JDK-8366184 : Add tests to verify the SSL AlgorithmConstraints used by the QuicTLSEngine
  • Type: Sub-task
  • Component: core-libs
  • Sub-Component: java.net
  • Priority: P4
  • Status: Open
  • Resolution: Unresolved
  • Submitted: 2025-08-26
  • Updated: 2025-10-15
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
Other
tbdUnresolved
Description
In https://bugs.openjdk.org/browse/JDK-8349910 we introduced the QuicTLSEngine for handling QUIC TLS integration. It introduces newer methods in security-libs area related to enforcing AlgorithmConstraints during the TLS handshake. These methods are similar to the ones that were already there for Socket and SSLEngine. 

Currently, we don't have tests to verify that the QuicTLSEngine correctly enforces these AlgorithmConstraints. We should add some to match what's there for SSLEngine and Socket.

Artur in the PR review has suggested looking at the existing tests under Please see tests under test/jdk/sun/security/ssl/X509KeyManager for examples.

For additional context, the PR review comment where this was discussed is here https://github.com/openjdk/jdk/pull/24751#issuecomment-3221662557.