stan/jdk-24
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
81,026 Commits 2 Branches 0 Tags 1.2 GiB
d752f19611
Commit Graph

659 Commits

Author SHA1 Message Date
Sibabrata Sahoo
94e8d6eca4 8234728: Some security tests should support TLSv1.3 
Tests were updated to support TLSv1.3 and cipher suite order

Reviewed-by: xuelei
 2019-12-12 22:47:24 -08:00
Martin Balao
4fa827ec92 8005819: Support cross-realm MSSFU 
Reviewed-by: weijun
 2019-12-11 15:43:42 -03:00
Weijun Wang
2215201dd5 8226352: Improve Kerberos interop capabilities 
Reviewed-by: ahgross, mullan, valeriep
 2019-07-19 14:51:04 +08:00
Rajan Halade
5fc46f3c50 8190492: Remove SSLv2Hello and SSLv3 from default enabled TLS protocols 
Reviewed-by: mullan, wetmore, xuelei
 2019-12-09 21:38:12 -08:00
Weijun Wang
bc19b64856 8234744: KeyStore.store can write wrong type of file 
Reviewed-by: mullan
 2019-12-03 14:38:18 +08:00
Rajan Halade
17c2f4808a 8233223: Add Amazon Root CA certificates 
Reviewed-by: mullan
 2019-11-28 10:43:35 -08:00
Sibabrata Sahoo
f97eccfdc9 8234725: sun/security/ssl/SSLContextImpl tests support TLSv1.3 
Missing TLSv1.3 test cases

Reviewed-by: xuelei
 2019-11-27 22:11:08 -08:00
Weijun Wang
8c6eb44946 8026393: jarsigner never shows a warning in badKeyUsage case 
Reviewed-by: mullan
 2019-11-22 09:33:03 +08:00
Weijun Wang
d5b423d17c 8234377: new BitArray(0).toString() throws ArrayIndexOutOfBoundsException 
Reviewed-by: mullan, wetmore
 2019-11-20 08:12:14 +08:00
Jie Fu
25d178f477 8234245: sun/security/lib/cacerts/VerifyCACerts.java fails due to wrong checksum 
Reviewed-by: mullan
 2019-11-15 19:38:31 +08:00
Rajan Halade
d1ebadb966 8232019: Add LuxTrust certificate updates to the existing root program 
Reviewed-by: mullan
 2019-11-14 19:49:55 -08:00
Weijun Wang
c0d097eac6 8214024: Remove the default keytool -keyalg value 
Reviewed-by: mullan
 2019-11-15 09:06:58 +08:00
Weijun Wang
a66829bc89 8231950: keytool -ext camel-case shorthand not working 
Reviewed-by: mullan
 2019-11-04 14:26:18 +08:00
Weijun Wang
055a49a266 8228969: 2019-09-28 public suffix list update 
Reviewed-by: mullan
 2019-10-29 09:34:21 +08:00
Weijun Wang
72330c70d7 8231598: keytool does not export sun.security.mscapi 
Reviewed-by: mullan
 2019-10-24 15:53:20 +08:00
Henry Jen
8d141f1048 Merge 2019-10-14 21:01:25 +00:00
Valerie Peng
381e90eb6b 8229243: SunPKCS11-Solaris provider tests failing on Solaris 11.4 
For CK_GCM_PARAMS, try the spec definition first before falling back to the header file definition

Reviewed-by: xuelei
 2019-10-08 00:01:20 +00:00
Matthias Baesken
09c012be4e 8231357: sun/security/pkcs11/Cipher/TestKATForGCM.java fails on SLES11 using mozilla-nss-3.14 
Reviewed-by: clanger, valeriep
 2019-09-26 13:51:43 +02:00
John Jiang
0a0956bcda 8180837: SunPKCS11-NSS tests failing with CKR_ATTRIBUTE_READ_ONLY and CKR_MECHANISM_PARAM_INVALID 
Reviewed-by: xuelei
 2019-09-21 08:06:00 +08:00
John Jiang
655cf14138 8228967: Trust/Key store and SSL context utilities for tests 
Reviewed-by: xuelei
 2019-09-05 14:55:21 +08:00
John Jiang
dfe4ba5045 8226221: Update PKCS11 tests to use NSS 3.46 libs 
Reviewed-by: xuelei
 2019-09-04 12:47:42 +08:00
Jamil Nimeh
d096e033d0 8225436: Stapled OCSPResponses should be added to PKIXRevocationChecker irrespective of revocationEnabled flag 
Reviewed-by: mullan
 2019-08-22 14:09:36 -07:00
Weijun Wang
b84ffae32f 8229775: Incorrect warning when jar was signed with -sectionsonly 
Reviewed-by: mullan
 2019-08-16 08:42:09 +08:00
Xue-Lei Andrew Fan
316140ff92 8226374: Restrict TLS signature schemes and named groups 
Reviewed-by: mullan
 2019-08-12 21:36:29 -07:00
Mikael Vidstedt
895db11053 Merge 2019-07-29 09:59:04 -07:00
John Jiang
804e840856 8228403: SignTwice.java failed with java.io.FileNotFoundException: File name too long 
Reviewed-by: mullan
 2019-07-27 10:02:35 +08:00
Sean Coffey
bb3d5aed04 8228645: Don't run sun/security/pkcs11/Cipher/TestKATForGCM.java on buggy NSS solaris versions 
Reviewed-by: valeriep
 2019-07-29 08:17:26 +00:00
Weijun Wang
78c7364c17 8228341: SignTwice.java fails intermittently on Windows 
Reviewed-by: mullan
 2019-07-24 10:09:30 +08:00
Weijun Wang
9c12b7f41d 8227595: keytool/fakegen/DefaultSignatureAlgorithm.java fails due to "exitValue = 6" 
Reviewed-by: mullan
 2019-07-24 10:09:22 +08:00
Mikael Vidstedt
f73a94a772 Merge 2019-07-23 11:17:59 -07:00
Xiaohong Gong
2c6a826899 8227615: [TESTBUG] JTReg "jdk/sun/security/util/FilePermCompat/CompatImpact.java" fails with graal 
Reviewed-by: kvn
 2019-07-17 10:11:05 +08:00
Valerie Peng
175faeeadf 8225745: NoSuchAlgorithmException exception for SHA256withECDSA with RSASSA-PSS support 
Fixed SignatureUtil and ECDSA signature impl to handle EC parameters

Reviewed-by: weijun
 2019-07-11 20:11:47 +00:00
Weijun Wang
32d0bae08d 8227059: sun/security/tools/keytool/DefaultSignatureAlgorithm.java timed out 
Reviewed-by: xuelei
 2019-07-10 09:43:35 +08:00
Philipp Kunz
b6d1b1e085 8217375: jarsigner breaks old signature with long lines in manifest 
Reviewed-by: jjiang, weijun
 2019-07-18 08:53:06 +08:00
Martin Balao
3cd50f2666 8227437: S4U2proxy cannot continue because server's TGT cannot be found 
Reviewed-by: weijun
 2019-07-17 12:26:56 -03:00
Anthony Scarpino
200254b479 8226338: Updates to Stateless Resumption 
Reviewed-by: xuelei, jnimeh
 2019-07-17 14:37:50 -07:00
Weijun Wang
c0fddce0f5 8227061: KDC.java test behaves incorrectly when AS-REQ contains a PAData not PA-ENC-TS-ENC 
Reviewed-by: mullan
 2019-07-04 07:25:11 +08:00
Valerie Peng
1e0c8e5b26 8226651: Setting the mgfHash in CK_RSA_PKCS_PSS_PARAMS has no effect 
Fixed to get the MGF digest algorithm from MGF1ParameterSpec

Reviewed-by: xuelei
 2019-06-28 19:36:32 +00:00
John Jiang
df6fbdb2af 8224650: Add tests to support X25519 and X448 in TLS 
Reviewed-by: xuelei
 2019-06-28 05:29:54 +08:00
Weijun Wang
a2b3db108a 8225257: sun/security/tools/keytool/PSS.java timed out 
Reviewed-by: valeriep
 2019-06-21 23:44:58 +08:00
Xue-Lei Andrew Fan
dbf62785ef 8225766: Curve in certificate should not affect signature scheme when using TLSv1.3 
Reviewed-by: ascarpino
 2019-06-19 21:49:33 -07:00
Weijun Wang
c12cf04011 8225392: Comparison builds are failing due to cacerts file 
Reviewed-by: erikj, martin, mullan
 2019-06-15 14:39:04 +08:00
Xue-Lei Andrew Fan
a4277e56c8 8224829: AsyncSSLSocketClose.java has timing issue 
Reviewed-by: jnimeh, dfuchs
 2019-06-14 12:19:14 -07:00
Weijun Wang
977870ccea 8225180: SignedObject with invalid Key not throwing the InvalidKeyException in Windows 
Reviewed-by: mullan
 2019-06-13 23:53:21 +08:00
Bradford Wetmore
118fd65d44 8171279: Support X25519 and X448 in TLS 
Reviewed-by: xuelei, mullan
 2019-06-12 18:58:00 -07:00
Anthony Scarpino
94e1d7530f 8211018: Session Resumption without Server-Side State 
Reviewed-by: xuelei, jnimeh, jjiang
 2019-06-11 16:31:37 -07:00
Valerie Peng
8813b93095 8080462: Update SunPKCS11 provider with PKCS11 v2.40 support 
Added support for GCM, PSS, and other mechanisms

Reviewed-by: jnimeh
 2019-06-11 21:30:28 +00:00
Philipp Kunz
6d3f5f851e 8221719: Jarsigner fails to verify signed by alias if alias given in wrong case 
Reviewed-by: weijun
 2019-06-10 20:38:15 +08:00
Martin Balao
5aae9ef0db 8215032: Support Kerberos cross-realm referrals (RFC 6806) 
Reviewed-by: weijun
 2019-06-05 01:42:11 -03:00
Alan Bateman
7e14aeb133 8221481: Reimplement the Legacy Socket API 
Reviewed-by: michaelm, chegar
 2019-05-30 07:19:19 +01:00
Arthur Eubanks
acad8d1d68 8224081: SOCKS v4 doesn't work with IPv6 
Reviewed-by: chegar, dfuchs, mullan, vtewari
 2019-05-16 15:58:15 -07:00
Martin Balao
ebf8e1c0ac 8223482: Unsupported ciphersuites may be offered by a TLS client 
Reviewed-by: xuelei
 2019-05-28 19:01:38 -03:00
Rajan Halade
05736da72d 8223499: Remove two DocuSign root certificates that are expiring 
Reviewed-by: mullan
 2019-05-16 12:36:08 -07:00
Rajan Halade
47a39418fa 8222136: Remove two Comodo root CA certificates that are expiring 
Reviewed-by: mullan
 2019-05-15 13:22:29 -07:00
Weijun Wang
0f56400907 8223063: Support CNG RSA keys 
Reviewed-by: mullan
 2019-05-14 08:47:13 +08:00
Christoph Langer
2e3a2d3c83 8223555: Cleanups in cacerts tests 
Reviewed-by: xuelei
 2019-05-10 06:31:09 +01:00
Sean Mullan
10e5d0b854 8191808: Configurable read timeout for CRLs 
Reviewed-by: xuelei, coffeys
 2019-05-09 13:49:08 -04:00
Weijun Wang
2bf347445c 8222987: sun/security/tools/keytool/PSS.java times out on Solaris-SPARC 
Reviewed-by: mullan, xuelei
 2019-05-09 08:49:31 +08:00
John Jiang
34e49a24c0 8204203: Many pkcs11 tests failed in Provider initialization, after compiler on Windows changed 
Build NSS 3.41 with VS2017 and also upgrade to this NSS for macosx

Reviewed-by: valeriep
 2019-05-03 15:57:41 +08:00
Rajan Halade
aba919ab50 8222137: Remove T-Systems root CA certificate 
Reviewed-by: mullan
 2019-04-30 12:53:32 -07:00
Rajan Halade
f08d8b7384 8216577: Add GlobalSign's R6 Root certificate 
Reviewed-by: mullan, clanger
 2019-04-30 11:04:26 -07:00
Martin Balao
11bb97a71c 8222805: sun/security/pkcs11/tls/tls12/TestTLS12.java fails with Unsupported signature algorithm: rsa_pss_rsae_sha256 
Reviewed-by: mullan, xuelei
 2019-04-24 16:25:41 -03:00
Martin Balao
a8a29bbae6 8221271: sun/security/pkcs11/tls/tls12/TestTLS12.java test failed 
Reviewed-by: xuelei
 2019-04-19 10:59:09 -03:00
Weijun Wang
6f032ffbb5 8222275: sun/security/tools/keytool/Serial64.java: assertTrue: expected true, was false 
Reviewed-by: xuelei
 2019-04-14 10:22:56 +08:00
Weijun Wang
15aae2f622 8180573: Refactor sun/security/tools shell tests to plain java tests 
Reviewed-by: rhalade, valeriep
 2019-04-12 13:35:23 +08:00
Valerie Peng
3b6b6b3cb3 8216039: TLS with BC and RSASSA-PSS breaks ECDHServerKeyExchange 
Add internal Signature init methods to select provider based on both key and parameter

Reviewed-by: xuelei
 2019-04-10 02:35:18 +00:00
Sean Mullan
ae463150c0 8222133: Add temporary exceptions for root certs that are due to expire soon 
Reviewed-by: xuelei
 2019-04-08 13:33:28 -04:00
Sean Mullan
1e6d8fbb1d 8222089: [TESTBUG] sun/security/lib/cacerts/VerifyCACerts.java fails due to cert within 90-day expiry window 
Reviewed-by: xuelei
 2019-04-08 12:19:51 -04:00
Weijun Wang
ae32136711 8221801: Update src/java.base/share/legal/public_suffix.md 
Reviewed-by: xuelei
 2019-04-02 11:05:08 +08:00
Xue-Lei Andrew Fan
2eb8492163 8168261: Use server cipher suites preference by default 
Reviewed-by: mullan
 2019-04-01 16:50:17 -07:00
Weijun Wang
61485b75a9 8221257: Improve serial number generation mechanism for keytool -gencert 
Reviewed-by: xuelei, mullan
 2019-03-30 16:32:23 +08:00
Valerie Peng
e90036145a 8220016: Clean up redundant RSA services in the SunJSSE provider 
Removed duplicated RSA signature/KF/KPG support in SunJSSE

Reviewed-by: xuelei
 2019-03-29 00:39:49 +00:00
Weijun Wang
9eb755e85e 8209901: Canonical file handling 
Reviewed-by: mullan, alanb, ahgross
 2019-04-22 13:01:57 +08:00
Adam Petcher
04a50576cf 8221172: SunEC specific test is not limited to SunEC 
Fixing a minor test bug in the SignatureDigestTruncate regression test

Reviewed-by: mullan
 2019-03-21 13:10:37 -04:00
Martin Balao
0814229ebc 8220753: Re-introduce the test case for TLS 1.2 algorithms in SunPKCS11 crypto provider 
Reviewed-by: xuelei
 2019-03-21 01:51:25 -03:00
Adam Petcher
95b189916f 8147502: Digest is incorrectly truncated for ECDSA signatures when the bit length of n is less than the field size 
Truncate the digest according to the group order, not the field size

Reviewed-by: jnimeh
 2019-03-19 15:18:35 -04:00
John Jiang
3c34b7a261 8220410: sun/security/tools/jarsigner/warnings/NoTimestampTest.java failed with missing expected output 
Using the same timezone for jar verifying and date formatting

Reviewed-by: weijun
 2019-03-19 10:36:24 +08:00
Xue-Lei Andrew Fan
25f0d60a58 8215430: Remove the internal package com.sun.net.ssl 
Reviewed-by: chegar, mullan, wetmore
 2019-03-01 08:35:14 -08:00
Xue-Lei Andrew Fan
e6f6863cbc 8168069: X509TrustManagerImpl causes ClassLoader leaks with unparseable extensions 
Reviewed-by: mullan
 2019-02-20 18:46:30 -08:00
Xue-Lei Andrew Fan
fca0af0487 8217835: Remove the experimental SunJSSE FIPS compliant mode 
Reviewed-by: mullan
 2019-02-12 13:36:15 -08:00
Weijun Wang
8b83b515b1 8180569: Refactor sun/security/krb5/ shell tests to plain java tests 
Reviewed-by: mullan
 2019-02-11 11:01:00 +08:00
Jesper Wilhelmsson
bc920bd00d Merge 2019-01-22 19:56:19 +01:00
Sean Mullan
c9bea6a8ea 8216280: Allow later Symantec Policy distrust date for two Apple SubCAs 
Reviewed-by: coffeys
 2019-01-22 09:27:19 -05:00
Weijun Wang
1d014da14b 8215694: keytool cannot generate RSASSA-PSS certificates 
Reviewed-by: xuelei
 2019-01-16 11:25:55 +08:00
Weijun Wang
033465d815 8215776: Keytool importkeystore may mix up certificate chain entries when DNs conflict 
Reviewed-by: xuelei
 2019-01-22 21:18:45 +08:00
Weijun Wang
54815061a1 8215937: Check usages of security-related Resources files 
Reviewed-by: mullan
 2019-01-19 09:20:47 +08:00
Jesper Wilhelmsson
cda0d67617 Merge 2019-01-16 20:53:09 +01:00
Weijun Wang
af43646ba3 8215922: jar spec is not precise when describing jar file re-signing 
Reviewed-by: lancea, mullan
 2019-01-15 11:21:00 +08:00
Goetz Lindenmaier
084f0b75bd 8216265: [testbug] Introduce Platform.sharedLibraryPathVariableName() and adapt all tests 
Also cleanup some switches over OSes and use File.pathSeparator.

Reviewed-by: dholmes, mdoerr
 2019-01-14 00:00:00 +01:00
Valerie Peng
cfcd43da04 8214096: sun.security.util.SignatureUtil passes null parameter, so JCE validation fails 
Changed SignatureUtil.specialSetParameter to ignore null signature parameters

Reviewed-by: mullan, weijun
 2018-12-19 02:27:44 +00:00
Xue-Lei Andrew Fan
ad47b4c4cc 8209333: Socket reset issue for TLS 1.3 socket close 
Reviewed-by: jnimeh
 2018-12-18 15:18:44 -08:00
Xue-Lei Andrew Fan
3933c8477b 8214339: SSLSocketImpl erroneously wraps SocketException 
Reviewed-by: ascarpino, jnimeh
 2018-12-14 19:39:39 -08:00
Weijun Wang
4769c9fbad 8215769: Java cannot probe pkcs12 files exported by Firefox 
Reviewed-by: mullan
 2018-12-22 10:38:45 +08:00
Weijun Wang
dcb88767a7 8213009: Refactoring existing SunMSCAPI classes 
Reviewed-by: valeriep
 2018-12-13 17:28:19 +08:00
John Jiang
017c702b8a 8214937: sun/security/tools/jarsigner/warnings/NoTimestampTest.java failed due to unexpected expiration date 
Reviewed-by: xuelei
 2018-12-13 12:34:35 +08:00
Weijun Wang
9136c7d1d0 8076190: Customizing the generation of a PKCS12 keystore 
Reviewed-by: mullan
 2018-12-13 11:16:33 +08:00
John Jiang
f47bd19cbc 8214520: [TEST_BUG] sun/security/mscapi/nonUniqueAliases/NonUniqueAliases.java failed with incorrect jtreg tags order 
Reviewed-by: xuelei
 2018-12-13 08:23:56 +08:00
Sean Mullan
dfd58a59ff 8207258: Distrust TLS server certificates anchored by Symantec Root CAs 
Reviewed-by: weijun
 2018-12-11 13:22:20 -05:00
Adam Petcher
7305281552 8208648: ECC Field Arithmetic Enhancements 
Interal library enhancements to support ECC implementatation

Reviewed-by: jnimeh
 2018-12-11 09:36:49 -05:00
John Jiang
3525e4e27f 8214459: NSS source should be removed 
Remove test/jdk/sun/security/pkcs11/nss/src

Reviewed-by: valeriep
 2018-12-06 10:05:29 +08:00
Sean Coffey
441d285620 8213952: Relax DNSName restriction as per RFC 1123 
Reviewed-by: weijun, mullan, chegar
 2018-12-05 17:33:01 +00:00
Weijun Wang
8036ce51b2 8214513: A PKCS12 keystore from Java 8 using custom PBE parameters cannot be read in Java 11 
Reviewed-by: mullan
 2018-12-05 08:48:49 +08:00
Weijun Wang
3254283f79 8210476: sun/security/mscapi/PrngSlow.java fails with Still too slow 
Reviewed-by: xuelei, igerasim, rriggs
 2018-12-03 23:58:15 +08:00
Weijun Wang
320616a865 8214179: Add groupname info into keytool -list and -genkeypair output 
Reviewed-by: mullan
 2018-12-01 21:58:05 +08:00
Xue-Lei Andrew Fan
388e1ebbba 8210985: Update the default SSL session cache size to 20480 
Reviewed-by: jnimeh, mullan
 2018-11-29 08:43:12 -08:00
Weijun Wang
b1c4b461f1 8214100: use of keystore probing results in unnecessary exception thrown 
Reviewed-by: mullan
 2018-11-27 08:51:20 +08:00
Weijun Wang
c20332c412 8212003: Deprecating the default keytool -keyalg option 
Reviewed-by: mullan, xuelei
 2018-11-17 18:11:23 +08:00
Adam Petcher
12d64aaeba 8213363: X25519 private key PKCS#8 encoding/decoding is incorrect 
Fixed private key format to match spec in RFC 8410

Reviewed-by: mullan
 2018-11-15 13:22:29 -05:00
Jamil Nimeh
acd81b508e 8212885: TLS 1.3 resumed session does not retain peer certificate chain 
Reviewed-by: xuelei, wetmore
 2018-11-13 18:22:52 -08:00
Weijun Wang
65dc116bf6 8213400: Support choosing group name in keytool keypair generation 
Reviewed-by: apetcher, xuelei
 2018-11-14 08:46:25 +08:00
Xue-Lei Andrew Fan
1b20a6781f 8213694: Test Timeout.java should run in othervm mode 
Reviewed-by: jnimeh
 2018-11-09 10:15:43 -08:00
Martin Balao
7724fd6d9b 8213154: Update copyright headers of files in src tree that are missing Classpath exception 
Reviewed-by: andrew
 2018-11-08 18:10:15 -03:00
Valerie Peng
c8c41d1444 8211049: Second parameter of "initialize" method is not used 
Use the specified random object instead of system default

Reviewed-by: weijun
 2018-11-07 01:04:26 +00:00
Anthony Scarpino
f7fc720c9c 8211339: NPE during SSL handshake caused by HostnameChecker 
Reviewed-by: xuelei
 2018-11-06 10:10:18 -08:00
Weijun Wang
ae77ef7d7a 8213007: Update the link in test/jdk/sun/security/provider/SecureRandom/DrbgCavp.java 
Reviewed-by: mullan
 2018-10-26 22:58:04 +08:00
Sean Mullan
7727e4ca2f 8211883: Disable anon and NULL cipher suites 
Reviewed-by: jnimeh
 2018-10-25 13:55:28 -04:00
Sean Mullan
a675a48940 8195793: Remove GTE CyberTrust Global Root 
Reviewed-by: rhalade
 2018-10-19 09:31:57 -04:00
John Jiang
f507e3c9d1 8211971: Move security/cacerts/VerifyCACerts.java and security/CheckBlacklistedCerts.java 
Move lib/security tests to sun/security/lib

Reviewed-by: weijun
 2018-10-16 10:16:04 +08:00
Weijun Wang
9452b88d93 8210821: Support dns_canonicalize_hostname in krb5.conf 
Reviewed-by: valeriep
 2018-10-02 16:02:35 +08:00
John Jiang
afe05800ac 8209546: Make sun/security/tools/keytool/autotest.sh to support macosx 
Refactor autotest.sh to java test and remove standard.sh

Reviewed-by: weijun
 2018-09-28 15:42:20 +08:00
Igor Ignatyev
82ed2a5fc0 8210894: remove jdk/testlibrary/Asserts 
Reviewed-by: serb
 2018-09-21 14:50:06 -07:00
Martin Balao
aafb2b0474 8029661: Support TLS v1.2 algorithm in SunPKCS11 provider 
TLS v1.2 algorithms for key and MAC derivation added to SunPKCS11 crypto provider.

Reviewed-by: valeriep
 2018-09-12 13:09:51 +02:00
Anthony Scarpino
b27f471bdd 8209031: SSLSocket should throw an exception when configuring DTLS 
Reviewed-by: xuelei
 2018-09-17 14:04:46 -07:00
Igor Ignatyev
8b28ad6efe 8210732: remove jdk.testlibrary.Utils 
Reviewed-by: alanb, jcbeyler
 2018-09-14 14:02:57 -07:00
Igor Ignatyev
2702b5c299 8182404: remove jdk.testlibrary.JDKToolFinder and JDKToolLauncher 
Reviewed-by: amenkov, jcbeyler, alanb
 2018-09-10 14:23:37 -07:00
Igor Ignatyev
21a0458422 8210112: remove jdk.testlibrary.ProcessTools 
Reviewed-by: alanb, sspitsyn, jcbeyler
 2018-09-07 14:01:52 -07:00
John Jiang
1f3d71b620 8209362: sun/security/ssl/SSLSocketImpl/ReuseAddr.java failed due to "BindException: Address already in use (Bind failed)" 
Refactor this test with SSLSocketTemplate

Reviewed-by: xuelei
 2018-08-31 10:32:47 +08:00
Jesper Wilhelmsson
d40735db17 Merge 2018-08-29 19:48:28 +02:00
Ivan Gerasimov
852e131c61 6474858: CardChannel.transmit(CommandAPDU) throws unexpected ArrayIndexOutOfBoundsException 
Reviewed-by: valeriep
 2018-08-24 18:56:41 -07:00
Bradford Wetmore
5b511a4a78 8207317: SSLEngine negotiation fail exception behavior changed from fail-fast to fail-lazy 
Reviewed-by: xuelei
 2018-08-21 11:30:48 -07:00
John Jiang
eae535f70e 8209537: Two security tests failed after JDK-8164639 due to dependency was missed 
Skip sun/security/tools/keytool/autotest.sh on macosx and add /test/lib to sun/security/ec/TestEC.java

Reviewed-by: rhalade
 2018-08-16 02:00:31 +08:00
John Jiang
c70c37db8a 8164639: Configure PKCS11 tests to use user-supplied NSS libraries 
Provide system property "test.nss.lib.paths" for specifying a set of absolute paths to the custom NSS lib directories

Reviewed-by: weijun, rhalade
 2018-08-15 18:41:18 +08:00
Xue-Lei Andrew Fan
66e8f27bd8 8207009: TLS 1.3 half-close and synchronization issues 
Reviewed-by: jnimeh, mullan, wetmore
 2018-08-14 16:47:56 -07:00
Yang Zhang
286115581e 8209011: [TESTBUG] AArch64: sun/security/pkcs11/Secmod/TestNssDbSqlite.java fails in aarch64 platforms 
Add the path of libnss3.so for aarch64 platform.

Reviewed-by: weijun
 2018-08-08 13:45:41 +08:00
John Jiang
126394f271 8206258: [Test Error] sun/security/pkcs11 tests fail if NSS libs not found 
Improve the logics on skipping test

Reviewed-by: valeriep
 2018-07-26 08:46:27 +08:00
Goetz Lindenmaier
9dcc8b4a96 8207766: [testbug] Adapt tests for Aix 
Reviewed-by: clanger, mbaesken
 2018-07-20 09:33:49 +02:00
Weijun Wang
67a1517a4d 8209829: SpnegoUnknownMech.java does not contain the SpnegoUnknownMech class 
Reviewed-by: dholmes
 2018-08-22 15:10:40 +08:00
Weijun Wang
dcb930f123 8186186: GSSContext.isEstablished() can return true on error state 
Reviewed-by: weijun
 2018-08-21 20:19:46 -07:00
Jamil Nimeh
8eb45613db 8208350: Disable all DES cipher suites 
Reviewed-by: xuelei, mullan
 2018-08-20 15:37:47 -07:00
Mikael Vidstedt
95db6924f2 Merge 2018-08-20 14:19:30 -07:00
Xue-Lei Andrew Fan
611c53c860 8207009: TLS 1.3 half-close and synchronization issues 
Reviewed-by: jnimeh, mullan, wetmore
 2018-08-14 18:16:47 -07:00
Mikael Vidstedt
83a51d869e Merge 2018-08-09 10:08:07 -07:00
Weijun Wang
b9bfd45c73 8208602: Cannot read PEM X.509 cert if there is whitespace after the header or footer 
Reviewed-by: xuelei
 2018-08-01 13:35:08 +08:00
Phil Race
1387c87093 Merge 2018-07-26 10:00:40 -07:00
Phil Race
28e828130d Merge 2018-07-19 10:17:22 -07:00
Jesper Wilhelmsson
4fc510cc89 Merge 2018-07-14 02:14:54 +02:00
Adam Petcher
b2f4d61fb9 8206915: XDH TCK issues 
Fixing a couple of conformance issues in XDH

Reviewed-by: mullan
 2018-07-13 10:42:30 -04:00
John Jiang
5074bbb767 8206443: Update security libs manual test to cope with removal of javac -source/-target 6 
Change compile -source/-target from 1.6 to 1.7

Reviewed-by: xuelei
 2018-07-14 07:31:26 +08:00
Dan Zhou
9519826624 8194152: sun/security/tools/jarsigner/AltProvider.java failed on de-DE locale 
Reviewed-by: naoto
 2018-06-25 20:08:05 -07:00
Dan Zhou
90329292ce 8196213: sun/security/tools/jarsigner/warnings/NoTimestampTest.java test fails on ar_SA locale 
Reviewed-by: naoto
 2018-06-25 20:03:46 -07:00
Weijun Wang
230268522b 8202299: Java Keystore fails to load PKCS12/PFX certificates created in WindowsServer2016 
Reviewed-by: mullan, xuelei
 2018-06-26 10:43:50 +08:00
Weijun Wang
3ad65642c8 8202608: CommonSeeder test needs a white-box testing mechanism to replace the default entropy source 
Reviewed-by: xuelei
 2018-06-26 10:43:43 +08:00
Martin Balao
b44c24d290 8195607: sun/security/pkcs11/Secmod/TestNssDbSqlite.java failed with "NSS initialization failed" on NSS 3.34.1 
Reviewed-by: valeriep, weijun
 2018-06-26 08:10:45 +08:00
Xue-Lei Andrew Fan
87c6761704 8196584: TLS 1.3 Implementation 
Co-authored-by: Adam Petcher <adam.petcher@oracle.com>
Co-authored-by: Amanda Jiang <amanda.jiang@oracle.com>
Co-authored-by: Anthony Scarpino <anthony.scarpino@oracle.com>
Co-authored-by: Bradford Wetmore <bradford.wetmore@oracle.com>
Co-authored-by: Jamil Nimeh <jamil.j.nimeh@oracle.com>
Co-authored-by: John Jiang <sha.jiang@oracle.com>
Co-authored-by: Rajan Halade <rajan.halade@oracle.com>
Co-authored-by: Sibabrata Sahoo <sibabrata.sahoo@oracle.com>
Co-authored-by: Valerie Peng <valerie.peng@oracle.com>
Co-authored-by: Weijun Wang <weijun.wang@oracle.com>
Reviewed-by: ascarpino, coffeys, dfuchs, jjiang, jnimeh, mullan, rhalade, ssahoo, valeriep, weijun, wetmore, xuelei
 2018-06-25 13:41:39 -07:00
Prasadrao Koppula
b3e5409c1d 8187218: GSSCredential.getRemainingLifetime() returns negative value for TTL > 24 days 
Co-authored-by: Weijun Wang <weijun.wang@oracle.com>
Reviewed-by: mullan
 2018-03-20 11:16:10 +05:30
Tobias Wagner
5d58391226 7007966: Add Brainpool ECC support (RFC 5639) 
Enhance SunEC provider with the support of brainpool256/320/384/512r1 curves

Reviewed-by: valeriep
 2018-06-22 23:10:36 +00:00
Weijun Wang
578576f523 8205445: Add RSASSA-PSS Signature support to SunMSCAPI 
Reviewed-by: xuelei
 2018-06-22 21:42:00 +08:00
Jan Lahoda
78b7362c97 8193302: Javac AssertionError: typeSig ERROR on usage of @Generated 
Importing from an invisible package whose name is a prefix of a visible package is not allowed.

Reviewed-by: vromero
 2018-06-13 12:52:21 +02:00
Valerie Peng
9e8d9fe1ee 8146293: Add support for RSASSA-PSS Signature algorithm 
Add RSASSA-PSS key and signature support to SunRsaSign provider

Reviewed-by: wetmore
 2018-05-21 23:40:52 +00:00
Weijun Wang
48b5731c39 8201627: Kerberos sequence number issues 
Reviewed-by: valeriep
 2018-05-19 22:06:47 +08:00
Weijun Wang
b8855ebbc2 8201867: Kerberos keytabs with holes in certain places are parsed incorrectly 
Reviewed-by: valeriep
 2018-05-18 16:27:15 +08:00
Weijun Wang
8b1470f8e7 8202816: Update JarSigning.keystore 
Reviewed-by: xuelei
 2018-05-09 09:50:25 +08:00
Adam Petcher
f5a247a85f 8171277: Elliptic Curves for Security in Crypto 
Implementations of X25519 and X448 key agreement in SunEC

Reviewed-by: mullan
 2018-05-08 09:47:28 -04:00
Adam Petcher
f15ab37909 8181594: Efficient and constant-time modular arithmetic 
Field arithmetic library for crypto algorithms like Poly1305 and X25519

Reviewed-by: xuelei
 2018-05-08 09:21:51 -04:00
Bhanu Prakash Gopularam
7904b56345 8200101: sun/security/krb5/auto/Renewal.java fails intermittently 
Reviewed-by: weijun
 2018-04-25 12:44:50 +05:30
Bhanu Prakash Gopularam
a3ed7dd7d6 8144806: sun/security/tools/keytool/standard.sh fails intermittently at deleting x.jks 
Reviewed-by: weijun
 2018-04-25 12:29:48 +05:30
Weijun Wang
bde972d645 8202837: PBES2 AlgorithmId encoding error in PKCS12 KeyStore 
Reviewed-by: xuelei
 2018-07-19 00:14:40 +08:00
Weijun Wang
a825fe0a2d 8207250: setUseClientMode post handshake with the same value as before does not throw IAE 
Reviewed-by: xuelei
 2018-07-19 00:14:29 +08:00
Adam Petcher
108461949f 8206929: Check session context for TLS 1.3 session resumption 
Additional checks to prevent TLS 1.3 sessions from being resumed when they shouldn't

Reviewed-by: xuelei
 2018-07-17 13:04:40 -04:00
Weijun Wang
0b6fbf50d2 8200468: Port the native GSS-API bridge to Windows 
Reviewed-by: ihse, valeriep
 2018-04-13 15:29:33 +08:00
Weijun Wang
370977cf4f 8200152: KerberosString should use UTF-8 by default 
Reviewed-by: xuelei
 2018-04-10 11:02:09 +08:00
Weijun Wang
d9c5e142c0 8180570: Refactor sun/security/mscapi shell tests to plain java tests 
Reviewed-by: asmotrak
 2018-04-08 17:01:20 +08:00
Weijun Wang
05b129ec25 8186228: sun/security/krb5/auto/KdcPolicy.java fails with "java.lang.Exception: Does not match. Output is c30000c30000c30000" 
Reviewed-by: mullan
 2018-03-22 08:09:51 +08:00
Sean Coffey
5b02a98b21 8199018: Test crypto provider not registering 
Reviewed-by: wetmore
 2018-03-06 10:31:14 +00:00
Philipp Kunz
5db337db24 6372077: JarFile.getManifest() should handle manifest attribute name 70 bytes 
Reviewed-by: alanb, sherman
 2018-03-01 15:50:26 -05:00
Sean Coffey
14c85c2934 8193892: Impact of noncloneable MessageDigest implementation 
Reviewed-by: wetmore, valeriep, xuelei
 2018-02-28 18:28:17 +00:00
Weijun Wang
06a9e1a72f 8191438: jarsigner should print when a timestamp will expire 
Reviewed-by: mullan
 2018-02-14 16:58:49 +08:00
Lance Andersen
987c3a2d87 8190378: Removal of CORBA and Java EE modules 
Reviewed-by: rriggs, alanb, mchung, erikj, goetz
 2018-02-10 07:06:16 -05:00
Adam Petcher
8dcabfdf5f 8196215: sun/security/util/Resources/customSysClassLoader/MessageFormatting.java failed on ar_SA locale 
Fixing a minor bug in a test related to policy parser message formatting

Reviewed-by: mullan, xuelei
 2018-02-08 10:06:57 -05:00
Weijun Wang
48aad3bd2f 8196823: jarsigner should not create a signed jar if the signing fails 
Reviewed-by: mullan, alanb
 2018-02-08 11:44:21 +08:00
Adam Petcher
683817de43 8194251: Deadlock between UsageTracker and System.getProperty() when using a malformed security policy 
Disable localization of error messages produced during policy file parsing

Reviewed-by: mchung, mullan
 2018-02-07 09:06:43 -05:00
Joe Darcy
0b40438ae8 8194070: Update various tests to pass under JDK 11 
Reviewed-by: alanb, sherman, psandoz
 2018-01-31 11:25:34 -08:00
Weijun Wang
15ac25be9d 8177398: Exclude dot files ending with .conf from krb5.conf's includedir 
Reviewed-by: mullan
 2018-01-26 09:37:10 +08:00
Sibabrata Sahoo
4567ed7c3e 8194486: Several krb5 tests failed in Mac 
Several tests failed due to improper host service

Reviewed-by: weijun
 2018-01-25 05:57:22 -08:00
John Jiang
7e5577a6c1 8186098: sun/security/pkcs11/KeyStore/SecretKeysBasic.sh failed due to libnss3 version cannot be parsed 
Improves the approach on parsing lib version

Reviewed-by: weijun, xuelei
 2018-01-24 23:01:57 -08:00
Weijun Wang
724d1916fe 8014628: Support AES Encryption with HMAC-SHA2 for Kerberos 5 
Reviewed-by: mullan
 2018-01-22 12:00:41 +08:00
Lana Steuck
8f528fba93 Merge 2018-01-18 18:58:46 +00:00
Goetz Lindenmaier
0480f69dd5 8194869: [TESTBUG][aix, s390] Adapt tests to platforms 
Reviewed-by: mbaesken, simonis, dholmes, serb
 2018-01-18 10:26:39 +01:00
John Jiang
94ecb77665 8194864: Outputs more details for PKCS11 tests if the NSS lib version cannot be determined 
It outputs the lib content if the lib version cannot be parsed

Reviewed-by: xuelei
 2018-01-17 18:34:50 -08:00
John Jiang
8918acdc7a 8189760: sun/security/ssl/CertPathRestrictions/TLSRestrictions.java failed with unexpected Exception intermittently 
Adds synchronization to make sure the server exception is available

Reviewed-by: xuelei
 2018-01-04 19:58:45 -08:00
Weijun Wang
b01627c0e4 8192988: keytool should support -storepasswd for pkcs12 keystores 
Reviewed-by: mullan
 2017-12-14 20:19:34 +08:00
Martin Balao
f1212e26c3 8165996: PKCS11 using NSS throws an error regarding secmod.db when NSS uses sqlite 
Reviewed-by: weijun
 2017-12-13 01:29:58 +08:00
Xue-Lei Andrew Fan
82bf0799c6 8148421: Transport Layer Security (TLS) Session Hash and Extended Master Secret Extension 
Co-authored-by: Martin Balao <mbalao@redhat.com>
Reviewed-by: jnimeh, ahgross, rhalade, wetmore
 2017-12-08 16:41:30 +00:00
Roger Riggs
f29e21abb1 8080225: FileInput/OutputStream/FileChannel cleanup should be improved 
Reviewed-by: mchung, plevart, bpb
 2017-12-01 16:40:08 -05:00
Weijun Wang
67205081ec 8192987: keytool should remember real storetype if it is not provided 
Reviewed-by: mullan
 2017-12-08 09:40:14 +08:00
Weijun Wang
c4bab8bce7 8190674: sun/security/tools/jarsigner/TimestampCheck.java failed with java.nio.file.NoSuchFileException: ts2.cert 
Reviewed-by: mullan
 2017-12-05 17:19:48 +08:00
Rob McKenna
e8ff1270bc 8189646: sun/security/ssl/SSLSocketImpl/SSLSocketCloseHang.java failed with "java.net.SocketTimeoutException: Read timed out" 
Reviewed-by: coffeys
 2017-11-21 21:01:23 +00:00
Xue-Lei Andrew Fan
b657cda289 8163237: Restrict the use of EXPORT cipher suites 
Reviewed-by: mullan, igerasim, rhalade, jnimeh
 2017-10-31 00:54:53 +00:00
Weijun Wang
69db146335 8180289: jarsigner treats timestamped signed jar invalid after the signer cert expires 
Reviewed-by: mullan
 2017-10-27 21:11:15 +08:00
Adam Petcher
91a1005273 8185292: Stricter key generation 
Reviewed-by: mullan
 2017-10-24 09:58:27 -04:00
Valerie Peng
b3f1165f7d 8181048: Refactor existing providers to refer to the same constants for default values for key length 
Reviewed-by: mullan, ahgross
 2017-07-13 20:41:59 +00:00
Weijun Wang
7cf3c0ff14 8182879: Add warnings to keytool when using JKS and JCEKS 
Reviewed-by: vinnie, ahgross, mullan
 2017-07-12 10:55:40 +08:00
Ivan Gerasimov
9c1b0103b3 8186654: Poor quality of sun.security.util.Cache.EqualByteArray.hashCode() 
Reviewed-by: coffeys
 2017-10-04 01:08:36 -07:00
Philipp Kunz
2ae9614d34 6695402: Jarsigner with multi-byte characters in class names 
Reviewed-by: weijun
 2017-09-27 14:02:15 +08:00
Rob McKenna
1fc8d0cfd9 8184328: JDK 8u131 socketRead0 hang at SSL read 
Reviewed-by: xuelei, chegar, coffeys
 2017-09-26 19:19:09 +01:00
Weijun Wang
1e6e9203c4 8186884: Test native KDC, Java krb5 lib, and native krb5 lib in one test 
Reviewed-by: asmotrak
 2017-09-21 16:29:54 +08:00
Weijun Wang
fe19274488 8186831: Kerberos ignores PA-DATA with a non-null s2kparams 
Reviewed-by: xuelei
 2017-09-21 16:29:45 +08:00
Weijun Wang
2bb3b82709 8148371: Remove policytool 
Reviewed-by: erikj, alanb, mullan
 2017-09-21 16:29:18 +08:00
Erik Joelsson
3789983e89 8187443: Forest Consolidation: Move files to unified layout 
Reviewed-by: darcy, ihse
 2017-09-12 19:03:39 +02:00