RFR[10] 8186057: TLS interoperability testing between different Java versions (original) (raw)

Artem Smotrakov artem.smotrakov at oracle.com
Thu Sep 7 08:28:48 UTC 2017

• Previous message (by thread): RFR[10] 8186057: TLS interoperability testing between different Java versions
• Next message (by thread): RFR[10] 8186057: TLS interoperability testing between different Java versions
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

In case of SNI, SSLParemeters.setServerNames() method (and others related to SNI) was introduced in 8. I don't think the code which use this method can be compiled with 6 and 7.

But if you want to test SNI with 8+, you need to call them.

https://docs.oracle.com/javase/8/docs/api/javax/net/ssl/SSLParameters.html#setServerNames-java.util.List-

Artem

On 09/07/2017 11:24 AM, sha.jiang at oracle.com wrote:

Hi Artem,

On 07/09/2017 16:07, Artem Smotrakov wrote:

- Please use try-with-resources if possible (files, sockets, etc) The test uses only JDK 6-supported language features, but try-with-resources is introduced by JDK 7. Here we come to another issue. I believe that it would be good to use write clients for all JDK versions. If you use the same code for all Java versions, that means that you use only JDK 6 API. Let's consider the following: - we want to test 8 vs 9 - 8 and 9 may have some API (or just functionality) which is not supported by 6 (for example, ALPN, SNI) If you write code which is compatible with 6, then you can use API from newer versions, but we still may want to test it. In fact, the current test has already covered ALPN, though only JDK 9 and 10 support the associated methods, like SSLParameters.getApplicationProtocols(). ALPN-associated case combinations are ignored if a JDK doesn't support this feature. Exactly, JdkUtils checks if a specific JDK build contains method SSLParameters.getApplicationProtocols(). I think the same approach could be applied for SNI in the future. Best regards, John Jiang Artem Best regards, John Jiang

Artem On 09/07/2017 08:52 AM, sha.jiang at oracle.com wrote: Hi, Please review this test for checking the interop compatibility on JSSE among different JDK releases (from 6 to 10). It covers the cases, like handshake, data exchange, client authentication and APLN, on all TLS versions (if possible). And the selected TLS cipher suites are: TLSRSAWITHAES128CBCSHA, TLSDHEDSSWITHAES128CBCSHA and TLSECDHEECDSAWITHAES128CBCSHA. For more details, please look though the README.

Webrev: http://cr.openjdk.java.net/~jjiang/8186057/webrev.00 Issue: https://bugs.openjdk.java.net/browse/JDK-8186057 Best regards, John Jiang

• Previous message (by thread): RFR[10] 8186057: TLS interoperability testing between different Java versions
• Next message (by thread): RFR[10] 8186057: TLS interoperability testing between different Java versions
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the security-dev mailing list