stan/jdk-24
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

8165071: Expand TLS support

Browse Source 
Reviewed-by: jnimeh, ahgross, asmotrak
This commit is contained in:
Xue-Lei Andrew Fan 2016-09-13 00:20:17 +00:00
parent 5dd6d9c4ca
commit 6e132741b6
2 changed files with 7 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
jdk/src/java.base/share/conf/security/java.security
View File

@ -720,7 +720,7 @@ jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, \
# Note: The algorithm restrictions do not apply to trust anchors or # Note: The algorithm restrictions do not apply to trust anchors or
# self-signed certificates. # self-signed certificates.
# #
# Note: This property is currently used by Oracle's JSSE implementation. # Note: This property is currently used by the JDK Reference implementation.
# It is not guaranteed to be examined and used by other implementations. # It is not guaranteed to be examined and used by other implementations.
# #
# Example: # Example:
@ -740,7 +740,7 @@ jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 1024, \
# During SSL/TLS security parameters negotiation, legacy algorithms will # During SSL/TLS security parameters negotiation, legacy algorithms will
# not be negotiated unless there are no other candidates. # not be negotiated unless there are no other candidates.
# #
# The syntax of the disabled algorithm string is described as this Java # The syntax of the legacy algorithms string is described as this Java
# BNF-style: # BNF-style:
# LegacyAlgorithms: # LegacyAlgorithms:
# " LegacyAlgorithm { , LegacyAlgorithm } " # " LegacyAlgorithm { , LegacyAlgorithm } "
@ -776,7 +776,7 @@ jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 1024, \
# javax.net.ssl.SSLParameters.setAlgorithmConstraints()), # javax.net.ssl.SSLParameters.setAlgorithmConstraints()),
# then the algorithm is completely disabled and will not be negotiated. # then the algorithm is completely disabled and will not be negotiated.
# #
# Note: This property is currently used by Oracle's JSSE implementation. # Note: This property is currently used by the JDK Reference implementation.
# It is not guaranteed to be examined and used by other implementations. # It is not guaranteed to be examined and used by other implementations.
# There is no guarantee the property will continue to exist or be of the # There is no guarantee the property will continue to exist or be of the
# same syntax in future releases. # same syntax in future releases.
@ -789,7 +789,8 @@ jdk.tls.legacyAlgorithms= \
DHE_DSS_EXPORT, DHE_RSA_EXPORT, DH_anon_EXPORT, DH_DSS_EXPORT, \ DHE_DSS_EXPORT, DHE_RSA_EXPORT, DH_anon_EXPORT, DH_DSS_EXPORT, \
DH_RSA_EXPORT, RSA_EXPORT, \ DH_RSA_EXPORT, RSA_EXPORT, \
DH_anon, ECDH_anon, \ DH_anon, ECDH_anon, \
RC4_128, RC4_40, DES_CBC, DES40_CBC RC4_128, RC4_40, DES_CBC, DES40_CBC, \
3DES_EDE_CBC
# The pre-defined default finite field Diffie-Hellman ephemeral (DHE) # The pre-defined default finite field Diffie-Hellman ephemeral (DHE)
# parameters for Transport Layer Security (SSL/TLS/DTLS) processing. # parameters for Transport Layer Security (SSL/TLS/DTLS) processing.

4
jdk/test/javax/net/ssl/SSLParameters/UseCipherSuitesOrder.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2015, 2016, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
@ -31,7 +31,7 @@
* @bug 7188657 * @bug 7188657
* @summary There should be a way to reorder the JSSE ciphers * @summary There should be a way to reorder the JSSE ciphers
* @run main/othervm UseCipherSuitesOrder * @run main/othervm UseCipherSuitesOrder
* TLS_RSA_WITH_AES_128_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA * TLS_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA
*/ */
import java.io.*; import java.io.*;