhance the TLSv1.3 test base. The 11u patch required some changes and they've been review-approved here: https://mail.openjdk.java.net/pipermail/jdk8u-dev/2021-January/013354.html Risk is low as only tests are affected by this backport.
25-01-2021
8u RFR: https://mail.openjdk.java.net/pipermail/jdk8u-dev/2021-January/013352.html
22-01-2021
Fix request (13u) Requesting backport to 13u for parity with 11u, applies cleanly except NullHostnameCheck.java RFR: https://mail.openjdk.java.net/pipermail/jdk-updates-dev/2020-June/003222.html
03-06-2020
Fix request (11u) I would like to downport this for parity with 11.0.8-oracle. The patch does not apply well. The tests fail without adaptions. See RFR: http://mail.openjdk.java.net/pipermail/jdk-updates-dev/2020-April/002946.html
03-04-2020
URL: https://hg.openjdk.java.net/jdk/jdk14/rev/fa82151f29c4 User: ssahoo Date: 2019-12-13 09:45:05 +0000
13-12-2019
The purpose of test open/test/jdk/sun/security/mscapi/ShortRSAKeyWithinTLS.java is RSA key length rather than TLS. So the change is not applicable.
05-12-2019