stan/jdk-24
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
80,907 Commits 2 Branches 0 Tags 1.2 GiB
c4c6b1fe06
Commit Graph

655 Commits

Author SHA1 Message Date
Andrey Turbanov
48c7549806 8284853: Fix various 'expected' typo 
Reviewed-by: bpb, ihse
 2022-04-14 18:05:49 +00:00
Naoto Sato
d6b4693c05 8283698: Refactor Locale constructors used in src/test 
Reviewed-by: iris, joehw
 2022-04-08 15:23:25 +00:00
Mark Powers
d6f01e9d6f 8234128: jarsigner will not show not-signed-by-alias warning if an intermediate cert is in this keystore 
Reviewed-by: jnimeh
 2022-04-07 15:52:43 +00:00
Mahendra Chhipa
ec73c61d8f 8284353: Update java/net and sun/net/www tests to eliminate dependency on sun.net.www.MessageHeader 
Reviewed-by: dfuchs
 2022-04-07 10:19:12 +00:00
Bradford Wetmore
0b09f70a73 8273553: sun.security.ssl.SSLEngineImpl.closeInbound also has similar error of JDK-8253368 
Reviewed-by: xuelei, rhalade, coffeys
 2022-04-02 00:30:48 +00:00
Olga Mikhaltsova
d8fd22239b 8282538: PKCS11 tests fail on CentOS Stream 9 
Reviewed-by: mullan, xuelei
 2022-03-28 19:27:26 +00:00
Valerie Peng
3b5dfee939 8283665: Two Jarsigner tests needs to be updated with JDK-8267319 
Reviewed-by: xuelei, ascarpino, hchao, weijun
 2022-03-25 17:10:59 +00:00
Valerie Peng
313bc7f64f 8267319: Use larger default key sizes and algorithms based on CNSA 
Reviewed-by: weijun, xuelei
 2022-03-24 22:50:26 +00:00
Sean Mullan
138460c004 8163327: Remove 3DES from the default enabled cipher suites list 
Reviewed-by: xuelei
 2022-03-23 18:32:55 +00:00
Sibabrata Sahoo
86015e15a5 8282293: Domain value for system property jdk.https.negotiate.cbt should be case-insensitive 
Reviewed-by: weijun, rhalade
 2022-03-23 06:45:37 +00:00
Magnus Ihse Bursie
f8878cb0cc 8257733: Move module-specific data from make to respective module 
Reviewed-by: jjg, weijun, naoto, erikj, prr, alanb, mchung
 2022-03-21 21:34:09 +00:00
Hai-May Chao
f43ffe211f 8282633: jarsigner output does not explain why an EC key is disabled if its curve has been disabled 
Reviewed-by: weijun
 2022-03-15 15:54:47 +00:00
Mahendra Chhipa
95ca94436d 8282354: Remove dependancy of TestHttpServer, HttpTransaction, HttpCallback from open/test/jdk/ tests 
Reviewed-by: dfuchs
 2022-03-11 10:48:57 +00:00
Rajan Halade
ea19114e66 8282832: Update file path for HostnameMatcher/cert5.crt in test sun/security/util/Pem/encoding.sh 
Reviewed-by: mullan
 2022-03-08 20:34:02 +00:00
Sean Mullan
72e987e3b4 7192189: Support endpoint identification algorithm in RFC 6125 
Reviewed-by: xuelei, rhalade
 2022-03-08 18:18:57 +00:00
Matteo Baccan
ccad39237a 8282657: Code cleanup: removing double semicolons at the end of lines 
Reviewed-by: lancea, rriggs, ihse, prr, iris, wetmore, darcy, dholmes
 2022-03-07 21:33:40 +00:00
Hai-May Chao
fb6b929e6e 8277474: jarsigner does not check if algorithm parameters are disabled 
Reviewed-by: mullan, weijun
 2022-03-03 23:01:26 +00:00
Weijun Wang
fc918a73d0 8281234: The -protected option is not always checked in keytool and jarsigner 
Reviewed-by: hchao, mullan
 2022-03-02 14:07:26 +00:00
Weijun Wang
59b3ecc591 8277976: Break up SEQUENCE in X509Certificate::getSubjectAlternativeNames and X509Certificate::getIssuerAlternativeNames in otherName 
6776681: Invalid encoding of an OtherName in X509Certificate.getAlternativeNames()

Reviewed-by: mullan
 2022-02-28 17:00:47 +00:00
Rajan Halade
d3749de478 8277488: Add expiry exception for Digicert (geotrustglobalca) expiring in May 2022 
Reviewed-by: weijun
 2022-02-18 20:17:37 +00:00
Weijun Wang
7ce75afbbc 8255266: Update Public Suffix List to 3c213aa 
Reviewed-by: xuelei
 2022-02-18 16:34:59 +00:00
Alexey Bakhtin
58dae60da0 8274524: SSLSocket.close() hangs if it is called during the ssl handshake 
Reviewed-by: xuelei
 2022-02-12 11:54:22 +00:00
Hai-May Chao
178b962e01 8265765: DomainKeyStore may stop enumerating aliases if a constituting KeyStore is empty 
Reviewed-by: weijun
 2022-02-09 16:53:48 +00:00
Weijun Wang
2ed1f4cf32 8281175: Add a -providerPath option to jarsigner 
Reviewed-by: xuelei, hchao
 2022-02-07 15:05:30 +00:00
Jesper Wilhelmsson
7207f2a3b5 Merge 2022-02-04 14:47:06 +00:00
Matthias Baesken
01f93ddf18 8279385: [test] Adjust sun/security/pkcs12/KeytoolOpensslInteropTest.java after 8278344 
Reviewed-by: mullan, xuelei
Backport-of: 9bdf6eb7b2
 2022-02-04 07:47:42 +00:00
Michael McMahon
de3113b998 8279842: HTTPS Channel Binding support for Java GSS/Kerberos 
Co-authored-by: Weijun Wang <weijun.wang@oracle.com>
Reviewed-by: dfuchs, weijun, darcy
 2022-02-01 07:26:59 +00:00
Hai-May Chao
c2ee1b33c3 8273236: keytool does not accurately warn about algorithms that are disabled but have additional constraints 
Reviewed-by: mullan
 2022-01-26 20:31:04 +00:00
Weijun Wang
0d1a97f793 8279064: New options for ktab to provide non-default salt 
Reviewed-by: valeriep
 2022-01-14 20:44:22 +00:00
Weijun Wang
0a839b434b 8279801: EC KeyFactory and KeyPairGenerator do not have aliases for OID format 
Reviewed-by: xuelei, valeriep
 2022-01-13 15:26:41 +00:00
Jesper Wilhelmsson
d9b1bb5860 Merge 2022-01-10 17:06:23 +00:00
Matthias Baesken
06b4d494bf 8278344: sun/security/pkcs12/KeytoolOpensslInteropTest.java test fails because of different openssl output 
Backport-of: 8b5ff4bdff
 2022-01-10 11:41:14 +00:00
Weijun Wang
8d0f385fd0 8279520: SPNEGO has not passed channel binding info into the underlying mechanism 
Reviewed-by: mullan, valeriep
 2022-01-06 22:02:55 +00:00
Matthias Baesken
9bdf6eb7b2 8279385: [test] Adjust sun/security/pkcs12/KeytoolOpensslInteropTest.java after 8278344 
Reviewed-by: weijun
 2022-01-04 07:55:53 +00:00
Sergey Bylokhov
7fea10327e 8279134: Fix Amazon copyright in various files 
Reviewed-by: xliu, phh
 2021-12-26 22:10:54 +00:00
Daniel Jelinski
f31dead6c5 8279043: Some Security Exception Messages Miss Spaces 
Reviewed-by: weijun
 2021-12-21 18:24:31 +00:00
Weijun Wang
6412d57a0a 8278560: X509KeyManagerImpl::getAliases might return a good key with others 
Reviewed-by: xuelei
 2021-12-17 12:14:17 +00:00
Matthias Baesken
8b5ff4bdff 8278344: sun/security/pkcs12/KeytoolOpensslInteropTest.java test fails because of different openssl output 
Reviewed-by: mdoerr, goetz, stuefe
 2021-12-13 07:48:20 +00:00
Martin Balao
ea8d3c92c6 8271566: DSA signature length value is not accurate in P11Signature 
Reviewed-by: valeriep
 2021-12-06 20:31:55 +00:00
Weijun Wang
a729a70c01 8225181: KeyStore should have a getAttributes method 
Reviewed-by: mullan
 2021-12-03 18:52:17 +00:00
Weijun Wang
7049c13cf4 8231107: Allow store password to be null when saving a PKCS12 KeyStore 
Reviewed-by: mullan
 2021-12-01 01:01:57 +00:00
Weijun Wang
ab867f6c7c 8272162: S4U2Self ticket without forwardable flag 
Reviewed-by: valeriep
 2021-12-01 00:48:28 +00:00
Sean Mullan
03f8c0fb93 8275887: jarsigner prints invalid digest/signature algorithm warnings if keysize is weak/disabled 
Reviewed-by: weijun
 2021-11-19 14:36:07 +00:00
Sean Coffey
6bb04626af 8277224: sun.security.pkcs.PKCS9Attributes.toString() throws NPE 
Reviewed-by: weijun
 2021-11-17 20:50:46 +00:00
Weijun Wang
262d07001b 8277246: Check for NonRepudiation as well when validating a TSA certificate 
Reviewed-by: xuelei, mullan
 2021-11-17 20:03:55 +00:00
Weijun Wang
a5c160c711 8267108: Alternate Subject.getSubject and doAs APIs that do not depend on Security Manager APIs 
Reviewed-by: mullan
 2021-11-10 19:35:17 +00:00
Jamil Nimeh
8822d41fdc 8274736: Concurrent read/close of SSLSockets causes SSLSessions to be invalidated unnecessarily 
Reviewed-by: xuelei, wetmore
 2021-11-10 01:24:33 +00:00
Weijun Wang
c27afb313b 8276863: Remove test/jdk/sun/security/ec/ECDSAJavaVerify.java 
Reviewed-by: ascarpino
 2021-11-09 14:46:32 +00:00
Hai-May Chao
de93b1d0e8 8257722: Improve "keytool -printcert -jarfile" output 
Reviewed-by: weijun
 2021-10-28 23:04:34 +00:00
Weijun Wang
10e1610f7b 8251134: Unwrapping a key with a Private Key generated by Microsoft CNG fails 
Reviewed-by: valeriep
 2021-10-26 02:45:23 +00:00
Weijun Wang
43619458d1 8185844: MSCAPI doesn't list aliases correctly 
Reviewed-by: valeriep
 2021-10-26 02:39:05 +00:00
Hai-May Chao
fec470f262 8272163: Add -version option to keytool and jarsigner 
Reviewed-by: weijun
 2021-10-22 20:53:38 +00:00
Sean Mullan
49f9d8031e 8243585: AlgorithmChecker::check throws confusing exception when it rejects the signer key 
Reviewed-by: ascarpino
 2021-10-21 17:28:40 +00:00
Weijun Wang
d589b664cc 8270380: Change the default value of the java.security.manager system property to disallow 
Reviewed-by: lancea, mullan, rriggs
 2021-10-21 14:04:48 +00:00
Valerie Peng
e63c1486dc 8264849: Add KW and KWP support to PKCS11 provider 
Reviewed-by: ascarpino
 2021-10-19 20:50:56 +00:00
Weijun Wang
bd2b41dd70 8275252: Migrate cacerts from JKS to password-less PKCS12 
Reviewed-by: erikj, ihse, mullan
 2021-10-19 20:48:17 +00:00
Weijun Wang
8e02064288 8049520: FileCredentialsCache loads cache once and is never refreshed 
Reviewed-by: mullan
 2021-10-15 13:51:52 +00:00
Sean Coffey
03a8d342b8 8273826: Correct Manifest file name and NPE checks 
Reviewed-by: weijun, hchao, mullan
 2021-10-07 15:12:13 +00:00
Weijun Wang
03d3c03384 8273670: Remove weak etypes from default krb5 etype list 
Reviewed-by: valeriep, mullan
 2021-10-05 18:18:51 +00:00
Weijun Wang
edd9d1c97b 8274330: Incorrect encoding of the DistributionPointName object in IssuingDistributionPointExtension 
Reviewed-by: ascarpino
 2021-09-29 15:37:16 +00:00
Alexey Bakhtin
5ba0d09fe4 8274205: Handle KDC_ERR_SVC_UNAVAILABLE error code from KDC 
Co-authored-by: Weijun Wang <weijun@openjdk.org>
Reviewed-by: weijun
 2021-09-24 12:09:38 +00:00
Sean Mullan
6d91a3eb7b 8269039: Disable SHA-1 Signed JARs 
Reviewed-by: weijun
 2021-09-21 13:45:47 +00:00
Fernando Guallini
041ae20b10 8268558: [TESTBUG] Case 2 in TestP11KeyFactoryGetRSAKeySpec is skipped 
Reviewed-by: mullan, rhalade
 2021-09-07 14:36:15 +00:00
Jamil Nimeh
29e0f1386d 8272385: Enforce ECPrivateKey d value to be in the range [1, n-1] for SunEC provider 
Reviewed-by: ascarpino, weijun
 2021-09-02 17:54:08 +00:00
Weijun Wang
3d657eb0a6 8262186: Call X509KeyManager.chooseClientAlias once for all key types 
Reviewed-by: xuelei
 2021-08-31 20:07:02 +00:00
Fernando Guallini
f18c0fac11 8271560: sun/security/ssl/DHKeyExchange/LegacyDHEKeyExchange.java still fails due to "An established connection was aborted by the software in your host machine" 
Reviewed-by: xuelei, rhalade
 2021-08-30 17:28:49 +00:00
Sean Coffey
04a806ec86 8270344: Session resumption errors 
Reviewed-by: xuelei
 2021-08-20 20:10:42 +00:00
Abdul Kolarkunnu
a199ebc017 8272581: sun/security/pkcs11/Provider/MultipleLogins.sh fails after JDK-8266182 
Reviewed-by: weijun
 2021-08-17 16:54:32 +00:00
Rajan Halade
1cbf41a87b 8225083: Remove Google certificate that is expiring in December 2021 
Reviewed-by: xuelei, mullan
 2021-08-17 16:01:42 +00:00
Abdul Kolarkunnu
ed57cf1cf3 8266182: Automate manual steps listed in the test jdk/sun/security/pkcs12/ParamsTest.java 
Reviewed-by: hchao, ssahoo, xuelei, weijun
 2021-08-17 12:12:22 +00:00
Martin Balao
67869b491a 8270137: Kerberos Credential Retrieval from Cache not Working in Cross-Realm Setup 
Reviewed-by: weijun
 2021-08-10 16:28:10 +00:00
Sean Mullan
89f5c96d63 8232066: Remove outdated code/methods from PKIX implementation 
Reviewed-by: weijun
 2021-07-30 12:43:20 +00:00
Rajan Halade
2ec45dc2dd 8225082: Remove IdenTrust certificate that is expiring in September 2021 
Reviewed-by: shade, mullan
 2021-07-29 00:22:09 +00:00
Sean Mullan
fc80a6b493 8270946: X509CertImpl.getFingerprint should not return the empty String 
Reviewed-by: weijun
 2021-07-27 13:49:03 +00:00
Hai-May Chao
fc38331f44 8260960: Signs of jarsigner signing 
Reviewed-by: weijun, rhalade
 2021-07-21 20:28:55 +00:00
Sibabrata Sahoo
a32d2eefea 8269276: Additional tests for MessageDigest with different providers 
Reviewed-by: valeriep, wetmore
 2021-07-15 05:42:55 +00:00
Alexey Bakhtin
e1d3e73d4e 8268965: TCP Connection Reset when connecting simple socket to SSL server 
Reviewed-by: xuelei
Backport-of: 6f171b9f0d
 2021-07-12 10:24:39 +00:00
Sean Coffey
0d745ae8fd 8269034: AccessControlException for SunPKCS11 daemon threads 
Reviewed-by: valeriep
 2021-06-29 22:52:45 +00:00
Valerie Peng
80dc262e81 8265500: Some impls of javax.crypto.Cipher.init() do not throw UnsupportedOperationExc for unsupported modes 
Reviewed-by: xuelei
 2021-06-17 23:27:54 +00:00
Rajan Halade
54f5ffeaad 8259338: Add expiry exception for identrustdstx3 alias to VerifyCACerts.java test 
Backport-of: b836b83b2a
 2021-06-16 18:53:37 +00:00
Valerie Peng
f69e2d5651 8267397: AlgorithmId's OID cache is never refreshed 
Reviewed-by: xuelei
 2021-06-14 20:40:26 +00:00
Weijun Wang
e39346e708 8268093: Manual Testcase: "sun/security/krb5/config/native/TestDynamicStore.java" Fails with NPE 
Reviewed-by: mullan
 2021-06-11 15:12:11 +00:00
Evan Whelan
408e0a9c69 8255148: Confusing log output: SSLSocket duplex close failed 
Reviewed-by: mullan
 2021-06-09 20:38:47 +00:00
Fernando Guallini
3aa7062c3d 8262409: sun/security/ssl/SSLSocketImpl/SSLSocketImplThrowsWrongExceptions. SSL test failures caused by java failed with "Server reported the wrong exception" 
Reviewed-by: rhalade, xuelei
 2021-06-03 16:06:31 +00:00
Sean Coffey
eb385c0de2 8268167: MultipleLogins.java failure on macosx-aarch64 
Reviewed-by: weijun
 2021-06-03 13:47:47 +00:00
Sean Coffey
bdeaeb47d0 8240256: Better resource cleaning for SunPKCS11 Provider 
Reviewed-by: valeriep
 2021-06-03 06:45:06 +00:00
Fernando Guallini
ccfcd92667 8180571: Refactor sun/security/pkcs11 shell tests to plain java tests and fix failures 
Reviewed-by: xuelei
 2021-06-01 19:09:42 +00:00
Evgeny Astigeevich
a859d87cc1 8267721: Enable sun/security/pkcs11 tests for Amazon Linux 2 AArch64 
Reviewed-by: phh
 2021-05-26 21:08:47 +00:00
Weijun Wang
640a2afda3 8267184: Add -Djava.security.manager=allow to tests calling System.setSecurityManager 
Co-authored-by: Lance Andersen <lancea@openjdk.org>
Co-authored-by: Weijun Wang <weijun@openjdk.org>
Reviewed-by: dholmes, alanb, dfuchs, mchung, mullan, prr
 2021-05-24 16:55:55 +00:00
Hai-May Chao
f2d880c11a 8266400: importkeystore fails to a password less pkcs12 keystore 
Reviewed-by: weijun
 2021-05-24 15:38:32 +00:00
Fernando Guallini
347d41df90 8164804: sun/security/ssl/SSLSocketImpl/CloseSocket.java makes not reliable time assumption 
Reviewed-by: dfuchs, rhalade
 2021-05-13 10:50:06 +00:00
Hai-May Chao
995e956030 8266225: jarsigner is using incorrect security property to show weakness of certs 
Reviewed-by: weijun, mullan
 2021-05-11 19:37:26 +00:00
Weijun Wang
04f7112647 8266293: Key protection using PBEWithMD5AndDES fails with "java.security.InvalidAlgorithmParameterException: Salt must be 8 bytes long" 
Reviewed-by: valeriep
 2021-05-06 18:00:11 +00:00
Weijun Wang
48bb996ac9 8266220: keytool still prompt for store password on a password-less pkcs12 file if -storetype pkcs12 is specified 
Reviewed-by: coffeys, hchao
 2021-04-30 14:04:13 +00:00
Valerie Peng
5d8c1cc8a0 8255410: Add ChaCha20 and Poly1305 support to SunPKCS11 provider 
Reviewed-by: jnimeh
 2021-04-29 21:02:41 +00:00
Fernando Guallini
7e3bc4cb44 8228442: DHKeyExchange/LegacyDHEKeyExchange.java failed due to "SSLException: An established connection was aborted by the software in your host machine" 
Reviewed-by: xuelei
 2021-04-28 15:40:53 +00:00
Weijun Wang
f834557ae0 8258915: Temporary buffer cleanup 
Reviewed-by: valeriep
 2021-04-22 18:11:43 +00:00
Sean Mullan
ae33d2a2f0 8258247: Couple of issues in fix for JDK-8249906 
Reviewed-by: rhalade, weijun
 2021-04-20 21:45:52 +00:00
Sean Mullan
7232e3c704 8249906: Enhance opening JARs 
Reviewed-by: weijun, rhalade, mschoene
 2021-04-20 21:45:52 +00:00
Weijun Wang
c70589c68c 8265227: Move Proc.java from security/testlibrary to test/lib 
Reviewed-by: rriggs, xuelei, rhalade, ssahoo
 2021-04-15 15:07:47 +00:00
Weijun Wang
9cd5400d9b 8265138: Simplify DerUtils::checkAlg 
Reviewed-by: xuelei
 2021-04-13 16:56:36 +00:00
Martin Balao
1ee80e03ad 8261355: No data buffering in SunPKCS11 Cipher encryption when the underlying mechanism has no padding 
Reviewed-by: valeriep
 2021-04-12 20:58:08 +00:00
Abdul Kolarkunnu
9bb1863ed7 8260923: Add more tests for SSLSocket input/output shutdown 
Reviewed-by: coffeys
 2021-04-09 13:57:58 +00:00
Hai-May Chao
719f95e504 8260693: Provide the support for specifying a signer in keytool -genkeypair 
Reviewed-by: weijun
 2021-04-09 01:59:59 +00:00
Weijun Wang
3d2b4cc567 8264864: Multiple byte tag not supported by ASN.1 encoding 
Reviewed-by: xuelei
 2021-04-08 21:26:05 +00:00
Weijun Wang
eb5c097b6d 8262389: Use permitted_enctypes if default_tkt_enctypes or default_tgs_enctypes is not present 
Reviewed-by: mullan
 2021-04-06 23:58:21 +00:00
Ziyi Luo
a5d7de2351 8263404: RsaPrivateKeySpec is always recognized as RSAPrivateCrtKeySpec in RSAKeyFactory.engineGetKeySpec 
Co-authored-by: Greg Rubin <rubin@amazon.com>
Reviewed-by: valeriep
 2021-03-29 20:14:47 +00:00
John Jiang
99b4bab366 8263188: JSSE should fail fast if there isn't supported signature algorithm 
Reviewed-by: xuelei
 2021-03-29 05:53:05 +00:00
Sibabrata Sahoo
5a51d70987 8247895: SHA1PRNGReseed.java is calling setSeed(0) 
Reviewed-by: weijun, rhalade
 2021-03-23 06:46:20 +00:00
Evan Whelan
b2a2ddff44 8262438: sun/security/ssl/SSLLogger/LoggingFormatConsistency.java failed with "SocketException: Socket is closed" 
Reviewed-by: rhalade
 2021-03-10 15:15:53 +00:00
Fernando Guallini
e1cad97049 8262862: Harden tests sun/security/x509/URICertStore/ExtensionsWithLDAP.java and krb5/canonicalize/Test.java 
Reviewed-by: aefimov, michaelm
 2021-03-05 16:26:05 +00:00
Ziyi Luo
a777e82cd8 8254717: isAssignableFrom checks in KeyFactorySpi.engineGetKeySpec appear to be backwards 
Reviewed-by: jnimeh
 2021-03-04 15:17:53 +00:00
Weijun Wang
ded96ddcde 8139348: Deprecate 3DES and RC4 in Kerberos 
Reviewed-by: mullan
 2021-02-25 18:49:05 +00:00
Fernando Guallini
d70fd7b3c4 8258855: Two tests sun/security/krb5/auto/ReplayCacheTestProc.java and ReplayCacheTestProcWithMD5.java failed on OL8.3 
Reviewed-by: weijun, rhalade
 2021-02-24 17:05:58 +00:00
Jamil Nimeh
a30fb4fc68 8255867: SignatureScheme JSSE property does not preserve ordering in handshake messages 
Reviewed-by: xuelei
 2021-02-22 22:18:11 +00:00
Evan Whelan
a86728850e 8211227: Inconsistent TLS protocol version in debug output 
Reviewed-by: xuelei, rhalade
 2021-02-22 21:12:04 +00:00
Clive Verghese
63f8fc87cd 8259662: Don't wrap SocketExceptions into SSLExceptions in SSLSocketImpl 
Reviewed-by: xuelei
 2021-02-22 18:36:30 +00:00
Hai-May Chao
05301f5fd2 8257497: Update keytool to create AKID from the SKID of the issuing certificate as specified by RFC 5280 
Reviewed-by: coffeys, mullan, weijun
 2021-02-17 16:38:56 +00:00
Fernando Guallini
0a50688dec 8241372: Several test failures due to javax.net.ssl.SSLException: Connection reset 
Reviewed-by: dfuchs, rhalade
 2021-02-16 18:54:39 +00:00
Christoph Langer
dc46aa85c6 8261534: Test sun/security/pkcs11/KeyAgreement/IllegalPackageAccess.java fails on platforms where no nsslib artifacts are defined 
Reviewed-by: mbaesken
 2021-02-12 20:58:22 +00:00
Rajan Halade
ef7ee3f44e 8225081: Remove Telia Company CA certificate expiring in April 2021 
Reviewed-by: mullan
 2021-02-09 17:56:35 +00:00
Fernando Guallini
d2bd499222 8163498: Many long-running security libs tests 
Reviewed-by: rhalade, weijun
 2021-02-05 05:22:51 +00:00
Weijun Wang
4a8b5c1602 8257858: [macOS]: Remove JNF dependency from libosxsecurity/KeystoreImpl.m 
8257860: [macOS]: Remove JNF dependency from libosxkrb5/SCDynamicStoreConfig.m

Reviewed-by: erikj, prr, ihse, valeriep
 2021-02-03 16:20:16 +00:00
Rajan Halade
69189f8820 8256421: Add 2 HARICA roots to cacerts truststore 
Reviewed-by: hchao, mullan
 2021-02-02 18:26:34 +00:00
Xue-Lei Andrew Fan
71bfe962eb 8217633: Configurable extensions with system properties 
Reviewed-by: rhalade, jnimeh
 2021-01-30 00:21:01 +00:00
Fernando Guallini
9f0a043648 8260286: Manual Test "ws/open/test/jdk/sun/security/tools/jarsigner/compatibility/Compatibility.java" fails 
Reviewed-by: rhalade
 2021-01-26 18:15:26 +00:00
Martin Balao
47c7dc7734 8258833: Cancel multi-part cipher operations in SunPKCS11 after failures 
Reviewed-by: valeriep
 2021-01-25 18:01:59 +00:00
Hai-May Chao
8b95d9549e 8256895: Add support for RFC 8954: Online Certificate Status Protocol (OCSP) Nonce Extension 
Reviewed-by: jnimeh, mullan
 2021-01-20 22:23:50 +00:00
Valerie Peng
68cf65d284 8023980: JCE doesn't provide any class to handle RSA private key in PKCS#1 
Reviewed-by: weijun
 2021-01-18 02:26:17 +00:00
Jamil Nimeh
8554fe6ebc 8253866: Security Libs Terminology Refresh 
Reviewed-by: erikj, weijun, mullan
 2021-01-14 16:36:51 +00:00
Hai-May Chao
c7e2174bf1 8259401: Add checking to jarsigner to warn weak algorithms used in signer’s cert chain 
Reviewed-by: mullan, weijun, rhalade
 2021-01-13 22:32:45 +00:00
Martin Balao
4be2173478 8259319: Illegal package access when SunPKCS11 requires SunJCE's classes 
Reviewed-by: valeriep, mullan
 2021-01-12 23:44:19 +00:00
Volker Simonis
e9929e2b5a 8259582: Backout JDK-8237578 until all affected tests have been fixed 
Reviewed-by: xuelei
 2021-01-11 21:36:16 +00:00
Clive Verghese
01b2804ef7 8237578: JDK-8214339 (SSLSocketImpl wraps SocketException) appears to not be fully fixed 
Reviewed-by: xuelei, simonis
 2021-01-11 12:02:09 +00:00
Roger Riggs
628c546bea 8258796: [test] Apply HexFormat to tests for java.security 
Reviewed-by: xuelei
 2021-01-08 21:32:54 +00:00
Rajan Halade
4ce83f2a3a 8039278: console.sh failed Automatically with exit code 1 
Reviewed-by: xuelei, weijun
 2021-01-07 18:47:43 +00:00
Rajan Halade
3be6e06958 8259312: VerifyCACerts.java fails as soneraclass2ca cert will expire in 90 days 
Reviewed-by: mullan
 2021-01-06 16:20:24 +00:00
Valerie Peng
78c9fb92aa 8258851: Mismatch in SunPKCS11 provider registration properties and actual implementation 
Reviewed-by: weijun
 2020-12-23 22:36:45 +00:00
Sean Coffey
a4e082e985 8253368: TLS connection always receives close_notify exception 
Reviewed-by: xuelei
 2020-12-23 12:26:44 +00:00
Rajan Halade
666e6c4033 8225072: Add LuxTrust certificate that is expiring in March 2021 to list of allowed but expired certs 
8258630: Add expiry exception for QuoVadis root certificate

Reviewed-by: ascarpino
 2020-12-17 20:27:25 +00:00
Christoph Langer
29ffffa7b9 8257997: sun/security/ssl/SSLSocketImpl/SSLSocketLeak.java again reports leaks after JDK-8257884 
Reviewed-by: mbaesken
 2020-12-10 10:56:36 +00:00
Christoph Langer
fae7961a03 8257884: Re-enable sun/security/ssl/SSLSocketImpl/SSLSocketLeak.java as automatic test 
Reviewed-by: xuelei
 2020-12-09 08:12:09 +00:00
Xue-Lei Andrew Fan
39b8a2e682 8257670: sun/security/ssl/SSLSocketImpl/SSLSocketLeak.java reports leaks 
Reviewed-by: jnimeh
 2020-12-07 23:53:17 +00:00
Valerie Peng
78be334c38 8242332: Add SHA3 support to SunPKCS11 provider 
Reviewed-by: xuelei
 2020-12-05 23:47:35 +00:00
Christoph Langer
93b6ab56ae 8256818: SSLSocket that is never bound or connected leaks socket resources 
Reviewed-by: xuelei
 2020-12-02 19:23:26 +00:00
Bradford Wetmore
fe5cccc1ec 8254631: Better support ALPN byte wire values in SunJSSE 
Reviewed-by: xuelei, dfuchs
 2020-12-02 04:14:28 +00:00
Sean Mullan
dbfeb90d3a 8243559: Remove root certificates with 1024-bit keys 
Reviewed-by: weijun
 2020-11-24 18:14:05 +00:00
Sean Mullan
b9db002fef 8256682: JDK-8202343 is incomplete 
Reviewed-by: dfuchs
 2020-11-19 19:09:22 +00:00
Sean Mullan
3a4b90f086 8202343: Disable TLS 1.0 and 1.1 
Reviewed-by: xuelei, dfuchs, coffeys
 2020-11-19 14:15:57 +00:00
Dong Bo
b0b9dd27b8 8256318: AArch64: Add support for floating-point absolute difference 
Reviewed-by: aph
 2020-11-18 10:14:20 +00:00
Christoph Langer
1e9a432d59 8256202: Some tweaks for jarsigner tests PosixPermissionsTest and SymLinkTest 
Reviewed-by: mbaesken
 2020-11-13 17:28:05 +00:00
Weijun Wang
80380d51d2 8255494: PKCS7 should use digest algorithm to verify the signature 
Reviewed-by: valeriep
 2020-10-31 03:22:35 +00:00
Weijun Wang
f77a658557 8153005: Upgrade the default PKCS12 encryption/MAC algorithms 
Reviewed-by: mullan
 2020-10-30 13:23:33 +00:00
Alexey Bakhtin
7a7ce021de 8007632: DES/3DES keys support in PKCS12 keystore 
Reviewed-by: weijun
 2020-10-27 18:41:44 +00:00
Weijun Wang
e8b75b13dc 8255393: sun/security/util/DerValue/Indefinite.java fails with ---illegal-access=deny 
Reviewed-by: alanb
 2020-10-26 14:33:34 +00:00
Fei Yang
b25d894015 8252204: AArch64: Implement SHA3 accelerator/intrinsic 
Co-authored-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Co-authored-by: Dong Bo <dongbo4@huawei.com>
Reviewed-by: aph, kvn
 2020-10-22 04:38:39 +00:00
Valerie Peng
1191a633fe 8199697: FIPS 186-4 RSA Key Generation 
Reviewed-by: xuelei
 2020-10-21 22:42:07 +00:00
Weijun Wang
839f01ddf5 8242068: Signed JAR support for RSASSA-PSS and EdDSA 
Reviewed-by: valeriep
 2020-10-21 14:18:43 +00:00
Sean Mullan
62a03bd387 8237995: Enhance certificate processing 
Reviewed-by: weijun, rhalade, ahgross, erikj
 2020-10-20 14:58:38 -07:00
Erik Joelsson
0b5101658d 8253660: Need better error report when artifact resolution fails in AotCompiler.java 
Reviewed-by: ihse
 2020-10-19 17:40:54 +00:00
Rajan Halade
123e786db2 8239105: Add exception for expiring Digicert root certificates to VerifyCACerts test 
"8239105: added verisigntsaca and thawtepremiumserverca to EXPIRY_EXC_ENTRIES list"

Reviewed-by: mullan
 2020-10-02 17:21:56 +00:00
Weijun Wang
3c4e824aa5 8249783: Simplify DerValue and DerInputStream 
Reviewed-by: valeriep
 2020-10-01 18:55:35 +00:00
Anthony Scarpino
fb206908b4 8253637: Update EC removal 
Reviewed-by: mullan
 2020-09-29 18:05:20 +00:00
Hai-May Chao
0e855fe5fa 8252377: Incorrect encoding for EC AlgorithmIdentifier 
Reviewed-by: weijun
 2020-09-25 19:47:15 +00:00
Anthony Scarpino
0b83fc0150 8235710: Remove the legacy elliptic curves 
Reviewed-by: xuelei, erikj
 2020-09-25 02:40:36 +00:00
Valerie Peng
40206822f4 8172366: Support SHA-3 based signatures 
Enhance default JDK providers including SUN, SunRsaSign, and SunEC, with signatures using SHA-3 family of digests.

Reviewed-by: xuelei
 2020-09-15 20:28:48 +00:00
Sean Coffey
7686e87155 8250968: Symlinks attributes not preserved when using jarsigner on zip files 
Reviewed-by: lancea, weijun, hchao
 2020-09-07 19:01:07 +00:00
Rajan Halade
39c9560cbf 8251859: sun/security/validator/PKIXValAndRevCheckTests.java fails 
Reviewed-by: jnimeh
 2020-08-17 17:26:30 -07:00
Abdul Kolarkunnu
b5d775f115 8248745: Add jarsigner and keytool tests for restricted algorithms 
Reviewed-by: mullan, hchao
 2020-08-08 20:29:27 -07:00
Rajan Halade
1e535dfa53 8243320: Add SSL root certificates to Oracle Root CA program 
Reviewed-by: mullan
 2020-08-03 11:35:24 -07:00
Rajan Halade
6e32338330 8243321: Add Entrust root CA - G4 to Oracle Root CA program 
Reviewed-by: mullan
 2020-07-29 09:31:38 -07:00
Rahul Yadav
17035efe87 8250602: Update sun/security/ssl/SSLLogger/LoggerDateFormatterTest.java to handle TimeZones 
This fix updates the test LoggerDateFormatterTest.java to be able to handle different TimeZones

Reviewed-by: alanb, dfuchs, xuelei
 2020-07-29 10:26:39 +01:00
Hai-May Chao
cce3929e07 8247960: jarsigner says "signer errors" for some normal warnings when -strict is set 
8250586: jarsigner refactoring in displayMessagesAndResult() method

Reviewed-by: weijun
 2020-07-25 16:40:10 +08:00
Rahul Yadav
778d8a45cb 8245306: Update sun.security.ssl.SSLLogger to use Immutable DateTimeFormatter 
The fix updates sun.security.ssl.SSLLogger to use DateTimeFormatter to make it virtual thread friendly

Reviewed-by: alanb, jnimeh
 2020-07-24 12:07:59 +01:00
Jesper Wilhelmsson
3dcd1c1ab0 Merge 2020-07-09 04:32:30 +02:00
Anthony Scarpino
a0e5043781 8246806: Incorrect copyright header in KeyAgreementTest.java, GroupName.java 
Reviewed-by: weijun
 2020-07-08 08:58:05 -07:00
Shivangi Gupta
82e3640eb1 8246330: Add TLS Tests for Legacy ECDSA curves 
Reviewed-by: rhalade
 2020-06-09 00:04:40 -07:00
John Jiang
ff8c6d5deb 8246709: sun/security/tools/jarsigner/TsacertOptionTest.java compilation failed after JDK-8244683 
Reviewed-by: weijun
 2020-06-06 13:51:23 +08:00
John Jiang
13d30235e1 8244683: A TSA server used by tests 
Reviewed-by: weijun
 2020-06-05 23:36:01 +08:00
Patrick Concannon
d071ed0294 8244582: Remove terminally deprecated Solaris-specific SO_FLOW_SLA socket option 
This patch removes ExtendedSocketOptions.SO_FLOW_SLA, SocketFlow and SocketFlow.Status which were terminally deprecated in JDK 14 in preparation for the removal of the Solaris port.

Reviewed-by: alanb, dfuchs, chegar, vtewari
 2020-06-05 09:35:42 +01:00
Sean Coffey
3d9bad16d1 8218021: Have jarsigner preserve posix permission attributes 
Reviewed-by: weijun, lancea, alanb
 2020-07-02 08:17:31 +00:00
Jamil Nimeh
c0b348f3ef 8239950: Update PKCS9 Attributes to PKCS#9 v2.0 Encodings 
Reviewed-by: weijun
 2020-06-23 07:48:39 -07:00
Hai-May Chao
e3eb38f4d2 8244148: keytool -printcert and -printcrl should support the -trustcacerts and -keystore options 
Reviewed-by: weijun, jjiang
 2020-06-23 16:30:38 +08:00
Prasadrao Koppula
bb86779366 8246031: SSLSocket.getSession() doesn't close connection for timeout/ interrupts 
Reviewed-by: xuelei, coffeys
 2020-06-11 21:54:51 +05:30
Weijun Wang
507816d550 8244565: Accept PKCS #8 with version number 1 
Reviewed-by: valeriep
 2020-06-05 07:53:50 +08:00
Valerie Peng
56b7960496 8242897: KeyFactory.generatePublic( x509Spec ) failed with java.security.InvalidKeyException 
Changed SunRsaSign provider to accept RSA signature oid in RSA key encoding for backward compatibility

Reviewed-by: weijun
 2020-06-03 04:29:04 +00:00
Weijun Wang
6212aea580 8246193: Possible NPE in ENC-PA-REP search in AS-REQ 
Reviewed-by: xuelei
 2020-05-31 10:13:04 +08:00
Xue-Lei Andrew Fan
17a298962c 8206925: Support the certificate_authorities extension 
Reviewed-by: mullan
 2020-05-27 09:46:40 -07:00
Hai-May Chao
ccd7d70586 8245665: Test WeakAlg.java should only make sure no warning for weak signature algorithms by keytool on root CA 
Reviewed-by: weijun
 2020-05-23 14:49:55 +08:00
Mikael Vidstedt
071bd521bc 8244224: Implementation of JEP 381: Remove the Solaris and SPARC Ports 
Reviewed-by: alanb, bchristi, dcubed, dfuchs, eosterlund, erikj, glaubitz, ihse, iignatyev, jjiang, kbarrett, ksrini, kvn, naoto, prr, rriggs, serb, sspitsyn, stefank, tschatzl, valeriep, weijun, weijun
 2020-05-20 17:33:37 -07:00
Sibabrata Sahoo
13cf783154 8209632: Develop new tests for EdDSA API 
New Tests for EdDSA

Reviewed-by: ascarpino
 2020-05-19 02:36:17 -07:00
Valerie Peng
080b3b83eb 8242151: Improve OID mapping and reuse among JDK security providers for aliases registration 
Use sun.security.util.KnownOIDs enum instead of hardcoding oid strings everywhere

Reviewed-by: weijun
 2020-05-19 04:05:03 +00:00
Hai-May Chao
a97932d8fc 8245151: jarsigner should not raise duplicate warnings on verification 
Reviewed-by: weijun
 2020-05-19 11:55:44 +08:00
Anthony Scarpino
fd28aad72d 8166597: Crypto support for the EdDSA Signature Algorithm 
Reviewed-by: weijun, mullan, wetmore
 2020-05-18 09:42:52 -07:00
Weijun Wang
e13c481c7f 8218482: sun/security/krb5/auto/ReplayCachePrecise.java failed - no KrbException thrown 
Reviewed-by: mullan
 2020-05-14 23:09:52 +08:00
Weijun Wang
cc47d0aa61 8244674: Third-party code version check 
Reviewed-by: mullan
 2020-05-12 15:15:40 +08:00
Hai-May Chao
76507eef63 8242060: Add revocation checking to jarsigner 
Reviewed-by: mullan, weijun
 2020-05-07 10:48:06 +08:00
Martin Balao
2883bccf48 8239385: KerberosTicket client name refers wrongly to sAMAccountName in AD 
Reviewed-by: weijun
 2020-03-28 19:41:10 -03:00
Stefan Karlsson
81597d9f8f 8244078: ProcessTools executeTestJvm and createJavaProcessBuilder have inconsistent handling of test.*.opts 
Reviewed-by: dholmes, cjplummer
 2020-05-04 21:20:39 +02:00
Sibabrata Sahoo
a8edd11d7a 8242335: Additional Tests for RSASSA-PSS 
New Tests for RSASSA-PSS

Reviewed-by: valeriep
 2020-05-04 23:07:04 -07:00
Rajan Halade
a777dcff82 8225069: Remove Comodo root certificate that is expiring in May 2020 
Reviewed-by: mullan
 2020-05-01 11:09:57 -07:00
Weijun Wang
07cb35a9f3 8244087: 2020-04-24 public suffix list update 
Reviewed-by: mullan
 2020-05-01 12:26:34 +08:00
Rajan Halade
eddab115d8 8225068: Remove DocuSign root certificate that is expiring in May 2020 
Reviewed-by: mullan
 2020-04-30 15:21:15 -07:00
Roger Riggs
bdf672659c 8243010: Test support: Customizable Hex Printer 
Reviewed-by: lancea, dfuchs, weijun
 2020-04-16 15:45:37 -04:00
John Jiang
5fc5cb9f25 8243549: sun/security/ssl/CipherSuite/NamedGroupsWithCipherSuite.java failed with Unsupported signature algorithm: DSA 
Reviewed-by: xuelei
 2020-04-25 05:17:26 +08:00
Sibabrata Sahoo
e5c84ff282 8242929: The values of jdk.tls.namedGroups should not be case-sensitive 
The values of jdk.tls.namedGroups should not be case-sensitive

Reviewed-by: xuelei
 2020-04-23 22:49:55 -07:00
Xue-Lei Andrew Fan
72446bb0dc 8242141: New System Properties to configure the TLS signature schemes 
Reviewed-by: ascarpino, jnimeh, mullan
 2020-04-22 10:51:16 -07:00
Weijun Wang
05d6a66330 8242811: AlgorithmId::getDefaultAlgorithmParameterSpec returns incompatible PSSParameterSpec for an RSASSA-PSS key 
Reviewed-by: valeriep, hchao
 2020-04-18 11:13:14 +08:00
Hai-May Chao
f04a7e5cb4 8172404: Tools should warn if weak algorithms are used before restricting them 
Reviewed-by: mullan, weijun
 2020-04-17 20:11:39 +08:00
Weijun Wang
dc6d76f518 8242260: Add forRemoval=true to already deprecated ContentSigner 
Reviewed-by: alanb, mullan, xuelei
 2020-04-16 13:47:09 +08:00
Valerie Peng
4c7d85b636 8242556: Cannot load RSASSA-PSS public key with non-null params from byte array 
Update AlgorithmId to use alg name before oid str when parsing DER bytes

Reviewed-by: mullan
 2020-04-14 22:12:13 +00:00
Prasadrao Koppula
aadc7c7ca8 8237474: Default SSLEngine should create in server role 
Reviewed-by: xuelei, coffeys
 2020-04-14 14:16:58 +00:00
Weijun Wang
d8539a51ef 8242184: CRL generation error with RSASSA-PSS 
Reviewed-by: xuelei
 2020-04-08 10:13:12 +08:00
Ravi Reddy
4b4633d976 8240988: Incorrect copyright header in CertificateValidation.java 
Reviewed-by: pkoppula, coffeys
 2020-03-31 14:07:23 +03:00
Anthony Scarpino
b0245c2b54 8237219: Disable native SunEC implementation by default 
Reviewed-by: weijun, mullan
 2020-03-25 12:41:14 -07:00
Xue-Lei Andrew Fan
d243e40f7b 8241039: Retire the deprecated SSLSession.getPeerCertificateChain() method 
Reviewed-by: mullan, alanb, dfuchs
 2020-03-20 09:15:00 -07:00
Hai-May Chao
0c9f8e472f 8186143: keytool -ext option doesn't accept wildcards for DNS subject alternative names 
Reviewed-by: jnimeh, weijun, mullan
 2020-03-18 09:23:57 +08:00
Alexey Bakhtin
14e37ba3df 8239798: SSLSocket closes socket both socket endpoints on a SocketTimeoutException 
Reviewed-by: xuelei
 2020-03-11 19:14:08 +03:00
Weijun Wang
80ca356e7e 8239928: ec/ECDSAJavaVerify.java failed due to timeout 
Reviewed-by: valeriep
 2020-03-11 10:33:33 +08:00
Rajan Halade
751de03704 8225130: Add exception for expiring Comodo roots to VerifyCACerts test 
Reviewed-by: weijun
 2020-03-01 23:04:02 -08:00
Amy Lu
67ba91ba52 8239979: sun/security/tools/keytool/ExtOptionCamelCase.java is not run 
Reviewed-by: rhalade
 2020-02-27 12:19:24 +08:00
Ravi Reddy
9b12c80e21 8238452: Keytool generates wrong expiration date if validity is set to 2050/01/01 
Reviewed-by: pkoppula, weijun, coffeys
 2020-02-26 18:06:19 +03:00
Weijun Wang
533649b8ca 8237218: Support NIST Curves verification in java implementation 
Reviewed-by: ascarpino
 2020-02-22 08:10:21 +08:00
Sean Mullan
fb37c54630 8238560: Cleanup and consolidate algorithms in the jdk.tls.legacyAlgorithms security property 
Reviewed-by: xuelei
 2020-02-20 16:36:38 -05:00
Jamil Nimeh
39db83a9cc 8239094: PKCS#9 ChallengePassword attribute does not allow for the UTF8String type 
Reviewed-by: xuelei
 2020-02-19 13:36:53 -08:00
Rajan Halade
11386e7cb2 8225128: Add exception for expiring DocuSign root to VerifyCACerts test 
Reviewed-by: clanger
 2020-02-18 16:00:40 -08:00
Xue-Lei Andrew Fan
4e430ffbb6 8239264: Clearup the legacy ObjectIdentifier constructor from int array 
Reviewed-by: jnimeh
 2020-02-17 18:52:50 -08:00
Weijun Wang
c4681a95dc 8160818: GssKrb5Client violates RFC 4752 
Reviewed-by: xuelei
 2020-02-15 09:26:32 +08:00
Valerie Peng
c103a1bb69 8238448: RSASSA-PSS signature verification fail when using certain odd key sizes 
Calculate and set offset for correct verification for such key sizes

Reviewed-by: xuelei
 2020-02-12 02:44:45 +00:00
Weijun Wang
06579fcefa 8237804: sun/security/mscapi tests fail with "Key pair not generated, alias <nnnnnn> already exists" 
Reviewed-by: mullan
 2020-02-05 11:09:02 +08:00
Mikael Vidstedt
3318314c7c 8237589: Fix copyright header formatting 
Reviewed-by: jjg, serb, iris, jwilhelm
 2020-01-21 14:23:01 -08:00
Masanori Yano
567465c62c 8216012: Infinite loop in RSA KeyPairGenerator 
Check and error out on even RSA public exponents

Reviewed-by: valeriep
 2020-01-17 01:05:27 +00:00
Igor Ignatyev
e2240b714e 8236111: narrow allowSmartActionArgs disabling 
Reviewed-by: dholmes, mullan, darcy, rriggs
 2020-01-15 21:20:40 -08:00
Jesper Wilhelmsson
51d5164ca2 Merge 2020-01-16 04:09:50 +01:00
Henry Jen
231d9afe6f Merge 2020-01-09 20:16:21 +00:00
Weijun Wang
e7a07ea2f3 8236470: Deal with ECDSA using ecdsa-with-SHA2 plus hash algorithm as AlgorithmId 
Reviewed-by: xuelei
 2019-12-25 07:17:25 +08:00
John Jiang
4deb35453f 8234727: sun/security/ssl/X509TrustManagerImpl tests support TLSv1.3 
Reviewed-by: xuelei
 2019-12-21 06:28:48 +08:00
Jesper Wilhelmsson
257a1bb854 Merge 2020-01-08 16:03:32 +01:00
Mikael Vidstedt
c33466012e Merge 2019-12-20 22:41:53 -08:00
Sibabrata Sahoo
58cce5fbf4 8234728: Some security tests should support TLSv1.3 
Tests were updated to support TLSv1.3 and cipher suite order

Reviewed-by: xuelei
 2019-12-13 01:43:14 -08:00
Sean Mullan
a0f8febb8b 8230318: Better trust store usage 
Reviewed-by: weijun, rhalade, ahgross
 2019-10-22 17:25:34 -04:00
Weijun Wang
f3815c85a1 8231139: Improved keystore support 
Reviewed-by: mullan, ahgross
 2019-10-09 17:42:38 +08:00
Weijun Wang
bda0fba56b 8229951: Better Ticket Granting Services 
Reviewed-by: ahgross, valeriep
 2019-09-26 18:12:53 +08:00
Sean Mullan
6cb8dfa9e3 8227758: More valid PKIX processing 
Reviewed-by: xuelei, rhalade, coffeys, mschoene
 2019-08-26 13:57:51 -04:00
Weijun Wang
010ac54044 8236070: Backout fix for JDK-8234465 
Reviewed-by: mullan
 2019-12-17 20:56:53 +08:00
Weijun Wang
31b07b21ae 8234465: Encoded elliptic curve private keys should include the public point 
Reviewed-by: xuelei
 2019-12-17 09:38:30 +08:00
Sibabrata Sahoo
94e8d6eca4 8234728: Some security tests should support TLSv1.3 
Tests were updated to support TLSv1.3 and cipher suite order

Reviewed-by: xuelei
 2019-12-12 22:47:24 -08:00
Martin Balao
4fa827ec92 8005819: Support cross-realm MSSFU 
Reviewed-by: weijun
 2019-12-11 15:43:42 -03:00
Weijun Wang
2215201dd5 8226352: Improve Kerberos interop capabilities 
Reviewed-by: ahgross, mullan, valeriep
 2019-07-19 14:51:04 +08:00
Rajan Halade
5fc46f3c50 8190492: Remove SSLv2Hello and SSLv3 from default enabled TLS protocols 
Reviewed-by: mullan, wetmore, xuelei
 2019-12-09 21:38:12 -08:00