changeset 45561:5990cda727bb

8182143: SHA224-based signature algorithms are not enabled for TLSv12 on Windows Reviewed-by: xuelei
author asmotrak
date Thu, 15 Jun 2017 15:00:30 -0700
parents 6c49259c05f8
children ece4ae6beba3
files jdk/src/java.base/share/classes/sun/security/ssl/SignatureAndHashAlgorithm.java jdk/test/javax/net/ssl/TLSv12/SignatureAlgorithms.java
diffstat 2 files changed, 9 insertions(+), 28 deletions(-) [+]
line wrap: on
line diff
--- a/jdk/src/java.base/share/classes/sun/security/ssl/SignatureAndHashAlgorithm.java	Thu Jun 15 17:50:21 2017 +0530
+++ b/jdk/src/java.base/share/classes/sun/security/ssl/SignatureAndHashAlgorithm.java	Thu Jun 15 15:00:30 2017 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2010, 2016, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2010, 2017, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -411,16 +411,12 @@
                     "SHA1withRSA",          --p);
             supports(HashAlgorithm.SHA1,        SignatureAlgorithm.ECDSA,
                     "SHA1withECDSA",        --p);
-
-            if (Security.getProvider("SunMSCAPI") == null) {
-                supports(HashAlgorithm.SHA224,      SignatureAlgorithm.DSA,
-                        "SHA224withDSA",        --p);
-                supports(HashAlgorithm.SHA224,      SignatureAlgorithm.RSA,
-                        "SHA224withRSA",        --p);
-                supports(HashAlgorithm.SHA224,      SignatureAlgorithm.ECDSA,
-                        "SHA224withECDSA",      --p);
-            }
-
+            supports(HashAlgorithm.SHA224,      SignatureAlgorithm.DSA,
+                    "SHA224withDSA",        --p);
+            supports(HashAlgorithm.SHA224,      SignatureAlgorithm.RSA,
+                    "SHA224withRSA",        --p);
+            supports(HashAlgorithm.SHA224,      SignatureAlgorithm.ECDSA,
+                    "SHA224withECDSA",      --p);
             supports(HashAlgorithm.SHA256,      SignatureAlgorithm.DSA,
                     "SHA256withDSA",        --p);
             supports(HashAlgorithm.SHA256,      SignatureAlgorithm.RSA,
--- a/jdk/test/javax/net/ssl/TLSv12/SignatureAlgorithms.java	Thu Jun 15 17:50:21 2017 +0530
+++ b/jdk/test/javax/net/ssl/TLSv12/SignatureAlgorithms.java	Thu Jun 15 15:00:30 2017 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2015, 2017, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -30,7 +30,7 @@
 
 /*
  * @test
- * @bug 8049321
+ * @bug 8049321 8182143
  * @summary Support SHA256WithDSA in JSSE
  * @run main/othervm SignatureAlgorithms PKIX "SHA-224,SHA-256"
  *                   TLS_DHE_DSS_WITH_AES_128_CBC_SHA
@@ -434,21 +434,6 @@
          */
         parseArguments(args);
 
-
-        /*
-         * Ignore testing on Windows if only SHA-224 is available.
-         */
-        if ((Security.getProvider("SunMSCAPI") != null) &&
-                (disabledAlgorithms.contains("SHA-1")) &&
-                (disabledAlgorithms.contains("SHA-256"))) {
-
-            System.out.println(
-                "Windows system does not support SHA-224 algorithms yet. " +
-                "Ignore the testing");
-
-            return;
-        }
-
         /*
          * Expose the target algorithms by diabling unexpected algorithms.
          */