changeset 53395:d8e48f2132e9

Merge
author jwilhelm
date Fri, 18 Jan 2019 23:07:48 +0100
parents 0bb889c05406 bd733a8ea625
children d74b1c8e632a
files test/jdk/javax/net/ssl/compatibility/Parameter.java
diffstat 11 files changed, 577 insertions(+), 526 deletions(-) [+]
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/jdk/javax/net/ssl/TLSCommon/KeyAlgorithm.java	Fri Jan 18 23:07:48 2019 +0100
@@ -0,0 +1,39 @@
+/*
+ * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * Key algorithms.
+ */
+public enum KeyAlgorithm {
+
+    DSA("DSA"),
+    RSA("RSA"),
+    EC("EC"),
+    RSASSAPSS("RSASSA-PSS");
+
+    public final String name;
+
+    private KeyAlgorithm(String name) {
+        this.name = name;
+    }
+}
--- a/test/jdk/javax/net/ssl/compatibility/Cert.java	Fri Jan 18 13:22:10 2019 -0800
+++ b/test/jdk/javax/net/ssl/compatibility/Cert.java	Fri Jan 18 23:07:48 2019 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2017, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -31,235 +31,383 @@
 public enum Cert {
 
     // This certificate is generated by the below command:
-    // openssl req -x509 -newkey rsa:1024 -days 7300 \
-    //     -subj "/CN=RSA_SHA1_1024" -sha1 \
-    //     -keyout key.pem -out cert.pem
-    RSA_SHA1_1024(
-            SignatureAlgorithm.RSA,
+    // openssl genpkey -algorithm rsa -pkeyopt rsa_keygen_bits:2048 \
+    //     -pkeyopt rsa_keygen_pubexp:65537 -out key.pem
+    // openssl req -x509 -new -key key.pem \
+    //     -subj "/CN=RSA-2048-SHA256" -sha256 -out cer.pem
+    RSA_2048_SHA256(
+            KeyAlgorithm.RSA,
             "-----BEGIN CERTIFICATE-----\n" +
-            "MIIB/jCCAWegAwIBAgIJANPuKkD7/jxkMA0GCSqGSIb3DQEBBQUAMBgxFjAUBgNV\n" +
-            "BAMMDVJTQV9TSEExXzEwMjQwHhcNMTcwOTA3MDIwNTM0WhcNMzcwOTAyMDIwNTM0\n" +
-            "WjAYMRYwFAYDVQQDDA1SU0FfU0hBMV8xMDI0MIGfMA0GCSqGSIb3DQEBAQUAA4GN\n" +
-            "ADCBiQKBgQC3v7UeIxD5bdv4mqwcpah7sNxpI3IxUFzI2ao1g1jVzDPZt9Zawa3K\n" +
-            "H+m9al1Fg2X1dyNeRlbiXavcIZOQwZqNj08zJEwAdICP8iOnXQ2HUv5cpzArOPTu\n" +
-            "GY3flhf39xgiWsSdfb+cP0QsWNagNU8EtebbHndv8W+2K5JEdlpwQQIDAQABo1Aw\n" +
-            "TjAdBgNVHQ4EFgQU32KqdiGyzg39chNt/OwQzGOlUyAwHwYDVR0jBBgwFoAU32Kq\n" +
-            "diGyzg39chNt/OwQzGOlUyAwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOB\n" +
-            "gQAWx8y45IIWWhy44cuQs0qcSDQihIvhXB3pvlpCNdfsSrVoaaH8lrOVjTC718ip\n" +
-            "fE1sF8I9niLHUg8WrAzdQRDsKyUhDUhEEJ7w1ffxwf8bcI9+NgWwEix0Dazzkub8\n" +
-            "2IRXuZ3dGwzoI54XtxvKMFH86nJEj4M/XQGrc9bnlhcn4g==\n" +
+            "MIIDFTCCAf2gAwIBAgIUcCwtPduMIU144++G82mUEVNNK9kwDQYJKoZIhvcNAQEL\n" +
+            "BQAwGjEYMBYGA1UEAwwPUlNBLTIwNDgtU0hBMjU2MB4XDTE5MDExNjA2MDgzNVoX\n" +
+            "DTE5MDIxNTA2MDgzNVowGjEYMBYGA1UEAwwPUlNBLTIwNDgtU0hBMjU2MIIBIjAN\n" +
+            "BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAycT4Kd742lTlULVh5BcsZIG/AvVl\n" +
+            "4IVnCoKoE8EyAf+YB2f+pYTDtyPzxnIUUqJ1/1dRY1EyHKQWRv1/J6H9qrKl48Sx\n" +
+            "zgctOMN6zrCjPGx85MWRW7jOTi9/FNjCfmmGDzo7jjfhEeSzU56zyOMMka2UvKYa\n" +
+            "P7YSTfC6nT79uaQNj/fqSK98FDLypDcrMiwzJZ7UX4M4Yo33EtqT0wFJfHl/LHJT\n" +
+            "lmpQdn7dDCqZGviP59tfuGPO7/la18OiN8hU8cttEkAcW3k19kYNhhtfxqs1MtAZ\n" +
+            "xGlN3eeW4IfjitMerEUd5wHrACyC4TKuj5NO6Wk1vl8pINsdkUttv5pHbQIDAQAB\n" +
+            "o1MwUTAdBgNVHQ4EFgQUT6UTyQ2i4qOkx3AAPwWS6wdmgncwHwYDVR0jBBgwFoAU\n" +
+            "T6UTyQ2i4qOkx3AAPwWS6wdmgncwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0B\n" +
+            "AQsFAAOCAQEAPa4ib8oo7vgOh1c/HBvynkzoZ/ci3hqQCArqHkTKQEFSpHeUz46j\n" +
+            "u+GBRV/bFvZWc+GR9BPedKZUyRzCy3lmWclsxXEnv1uz/PTGBRMtZpjaaveTHzXm\n" +
+            "VVIkMH+wTZsZ/EQiz2pHgPuAJdPTHlwIYOYo5jk/eZoTKGupBuce+gsn0ctSZQc/\n" +
+            "TyayRCvnbQQ9Q6VbcfbrWGAmnCa4VANGuk3uZFj2Hc87udJ+2R8WkyfgXtwypNtb\n" +
+            "1SrRuCqthfCFa4s+P0LlddVqp18gSvsiB+yA1RVZSlSD4GfJfrgtSsJu/ovqThr7\n" +
+            "+YTfrHCVl4gliXaVujl6tQHaFk23WbAMwg==\n" +
             "-----END CERTIFICATE-----",
-            "30820278020100300d06092a864886f70d0101010500048202623082025e0201" +
-            "0002818100b7bfb51e2310f96ddbf89aac1ca5a87bb0dc69237231505cc8d9aa" +
-            "358358d5cc33d9b7d65ac1adca1fe9bd6a5d458365f577235e4656e25dabdc21" +
-            "9390c19a8d8f4f33244c0074808ff223a75d0d8752fe5ca7302b38f4ee198ddf" +
-            "9617f7f718225ac49d7dbf9c3f442c58d6a0354f04b5e6db1e776ff16fb62b92" +
-            "44765a7041020301000102818100b2c5afdf5c5a9d72c73b7eb0c9465b3fcc79" +
-            "0549d946255bc0861555ef2eb503f1c67757f400cfa7019996123020fb906d5b" +
-            "b66b789ffba90b16270cbd1fbfcf285a821dcdc78fd8f17f399eb231ce9724db" +
-            "af60f9dd20f3e57bb4c0f9fdc9069589b82d442dd868d48c031eb782e27f9e70" +
-            "8469f9b3d5b1b23cee5bf1b41781024100dec184ea77c2126c6bc0c01ba727b4" +
-            "642587d63811240932334dc80c7976e0f715f156e52b352a25e5c52542af2b5f" +
-            "68a29a9b68858f313c4375cc78ec03d859024100d32be8375f52cbe904002321" +
-            "6977aee83fa88bf536d4052d2ed578727d7b7e5aeef91fc52b34c1b6638c00f0" +
-            "4c6985fdaaa2d6e72adbcc7d10ed8bafff69da29024100ae8210acd6f13519b7" +
-            "38a3c7862636ce1610daa3c5d9e3526e9acad3eafc54b57d7d3a44029b7dcf7e" +
-            "b7f9beca1842806892929949b8aa2bb9f5b9202a55c0d1024100887dc0c2c9a2" +
-            "429a823374818c2207b3a631d304d443867505e884c9bbc1ae9228146e2c8b18" +
-            "b67ca52b411010d3c3ff89e366f454076dcd08bc01a5e8790ac102402321988a" +
-            "2003e19c878791d402a7c0acdd1b6dd27203ed88f86a0e3a390ee57c0cd277f3" +
-            "ea5df6440dbc8bdb4c8b3c28fc77e6991bc4ed3f4dc0619a5b953e8e"),
+            "308204be020100300d06092a864886f70d0101010500048204a8308204a40201" +
+            "000282010100c9c4f829def8da54e550b561e4172c6481bf02f565e085670a82" +
+            "a813c13201ff980767fea584c3b723f3c6721452a275ff57516351321ca41646" +
+            "fd7f27a1fdaab2a5e3c4b1ce072d38c37aceb0a33c6c7ce4c5915bb8ce4e2f7f" +
+            "14d8c27e69860f3a3b8e37e111e4b3539eb3c8e30c91ad94bca61a3fb6124df0" +
+            "ba9d3efdb9a40d8ff7ea48af7c1432f2a4372b322c33259ed45f8338628df712" +
+            "da93d301497c797f2c7253966a50767edd0c2a991af88fe7db5fb863ceeff95a" +
+            "d7c3a237c854f1cb6d12401c5b7935f6460d861b5fc6ab3532d019c4694ddde7" +
+            "96e087e38ad31eac451de701eb002c82e132ae8f934ee96935be5f2920db1d91" +
+            "4b6dbf9a476d0203010001028201006dba71df8b8438707cf9647b2529391a3b" +
+            "b95e69888b0ee197c4b09575b6b58183f35b2a1067e06c23e03a26e6487e53bf" +
+            "96840b8827c18db713ca5eb176165713aac5f0bd65b75f6f8457b03a3dbbe9a0" +
+            "0e662784034027230b7091e54c0c253cf8c554b5acf02739231ba6d87429ecbb" +
+            "c2acc98472eb988ecc81206d165d33147e03279e60f7fbf73d8f199895f627a3" +
+            "3cf0c2ef2bcbd096f2e08b2684ea675956da0d95e941afe081e8c79ddb003b50" +
+            "0f3b340978bce6821438ef25ddbf4fc9dba3f421dbf576f3099dbd4463dbcd2f" +
+            "da5a987067d00c5af85faa7aea6427f12a1c03c9b5155fc5b5d4da51b4e9f5bf" +
+            "34087e582728bcaf40b39b0938163d02818100e379b3e110ca339eb1491b95ca" +
+            "0e73359a167722250f161ff78fef35e22282af28e02da454d0dca6af65b9118b" +
+            "6e3efe9cabae5d85746b0c336e3d9002c0575afe370ae7a0294c01988d6fa098" +
+            "9c4a6fc0816addcef3e891f2e56289da5b1b7a1c743664bb8b30ed6028942f72" +
+            "74f25c075b0646b47fae6c3fc31b4bfd05b02302818100e31210ff848f5a73c6" +
+            "1a508be415845bb18dcf09688ad543e8b040d9399850801a322e631dc605ec3e" +
+            "d25695b4f66cb6a728a4e11ff211122c7d0de7de356337b344fca03176c2c370" +
+            "7fbcdec2433a6c75d7a7d57b761ad6a8c1c8faaf316e0f410643f667958fcfac" +
+            "c9960d860c73cec45d118517fe72c5939730d8482bdb2f0281807e1a5ab0bb29" +
+            "0ce2bd6f44de8debe2cc65466cf6bdca963e5474336d10968711e93c15b152df" +
+            "9262c93b40144cd26a13a5f0bab1d7a8c92b335bbabf19f75cb5f1d5bbb2da23" +
+            "eaa1bbdb3475b80474736d29917fb3199de542dd0cfa54d54aef2fd4f0ce78f5" +
+            "59c34e1a50c3d8d4a20288855a7e59d3aa731209ec18fd04693702818100c384" +
+            "54da8edb9878c384f901db1ca3e1081b20bfeb224fcbaf59c41cc6b8dde7cfa6" +
+            "91c68a666dc723b89d113ec6488965995b8ef4a0cc0e27fc6db2cee48d4ff2ae" +
+            "5e0fd94777202d87efaaa6fe9819b7c63f1f54b5371aca2841d3887239602d0f" +
+            "2609cedb3aff08ba72d7a62aa6b4cce38e2859a6a0507b6add85fd6eb5c50281" +
+            "8100c07809a53e9ec6769bf2d31ed767766078ff7020199869473c26a211a4b2" +
+            "9828618b69e6e29ed0f1d8d8cac2c61490c3f20d19c1ff067c5d291080c8e15b" +
+            "2ce267cd37f8b0c1afe9c070418b310b5641640805d3a75890ccf6d2bf0bea11" +
+            "d327323db5452cadc1a3bd17c20ab92b6f09d4216a03c7a03c6ffc72e51f51eb" +
+            "dfa4"),
 
     // This certificate is generated by the below command:
-    // openssl req -x509 -newkey rsa:1024 -days 7300 \
-    //     -subj "/CN=www.example.com" -sha1 \
-    //     -keyout key.pem -out cert.pem
-    RSA_EXAMPLE_SHA1_1024(
-            SignatureAlgorithm.RSA,
+    // openssl genpkey -algorithm rsa -pkeyopt rsa_keygen_bits:2048 \
+    //     -pkeyopt rsa_keygen_pubexp:65537 -out key.pem
+    // openssl req -x509 -new -key key.pem \
+    //     -subj "/CN=EXAMPLE" -sha256 -out cer.pem
+    EXAMPLE_RSA_2048_SHA256(
+            KeyAlgorithm.RSA,
             "-----BEGIN CERTIFICATE-----\n" +
-            "MIICAjCCAWugAwIBAgIJAK6TC9eDtZg4MA0GCSqGSIb3DQEBBQUAMBoxGDAWBgNV\n" +
-            "BAMMD3d3dy5leGFtcGxlLmNvbTAeFw0xNzExMDIwNTA5NDRaFw0zNzEwMjgwNTA5\n" +
-            "NDRaMBoxGDAWBgNVBAMMD3d3dy5leGFtcGxlLmNvbTCBnzANBgkqhkiG9w0BAQEF\n" +
-            "AAOBjQAwgYkCgYEAtt5kxFTzJuoxJR2UgeXUxCw7TfL3FeK3lCrU3vruBe3XKKvF\n" +
-            "oyCxf/B5ucm22gzMfOvJBWRg6KrNTrXGI1LtlmAYNDM5J0lK2N/neKOm3Qxe0d1W\n" +
-            "AZ1lwgrMNirsWu+r4UPNMq5UohL5nqVU9WwVa12t0GF3er3k32tMTBqSclcCAwEA\n" +
-            "AaNQME4wHQYDVR0OBBYEFNc8tKGfZdFyaY0ZslwGLt1kpRYAMB8GA1UdIwQYMBaA\n" +
-            "FNc8tKGfZdFyaY0ZslwGLt1kpRYAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEF\n" +
-            "BQADgYEAc71ZO83YEw9WvhxDEng9tMYUhJnNZJss6+gfWjZ487aiEGnS+VgKsHWz\n" +
-            "DBLBrYe9Ag5L9f1HtPNheUbnhhBbQ607jOG/wfmpi4VoU3myB5uxOfeAZdXDOB5x\n" +
-            "bv3t7KcEhgmPjB/e123jrBK8qnAYmDlQVlkZScctB3I1OuA2Po4=\n" +
+            "MIIDBTCCAe2gAwIBAgIUfmLJ5eIbVUGXAzlZXtw08GQ6ppMwDQYJKoZIhvcNAQEL\n" +
+            "BQAwEjEQMA4GA1UEAwwHRVhBTVBMRTAeFw0xOTAxMTYwNjA4MzVaFw0xOTAyMTUw\n" +
+            "NjA4MzVaMBIxEDAOBgNVBAMMB0VYQU1QTEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB\n" +
+            "DwAwggEKAoIBAQCp7IDXT8J9iDMVAuLMTZS9oDD83BDkL5INGdXk1esTzyqXFmV2\n" +
+            "d5zNTr4A8w+YstkR081zL4MyEvHyQF1IlWoniRMXTZNMYYtU8dI8h2Fl5etSIEsc\n" +
+            "ArsAp3QMcoqEu4F4T68KPU7z1M5kYKevGqPsO4GJwjoydSZMLZMrq09yEyXlnE9l\n" +
+            "pNhyfFbQIp86mtXkY9nP3hn7JX6KMZSwAHbp7FtFkGfMx+usMnsMan+Z7UyWJE3o\n" +
+            "2cf29Fr9lBdV24gWAymyJA3BAW60wEI2JPYzIZVNn4zxmlkWk5sr+m5rUCXMzsyp\n" +
+            "G+rPk7YSpPutmczPe1BEiFwkgk+E5gZsNESbAgMBAAGjUzBRMB0GA1UdDgQWBBRm\n" +
+            "mZ3V6rNvJyG5DdYt1yo/Eiz+AjAfBgNVHSMEGDAWgBRmmZ3V6rNvJyG5DdYt1yo/\n" +
+            "Eiz+AjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBNHOWMa7f8\n" +
+            "iXwhET/6Rpu0JILusRrJVGXl3JOHxDsibUPAeZ4KI7VEEBw6ln0bKAFaYg+Nh9Xh\n" +
+            "dMuPC6e5wrX2Z912ncexa7BXDQDS4VyuvEGpp7rWFNtKRfc75hKmcRz+blgdhw9m\n" +
+            "gF1VcW3vBIjAUjMllRuyPlyXThgOPwcBXGEIewvyLXWbkNDFIeqycwsQsw5JJcbA\n" +
+            "Fh4alzjapSvSM84VS79u/MxaNZAtKpaymMaM05A8vIp8iHDm4N4AhIwHLT1mrtFt\n" +
+            "8y+3p4W6vtA+SlFGz8fQw5ppoxvPeJyHZmSmGeorcBv9XXWHhJ0rGz8UbE76xE0B\n" +
+            "EwC7yAE/SiA7\n" +
             "-----END CERTIFICATE-----",
-            "30820277020100300d06092a864886f70d0101010500048202613082025d0201" +
-            "0002818100b6de64c454f326ea31251d9481e5d4c42c3b4df2f715e2b7942ad4" +
-            "defaee05edd728abc5a320b17ff079b9c9b6da0ccc7cebc9056460e8aacd4eb5" +
-            "c62352ed96601834333927494ad8dfe778a3a6dd0c5ed1dd56019d65c20acc36" +
-            "2aec5aefabe143cd32ae54a212f99ea554f56c156b5dadd061777abde4df6b4c" +
-            "4c1a927257020301000102818048af52bc1acbdededd13d4930fa28b9441c47c" +
-            "b222f5c6fc92df07676db3a815a61c9b51de0a03a347b10a609bd6459a0dd926" +
-            "38877261686a5c6bb1ca9e8ea2373870af7685e7d6cebd66faba65af2ef04bd9" +
-            "1244ae56900fcd6ce11207d8c4040176e4ba9fef3d563741a1027b229134cfe1" +
-            "c0a90d9c8eba9ce6349835e769024100e82494b6f777c784ffc29298d033e11d" +
-            "af46f0d464c4dbd950d46bcd697d0f0b49a77699f0111d408e8748f2b461ab8f" +
-            "210071c9c20d8ecee3ae229cb9c3954b024100c9a976f0011fcdc0ca7fb2f679" +
-            "974fa85d420c604ca7ff64fe4667a44f73088eef290d22195474039760e99325" +
-            "3ca45ee444588b150467d14451d3c45dab0ba5024019df39d3ca70c703c39d63" +
-            "c9342b1403c2ed1d1a0ec101df8e6a9e391e7099a4a068d187068261c8381a4b" +
-            "bf00eb81bb49ea4ac439a4592e25a1daa9acea67510241008c4640007497bdd4" +
-            "94473da26b33d06a29ecae9531dd4e2edf1cf42cfc42e53a1fac2b8183a3164c" +
-            "053999600c6fe15a4c682a3b1cb482ceb33a4416fc9ce52d024100e4f08cd10a" +
-            "5c8face0b20db86443d0a42e34dfdde236dae4f042a06dd3aff7ca159f8aa3b7" +
-            "854df41d510148096155204f2bf46c4a96e271747a4126a66ade6c"),
+            "308204be020100300d06092a864886f70d0101010500048204a8308204a40201" +
+            "000282010100a9ec80d74fc27d88331502e2cc4d94bda030fcdc10e42f920d19" +
+            "d5e4d5eb13cf2a97166576779ccd4ebe00f30f98b2d911d3cd732f833212f1f2" +
+            "405d48956a278913174d934c618b54f1d23c876165e5eb52204b1c02bb00a774" +
+            "0c728a84bb81784faf0a3d4ef3d4ce6460a7af1aa3ec3b8189c23a3275264c2d" +
+            "932bab4f721325e59c4f65a4d8727c56d0229f3a9ad5e463d9cfde19fb257e8a" +
+            "3194b00076e9ec5b459067ccc7ebac327b0c6a7f99ed4c96244de8d9c7f6f45a" +
+            "fd941755db88160329b2240dc1016eb4c0423624f63321954d9f8cf19a591693" +
+            "9b2bfa6e6b5025cccecca91beacf93b612a4fbad99cccf7b5044885c24824f84" +
+            "e6066c34449b0203010001028201005842e1357557678eec4198ab274590e1e2" +
+            "282fdf3ae2db96b8395831b1af962d8048d438458da1a3bea7d0a46fd077ed6a" +
+            "66228c16fcc570b3bd8a132a1579fb2927026ea7f8ff9db8b496e81bc5ca80df" +
+            "775c10c76edfa55a555bf5cedf5ce9c60d55b532dd24a7bfc0c1b7b7ab55c3e9" +
+            "b0c25661963de573a22494853a11dce95ea31417d3c87c806ef74cb6c8b7190c" +
+            "cfcdc2d21e8a756061c9e6cf40bca95d5aa43fb990b9492250ec9a752151320c" +
+            "b30a64beb0e17d83ad9ea702afcd5d8d6b7bfe11031aa27d83652e8db864bdbc" +
+            "447aee6e973018f77155aa24e05d3b7f9e232096ff93e8e2b1361b6cdbd4edf8" +
+            "dd88b46b178b38c34fe0ea5fc40f9102818100db14d91a4e8a89cc95a7cc687f" +
+            "2f2f295bc8a945826b3da840f871161ce2062f980d45b50172e744a308c0972e" +
+            "6f3f028465e6a59b75c0687bc3db4b69f5a931b73e9dedc6b05d41f4c1dd0575" +
+            "8e0460efba9bbb98f1c6ae3f018e2fb967a085dc5290ba8487703e1aee05fd90" +
+            "3c17867130c5676b7b9567a6fd61e9be6d660902818100c68f0053c621d52d65" +
+            "4ec381775e1b8fbf15ad391a0ad478d5b46374ad3f7c417a2f425f285999b4e6" +
+            "1672614ec6b4bad54400ecbc9e92f35cdab590a8cff4c029146a9b101d53950f" +
+            "7dddaa45946bfcf2a4e86bcddfc141a2cc49969519a326c7e5b001912e151d86" +
+            "b17f5789f39513c3f660c3e41f169a7668b22c17241e8302818100b86d0a7e4c" +
+            "d3ef40dc530f8e8052b63ef8d729382c9c1ea17f6025c2d9b9a43f789ee3a986" +
+            "78b61b5fabc485004002291a4fb6247f8456df1e21388079c8a61006149e5a46" +
+            "42bd9f026e18a3b9dc3def64a010ed91c926da148c38a8104a1e25d1dd679cbc" +
+            "684fa2d884bb62438372c2689307fb11ce4d6d9e73fb730c2d8811028181008d" +
+            "fda14c4739d68a9a11d3397835321c7f976ec290df01c64f7caa4abbc1d487b6" +
+            "6aa95a072edbfe4333f623a403f1265270490102799bb8b0c42e66fe7188230a" +
+            "bd70e6e685324a3c43d40a79ab83f5e5470c765b49119870650a92c69908d528" +
+            "ca162d68b6bd9ed9bd80c506ffcbb1d0c715b7c02083377e49ac705f34132502" +
+            "8180100e20febd1a5af92fdfc36aaf47d1a771cb1484d79e2389d5e6f47dc773" +
+            "512edef82676f9f9d5a77aac2f01d66fe864d85abcce47e3d22491421f959c1e" +
+            "5545c16fc5c5f5550ced81485dc237d9df8753cd6031e431bd34425e81b1e193" +
+            "c51a6d2c8a7cc01028f47b7fb7d79b481facb76c4775ff997f2e63acb3ff429c" +
+            "47b3"),
 
     // This certificate is generated by the below commands:
-    // openssl dsaparam -genkey 1024 -out key.pem
+    // openssl genpkey -genparam -algorithm dsa -pkeyopt dsa_paramgen_bits:2048 \
+    //     -pkeyopt dsa_paramgen_q_bits:256 -out param.pem
+    // openssl genpkey -paramfile param.pem -out key.pem
     // openssl req -x509 -new -key key.pem -days 7300 \
-    //     -subj "/CN=DSA_SHA1_1024" -sha1 -out cert.pem
-    DSA_SHA1_1024(
-            SignatureAlgorithm.DSA,
+    //     -subj "/CN=DSA-2048-SHA256" -sha256 -out cer.pem
+    DSA_2048_SHA256(
+            KeyAlgorithm.DSA,
             "-----BEGIN CERTIFICATE-----\n" +
-            "MIICuzCCAnugAwIBAgIJAMAMLRrhQWQFMAkGByqGSM44BAMwGDEWMBQGA1UEAwwN\n" +
-            "RFNBX1NIQTFfMTAyNDAeFw0xNzExMDIwNjA4MDRaFw0zNzEwMjgwNjA4MDRaMBgx\n" +
-            "FjAUBgNVBAMMDURTQV9TSEExXzEwMjQwggG2MIIBKwYHKoZIzjgEATCCAR4CgYEA\n" +
-            "8CspE1sE84pJ4YxzVHFEDNJvBaIxsbax03pDwNHr/ogP9PVwF9z1jT6hpC5WluHG\n" +
-            "g5n5gqpF2XpBhX2fKm1qqZWRxNvHKo0+zzAhUqMrvRJqcjlL4ijXndHldt67/VKS\n" +
-            "0eTKi9m64c+yJx80YYphCO5b93d2sTM29z8QZOlrbD8CFQCmttKnPAOk4uz8Z8cV\n" +
-            "uPGeGOMB9wKBgCItgPpAjW0srIwCaDysDNpydX6hB+1NTy1gFYl24n8edLGbR0mZ\n" +
-            "isteBd6LjMtgicRmtKZzKxW7igxoVvR3WHpTucFjms5NRNjPaj5wt3DxoXn4hyWk\n" +
-            "LzMvDeBvi+jKJiO0jnQ3+1NDOlAQy6ukeH59/gxZ3UmcNxDlAQ/IYHcpA4GEAAKB\n" +
-            "gEgvi72gL+zax7Y2hg4PL1PqZx2jFp0XlTIugiTrcsGytrAnn+/s2+3xVyVyvVMn\n" +
-            "0z5yL5eP9cdGA7qV1+7n6KJ8jNAhLCBSiC6x5ekd88aTlqnmt5lstk4w0Q0zSa58\n" +
-            "Hp6dCFg2Irk6Z9ERKaXJJBBS6reaFeATVROhN/LEEzzvo1AwTjAdBgNVHQ4EFgQU\n" +
-            "jb+HHABclGNR4lpf19nHFZpfwPQwHwYDVR0jBBgwFoAUjb+HHABclGNR4lpf19nH\n" +
-            "FZpfwPQwDAYDVR0TBAUwAwEB/zAJBgcqhkjOOAQDAy8AMCwCFDB3F/m6jsZdHaoy\n" +
-            "1xTp2U8uHBO+AhQYzeJuJd8/qRSDVLs8mesE8TQg2g==\n" +
+            "MIIEezCCBCCgAwIBAgIUYbBHFrJkO9EokOROEScK0dr3aVowCwYJYIZIAWUDBAMC\n" +
+            "MBoxGDAWBgNVBAMMD0RTQS0yMDQ4LVNIQTI1NjAeFw0xOTAxMTYwNjA4NTJaFw0z\n" +
+            "OTAxMTEwNjA4NTJaMBoxGDAWBgNVBAMMD0RTQS0yMDQ4LVNIQTI1NjCCA0cwggI5\n" +
+            "BgcqhkjOOAQBMIICLAKCAQEAnGTeaC+MitQykXl2UcGtJhkelRhBalZuzR9fh8Xf\n" +
+            "swSj2auVzhjkQfns6E14X72XLYDwHPQilh4ZSiC1cX7bpvohJ7CjbouGnT78Gwf0\n" +
+            "pfVMRBRfbNiwBQzFtzehAqlLPXyHWCPxAzW0EgzZh8asIofBEGmGh6sxlpXbEcCS\n" +
+            "Ra5Q2vdDRVksm4APHKwbS1F6L/0QDvjDAudWyLFdFMSBuoyeFwCf7Gr5lcVi538h\n" +
+            "MliXSAhJ7SXe4B9K/5/VicuzAffE+EZsZZuJKeQ4oHz8xtycdMcW86Iag1i/POzD\n" +
+            "0Z7c5p9j1zDgms1ZRSz4fd7YgNGjmmf6dYJlZmCX4w9YiwIhALnVATHxZmk7G1kf\n" +
+            "LGX7SMeflAhA/D3EPA5QWdgTc0orAoIBAGYTWMnKHBF4oMKUsx6lF6KvSrqFQ0+j\n" +
+            "mWN1RNAGiVYm/Js9sc7jolZCbVTWM7GblO2DxiKed3FtcL3xw4P6l3GU7kFthsjh\n" +
+            "bHbMG58s5JVboLX50wZo1uBOb0kRcZYjYTfUwbBYpGNnl7xfQsZ/Bxq/wzyn4gxb\n" +
+            "+C0pu/vzmko+opKfFr9a2EL+ADvQhPd6y/L0YcpiTihvfXDWu+n3bNlwhUZYevux\n" +
+            "SPVkQH3h5YEqXePF7UeY506/2sr41/xCbCkuH+Ob77Cy1IjMqr4OpXzj6wCSjlFy\n" +
+            "Re66yqsjGpuBeTtsn9lKmlFVl4QUdw7XYbRubafNFEdd5IazMflCcgMDggEGAAKC\n" +
+            "AQEAnF3/TT0nYzfwY6/+lmoqoBtGU4of7RK4U3Jdhf6dj755GwgsPGAz3Rzh/hq/\n" +
+            "B3fuyrtnE/aU0EK1dtRNqnKeFsMCURBi3sWYYe7vamw5TukFMSUOuH76v75b26c+\n" +
+            "nTfZF30iDz+66Z5gcOSwhz9aLCnF/wYwijnzagnCF4m0Nhwsjtz4qECMPfL/Rkx8\n" +
+            "s83tUF53mx5o8WCYMNr4yJGcHEkautvZN05zwoxZTPKZNngWeCUAY07XwOYHTUvx\n" +
+            "C9Sxiom9k1pZPbHZnGpUx96at2dMoeTeHR6xF/0QpiIb4wLpOg/CRxsopBmhEl0S\n" +
+            "BEXYNIcrXLwVBLvJD6H44DxRiqNTMFEwHQYDVR0OBBYEFCr6C8Bl7wjz5L3cYMG3\n" +
+            "/ZFe7Ee0MB8GA1UdIwQYMBaAFCr6C8Bl7wjz5L3cYMG3/ZFe7Ee0MA8GA1UdEwEB\n" +
+            "/wQFMAMBAf8wCwYJYIZIAWUDBAMCA0gAMEUCIArByiqjCG1ZuOVY91OPa9g8q60y\n" +
+            "/BSRWRgikEuq3AbgAiEAoZoKXW80FTMxv/9tFy0N7OrUV4rc9+AUBSTuRCuTAk4=\n" +
             "-----END CERTIFICATE-----",
-            "3082014a0201003082012b06072a8648ce3804013082011e02818100f02b2913" +
-            "5b04f38a49e18c735471440cd26f05a231b1b6b1d37a43c0d1ebfe880ff4f570" +
-            "17dcf58d3ea1a42e5696e1c68399f982aa45d97a41857d9f2a6d6aa99591c4db" +
-            "c72a8d3ecf302152a32bbd126a72394be228d79dd1e576debbfd5292d1e4ca8b" +
-            "d9bae1cfb2271f34618a6108ee5bf77776b13336f73f1064e96b6c3f021500a6" +
-            "b6d2a73c03a4e2ecfc67c715b8f19e18e301f7028180222d80fa408d6d2cac8c" +
-            "02683cac0cda72757ea107ed4d4f2d60158976e27f1e74b19b4749998acb5e05" +
-            "de8b8ccb6089c466b4a6732b15bb8a0c6856f477587a53b9c1639ace4d44d8cf" +
-            "6a3e70b770f1a179f88725a42f332f0de06f8be8ca2623b48e7437fb53433a50" +
-            "10cbaba4787e7dfe0c59dd499c3710e5010fc8607729041602146ef9db36045f" +
-            "bcd8c7fd82ba29c5c5057ed11c7f"),
+            "308202640201003082023906072a8648ce3804013082022c02820101009c64de" +
+            "682f8c8ad43291797651c1ad26191e9518416a566ecd1f5f87c5dfb304a3d9ab" +
+            "95ce18e441f9ece84d785fbd972d80f01cf422961e194a20b5717edba6fa2127" +
+            "b0a36e8b869d3efc1b07f4a5f54c44145f6cd8b0050cc5b737a102a94b3d7c87" +
+            "5823f10335b4120cd987c6ac2287c110698687ab319695db11c09245ae50daf7" +
+            "4345592c9b800f1cac1b4b517a2ffd100ef8c302e756c8b15d14c481ba8c9e17" +
+            "009fec6af995c562e77f21325897480849ed25dee01f4aff9fd589cbb301f7c4" +
+            "f8466c659b8929e438a07cfcc6dc9c74c716f3a21a8358bf3cecc3d19edce69f" +
+            "63d730e09acd59452cf87dded880d1a39a67fa758265666097e30f588b022100" +
+            "b9d50131f166693b1b591f2c65fb48c79f940840fc3dc43c0e5059d813734a2b" +
+            "02820100661358c9ca1c1178a0c294b31ea517a2af4aba85434fa399637544d0" +
+            "06895626fc9b3db1cee3a256426d54d633b19b94ed83c6229e77716d70bdf1c3" +
+            "83fa977194ee416d86c8e16c76cc1b9f2ce4955ba0b5f9d30668d6e04e6f4911" +
+            "7196236137d4c1b058a4636797bc5f42c67f071abfc33ca7e20c5bf82d29bbfb" +
+            "f39a4a3ea2929f16bf5ad842fe003bd084f77acbf2f461ca624e286f7d70d6bb" +
+            "e9f76cd9708546587afbb148f564407de1e5812a5de3c5ed4798e74ebfdacaf8" +
+            "d7fc426c292e1fe39befb0b2d488ccaabe0ea57ce3eb00928e517245eebacaab" +
+            "231a9b81793b6c9fd94a9a5155978414770ed761b46e6da7cd14475de486b331" +
+            "f942720304220220509dd213cc9769e93825063a4a60500f67c4b979f6504b2f" +
+            "ccdbefb3ab8fe6da"),
 
     // This certificate is generated by the below commands:
-    // openssl dsaparam -genkey 1024 -out key.pem
+    // openssl genpkey -genparam -algorithm dsa -pkeyopt dsa_paramgen_bits:2048 \
+    //     -pkeyopt dsa_paramgen_q_bits:256 -out param.pem
+    // openssl genpkey -paramfile param.pem -out key.pem
     // openssl req -x509 -new -key key.pem -days 7300 \
-    //     -subj "/CN=www.example.com" -sha1 -out cert.pem
-    DSA_EXAMPLE_SHA1_1024(
-            SignatureAlgorithm.DSA,
+    //     -subj "/CN=EXAMPLE" -sha256 -out cer.pem
+    EXAMPLE_DSA_2048_SHA256(
+            KeyAlgorithm.DSA,
             "-----BEGIN CERTIFICATE-----\n" +
-            "MIICwDCCAoCgAwIBAgIJAI5mKbdK5ZqyMAkGByqGSM44BAMwGjEYMBYGA1UEAwwP\n" +
-            "d3d3LmV4YW1wbGUuY29tMB4XDTE3MTEwMjA1NDczOVoXDTM3MTAyODA1NDczOVow\n" +
-            "GjEYMBYGA1UEAwwPd3d3LmV4YW1wbGUuY29tMIIBtzCCASwGByqGSM44BAEwggEf\n" +
-            "AoGBANVGWRSlxVZQKlVrTDcU/6Mr8QFlR3kGKmkvdbTHH1EhcP7YlZ7CJ30VBDbN\n" +
-            "LS2HvN3HHNooJ7hHBheL5Yz8EZIUa95TzPukZ1TmCo9fufR5i9HWj9Z8jLhyqx3l\n" +
-            "iUZOYN9H0MSn4ftK6dr5oTz2ZGYDblXDCq6R8qZfuw1URFqrAhUArx0nmGEI/1S/\n" +
-            "qyxnV4I6ItOntxMCgYEAxZKIZ/7aOGfzaQG2wRFdD/viHBZkkcxCsgmPUroQVUIw\n" +
-            "dqmUnfYk8cb02LCevhhSwcjfocQsA3y1jufIUdWaHuIB9W3EsFJQNd/Byh9j/pRD\n" +
-            "7zH/8lnBzJh2S7y10Vg840STVo5+ekZb4E+W7KK5gUaEQ6kAtUIIB0xjNz7RWs4D\n" +
-            "gYQAAoGAPVQKWqJSlMrbU4XEsx50Ur8P84CwMnS7WcQNLnih1ScaK2BijgVj5Fny\n" +
-            "9JZxITwj7XD7FWriq3kTjbydi3iAvrgVWij79x5Z7fTRCuoBVmtnAFkVGalwbGr2\n" +
-            "ghz70y6hep2Evb1pRCrHjRkMaJFE5Y2CA7VbpKoat+j47/LkXJ2jUDBOMB0GA1Ud\n" +
-            "DgQWBBSVjWy3SpaDfnFo+37mZJqX2aybzTAfBgNVHSMEGDAWgBSVjWy3SpaDfnFo\n" +
-            "+37mZJqX2aybzTAMBgNVHRMEBTADAQH/MAkGByqGSM44BAMDLwAwLAIUd5NOlcfX\n" +
-            "5rakT9H8UzlFcFQLr0MCFGrEYvlFUf/HJOH4FwXS2jEholBB\n" +
+            "MIIEaTCCBA+gAwIBAgIUckU2myqkWak+Svv0FFJX91vv1jMwCwYJYIZIAWUDBAMC\n" +
+            "MBIxEDAOBgNVBAMMB0VYQU1QTEUwHhcNMTkwMTE2MDYwODUzWhcNMzkwMTExMDYw\n" +
+            "ODUzWjASMRAwDgYDVQQDDAdFWEFNUExFMIIDRjCCAjkGByqGSM44BAEwggIsAoIB\n" +
+            "AQDGmXUxMKzLIVUQUy4lu4fbnv8fRXtWIbv1jxWATCNFiFt4cUxrr7GVC16MGrgm\n" +
+            "FtMIHXWwFlq2wTL0RhVp2WPIPQzxCwQFivQjpdewVCB1BoJ1ozlvQjU4hri5Ymdt\n" +
+            "ebe90uT8NsvrQrSKYCl+/pPNiZKT8oX1aKzRYPQLn0bVXUicWlACoLfHGM4irjEC\n" +
+            "4JezC/tdLleeNYNpy2/dKYu/atyN/u0d+dPRLWBCw6/qCRn1yRAv04GC3WYBlSXz\n" +
+            "f9OKlCH5kfm9sLyatz/RWDqOb/YWW2Rk7UTKAnoTAyB+I9yUXg6Gad2csNkxXv55\n" +
+            "9oJAhdhsOS5cdBoqlZEahIFBAiEAjiMCVBGpnAxjb2dXM/Eec7EfThflQXbl33Zn\n" +
+            "Uq3AAsUCggEAaBNP9Uttfs1eV/38aurLd3T1OiM0CF7DPxE0qpSM9dQz9cKZajIE\n" +
+            "lsVTGOLBC5/+VSat9t1VG+JoyvSspkvk97/mxx0WCz/QAYTdwCXVuMuSv+EqeOMP\n" +
+            "lCxEdbOS8pfD8shOK+pnDSHMJvURYxB+fJkHHeXfwesH3632Vq0GlJ8PgXH5NLHM\n" +
+            "MWv7oZjyZMnGWDq2taJcZZG5ETNda2fATNCF9Al430MUxie2Sp50vA1KEtyUqMu+\n" +
+            "CLpyOynPHi96TWHNfD23TmKFVN9Uh2nUNIpUk8NMKBwg2O7FvvNnKfbl44ikuCnc\n" +
+            "06U7SdF3y8NRdwyayMI3BkOsV8mkoMwUgAOCAQUAAoIBADK2c1Gl3+6zrFU8Uhro\n" +
+            "5lFnDy3UYXINpdtWR/8T0FJ6YMax70VCkyxucq3AUnmq9AQtFijjmXDnxzD5g7IS\n" +
+            "zOU/28Kg1Mmw26uzrpUZPiixNU7v/xzE37M0Ig3VCEQ9mw57/yv8gwZurHtsokGt\n" +
+            "k0lzH/krhYPCOpskg6NulGq5lGsnNVdPkSkiAWZFHTysgKgxvMUxXj0bUm4ZyNw6\n" +
+            "Lp2bFHKbmSeTy3OLo/Kvd7BIjhV+Bi5LFh7h8spf6SC7qyEm0X7Keu+61xkFHU8a\n" +
+            "aghnGQYwuzpTp+hsbAJdHwVLw9ElqEoaVp3rAmxtsdzqhZSxcMZoypbjEJpiZ1/v\n" +
+            "fQCjUzBRMB0GA1UdDgQWBBRTPXqHl7VKr5U94p9c882ge9DOXzAfBgNVHSMEGDAW\n" +
+            "gBRTPXqHl7VKr5U94p9c882ge9DOXzAPBgNVHRMBAf8EBTADAQH/MAsGCWCGSAFl\n" +
+            "AwQDAgNHADBEAiAOQxtKiMImXKWQvUKZxoUc+chXRxAj3UD3Zj7RksPF2AIgf8HG\n" +
+            "hOnr3hzIej3Da2Ty9RTittcgZ14boraO/Vlx9Jo=\n" +
             "-----END CERTIFICATE-----",
-            "3082014c0201003082012c06072a8648ce3804013082011f02818100d5465914" +
-            "a5c556502a556b4c3714ffa32bf101654779062a692f75b4c71f512170fed895" +
-            "9ec2277d150436cd2d2d87bcddc71cda2827b84706178be58cfc1192146bde53" +
-            "ccfba46754e60a8f5fb9f4798bd1d68fd67c8cb872ab1de589464e60df47d0c4" +
-            "a7e1fb4ae9daf9a13cf66466036e55c30aae91f2a65fbb0d54445aab021500af" +
-            "1d27986108ff54bfab2c6757823a22d3a7b71302818100c5928867feda3867f3" +
-            "6901b6c1115d0ffbe21c166491cc42b2098f52ba1055423076a9949df624f1c6" +
-            "f4d8b09ebe1852c1c8dfa1c42c037cb58ee7c851d59a1ee201f56dc4b0525035" +
-            "dfc1ca1f63fe9443ef31fff259c1cc98764bbcb5d1583ce34493568e7e7a465b" +
-            "e04f96eca2b981468443a900b54208074c63373ed15ace0417021500abf47692" +
-            "88c6ac41e2802e7eb7addba367339318"),
+            "308202640201003082023906072a8648ce3804013082022c0282010100c69975" +
+            "3130accb215510532e25bb87db9eff1f457b5621bbf58f15804c2345885b7871" +
+            "4c6bafb1950b5e8c1ab82616d3081d75b0165ab6c132f4461569d963c83d0cf1" +
+            "0b04058af423a5d7b0542075068275a3396f42353886b8b962676d79b7bdd2e4" +
+            "fc36cbeb42b48a60297efe93cd899293f285f568acd160f40b9f46d55d489c5a" +
+            "5002a0b7c718ce22ae3102e097b30bfb5d2e579e358369cb6fdd298bbf6adc8d" +
+            "feed1df9d3d12d6042c3afea0919f5c9102fd38182dd66019525f37fd38a9421" +
+            "f991f9bdb0bc9ab73fd1583a8e6ff6165b6464ed44ca027a1303207e23dc945e" +
+            "0e8669dd9cb0d9315efe79f6824085d86c392e5c741a2a95911a848141022100" +
+            "8e23025411a99c0c636f675733f11e73b11f4e17e54176e5df766752adc002c5" +
+            "0282010068134ff54b6d7ecd5e57fdfc6aeacb7774f53a2334085ec33f1134aa" +
+            "948cf5d433f5c2996a320496c55318e2c10b9ffe5526adf6dd551be268caf4ac" +
+            "a64be4f7bfe6c71d160b3fd00184ddc025d5b8cb92bfe12a78e30f942c4475b3" +
+            "92f297c3f2c84e2bea670d21cc26f51163107e7c99071de5dfc1eb07dfadf656" +
+            "ad06949f0f8171f934b1cc316bfba198f264c9c6583ab6b5a25c6591b911335d" +
+            "6b67c04cd085f40978df4314c627b64a9e74bc0d4a12dc94a8cbbe08ba723b29" +
+            "cf1e2f7a4d61cd7c3db74e628554df548769d4348a5493c34c281c20d8eec5be" +
+            "f36729f6e5e388a4b829dcd3a53b49d177cbc351770c9ac8c2370643ac57c9a4" +
+            "a0cc1480042202201ba738489c54dddd5ffbf0009ef9d11851182235a251a410" +
+            "4a6354181ecd0348"),
 
     // This certificate is generated by the below commands:
-    // openssl ecparam -name prime256v1 -genkey -out key.pem
-    // openssl req -new -key key.pem -x509 -nodes -days 7300 \
-    //     -subj "/CN=ECDSA_SHA1_prime256v1" -sha1 -out cert.pem
-    ECDSA_SHA1_PRIME256V1(
-            SignatureAlgorithm.ECDSA,
+    // openssl genpkey -algorithm ec -pkeyopt ec_paramgen_curve:P-256 \
+    //     -pkeyopt ec_param_enc:named_curve -out key.pem
+    // openssl req -x509 -new -key key.pem \
+    //     -subj "/CN=ECDSA-SECP256-SHA256" -sha256 -out cer.pem
+    ECDSA_PRIME256V1_SHA256(
+            KeyAlgorithm.EC,
             "-----BEGIN CERTIFICATE-----\n" +
-            "MIIBhDCCASygAwIBAgIJAKW4wuujp9JbMAkGByqGSM49BAEwIDEeMBwGA1UEAwwV\n" +
-            "RUNEU0FfU0hBMV9wcmltZTI1NnYxMB4XDTE3MDkwNzAyMTA0MVoXDTM3MDkwMjAy\n" +
-            "MTA0MVowIDEeMBwGA1UEAwwVRUNEU0FfU0hBMV9wcmltZTI1NnYxMFkwEwYHKoZI\n" +
-            "zj0CAQYIKoZIzj0DAQcDQgAEdbE+AMwsFBf73YXRVwsvsx2dMt1xgDxj/4pN+BfY\n" +
-            "LWnO94beeZcrCJ1/N8CHmDOce7KRDR6/9kpi20wFAVXZ3KNQME4wHQYDVR0OBBYE\n" +
-            "FA/hB2ODDNdz1JF08u2uhknhlsVoMB8GA1UdIwQYMBaAFA/hB2ODDNdz1JF08u2u\n" +
-            "hknhlsVoMAwGA1UdEwQFMAMBAf8wCQYHKoZIzj0EAQNHADBEAiBNxv2L2FW+6+w/\n" +
-            "QtDe+YSUNRj3F8QrpLkfGk7rVaOiHQIgVF2pWJ5ytg0pbCuO8Bh+UZ7zfZUD03s8\n" +
-            "ZuIYW7RtMe0=\n" +
+            "MIIBkzCCATmgAwIBAgIUXebzNfSMvdkNrc5175FM6dE/gxwwCgYIKoZIzj0EAwIw\n" +
+            "HzEdMBsGA1UEAwwURUNEU0EtU0VDUDI1Ni1TSEEyNTYwHhcNMTkwMTE2MDYwODQx\n" +
+            "WhcNMTkwMjE1MDYwODQxWjAfMR0wGwYDVQQDDBRFQ0RTQS1TRUNQMjU2LVNIQTI1\n" +
+            "NjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABOp7VcLfpVc5ghO0HlYjwH+YSAf7\n" +
+            "zTShLeoY35PwqcoUgg9DBR4g7rM3xovOKxGZ5uORD8vo5l9L0+53f2+7YH+jUzBR\n" +
+            "MB0GA1UdDgQWBBSmW8/6KP8EJKBVlfmFkBSbVWTEWzAfBgNVHSMEGDAWgBSmW8/6\n" +
+            "KP8EJKBVlfmFkBSbVWTEWzAPBgNVHRMBAf8EBTADAQH/MAoGCCqGSM49BAMCA0gA\n" +
+            "MEUCIQCtGdW3Xl5OzX7QiwtiT6pbIrm6eCUwN/vVoMfs3Yn5rgIgCbLidpdMpFrd\n" +
+            "HWB2/mVxQegLBCOIGMVPXrTat4A76As=\n" +
             "-----END CERTIFICATE-----",
             "308187020100301306072a8648ce3d020106082a8648ce3d030107046d306b02" +
-            "010104204d901d5efd0e3def78d5307788a4c760115effce4b9e2c31ae5860b6" +
-            "c11915aca1440342000475b13e00cc2c1417fbdd85d1570b2fb31d9d32dd7180" +
-            "3c63ff8a4df817d82d69cef786de79972b089d7f37c08798339c7bb2910d1ebf" +
-            "f64a62db4c050155d9dc"),
+            "01010420aa9602d20de7ebfc2787a6e5ae20166d1e8d8bd29b4e5f046414bae8" +
+            "9a8e7eb9a14403420004ea7b55c2dfa557398213b41e5623c07f984807fbcd34" +
+            "a12dea18df93f0a9ca14820f43051e20eeb337c68bce2b1199e6e3910fcbe8e6" +
+            "5f4bd3ee777f6fbb607f"),
 
     // This certificate is generated by the below commands:
-    // openssl ecparam -name prime256v1 -genkey -out key.pem
-    // openssl req -new -key key.pem -x509 -nodes -days 7300 \
-    //     -subj "/CN=www.example.com" -sha1 -out cert.pem
-    ECDSA_EXAMPLE_SHA1_PRIME256V1(
-            SignatureAlgorithm.ECDSA,
+    // openssl genpkey -algorithm ec -pkeyopt ec_paramgen_curve:P-256 \
+    //     -pkeyopt ec_param_enc:named_curve -out key.pem
+    // openssl req -x509 -new -key key.pem \
+    //     -subj "/CN=EXAMPLE" -sha256 -out cer.pem
+    EXAMPLE_ECDSA_PRIME256V1_SHA256(
+            KeyAlgorithm.EC,
             "-----BEGIN CERTIFICATE-----\n" +
-            "MIIBeDCCASCgAwIBAgIJAMxOXBpiJ5mDMAkGByqGSM49BAEwGjEYMBYGA1UEAwwP\n" +
-            "d3d3LmV4YW1wbGUuY29tMB4XDTE3MTEwMjA1MTg0MVoXDTM3MTAyODA1MTg0MVow\n" +
-            "GjEYMBYGA1UEAwwPd3d3LmV4YW1wbGUuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0D\n" +
-            "AQcDQgAER9IyuwyrJ7X9DmIqGC3YNTlWBt4Fo/Y3RnlcxhTVxb/ZAYVNhqe4MbSM\n" +
-            "2nsVnYMjjXXDav1plNKvmgGDf9s/saNQME4wHQYDVR0OBBYEFHNUTaIIEA89uNKH\n" +
-            "OOUgJ981Qj5HMB8GA1UdIwQYMBaAFHNUTaIIEA89uNKHOOUgJ981Qj5HMAwGA1Ud\n" +
-            "EwQFMAMBAf8wCQYHKoZIzj0EAQNHADBEAiBCW59S1nE15j8euO6/q9bM6J9Ci5xJ\n" +
-            "WWAVznGGxnS/HgIgFaFKC31uxTXoBN7QN0yW/umQgJ0nsjwj7Pnxc0wNyw8=\n" +
+            "MIIBeTCCAR+gAwIBAgIUWZkzN4WOoj7HUYLoWtgy+ad/zjswCgYIKoZIzj0EAwIw\n" +
+            "EjEQMA4GA1UEAwwHRVhBTVBMRTAeFw0xOTAxMTYwNjA4NDFaFw0xOTAyMTUwNjA4\n" +
+            "NDFaMBIxEDAOBgNVBAMMB0VYQU1QTEUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNC\n" +
+            "AAQMzWjRuN9r2/kcVYyHFpKduuYj2VFRXo81qd+EcyjnLZab5m9RqIYy6iDUvZk5\n" +
+            "w8wHeHGpMybPzNSEQ2mVY5Yvo1MwUTAdBgNVHQ4EFgQUUhVK37nQDP6OEW5w7XEb\n" +
+            "p8/sCxMwHwYDVR0jBBgwFoAUUhVK37nQDP6OEW5w7XEbp8/sCxMwDwYDVR0TAQH/\n" +
+            "BAUwAwEB/zAKBggqhkjOPQQDAgNIADBFAiEA9B2e4TWZKMxS8/uyVjl6D+cyqsPU\n" +
+            "7/qATL5cTK1AIUACID8BPfcPE46ARCretiGWywVuQzAVKz1fkjwEwLmAo+2x\n" +
             "-----END CERTIFICATE-----",
             "308187020100301306072a8648ce3d020106082a8648ce3d030107046d306b02" +
-            "010104209aa3784cd0c1fe0553e59b3c7b8f08c8fdaffd94f34e2c1683243a79" +
-            "7b64b673a1440342000447d232bb0cab27b5fd0e622a182dd835395606de05a3" +
-            "f63746795cc614d5c5bfd901854d86a7b831b48cda7b159d83238d75c36afd69" +
-            "94d2af9a01837fdb3fb1");
+            "01010420ed3600c6b62b351b48b4c61f37c46c45460ff599aa7f9c2d79635d0e" +
+            "147c23a3a144034200040ccd68d1b8df6bdbf91c558c8716929dbae623d95151" +
+            "5e8f35a9df847328e72d969be66f51a88632ea20d4bd9939c3cc077871a93326" +
+            "cfccd48443699563962f"),
 
-    public final SignatureAlgorithm signatureAlgorithm;
+    // This certificate is generated by the below commands:
+    // openssl genpkey -algorithm ec -pkeyopt ec_paramgen_curve:P-256 \
+    //     -pkeyopt ec_param_enc:named_curve -out key.pem
+    // openssl req -new -key key.pem \
+    //     -subj "/CN=EC-RSA-SECP256-SHA256" -sha256 -out csr.pem
+    // openssl x509 -req -CAcreateserial -in csr.pem -sha256 \
+    //     -CA CA.cer -CAkey CA.key -out cer.pem
+    // Actually the CA is RSA_2048_SHA256
+    EC_RSA_PRIME256V1_SHA256(
+            KeyAlgorithm.EC,
+            "-----BEGIN CERTIFICATE-----\n" +
+            "MIIB9TCB3gIUIpSnxoBfFOKeRdx52FvEKuk1uvYwDQYJKoZIhvcNAQELBQAwGjEY\n" +
+            "MBYGA1UEAwwPUlNBLTIwNDgtU0hBMjU2MB4XDTE5MDExNjA2MDg0NloXDTE5MDIx\n" +
+            "NTA2MDg0NlowIDEeMBwGA1UEAwwVRUMtUlNBLVNFQ1AyNTYtU0hBMjU2MFkwEwYH\n" +
+            "KoZIzj0CAQYIKoZIzj0DAQcDQgAETcLM10u7ehsxJQbX3ypbSRMz7ZDkFS/QsmPF\n" +
+            "04NSwiBncQPjtpaPSshVDJzigEDfACcwIdO0BH4Eh2oHcB6hDzANBgkqhkiG9w0B\n" +
+            "AQsFAAOCAQEAHg06hhIec3ctUh7pao53ZF3SVJ/Pty4rgQ3Hb5gNhZHrmYWldj6J\n" +
+            "UagMRtfX0fJwzIdY0kNTol38es+6XDTCdYsaDDw4Ix1yF/xoExu6PqJ49npMVxqB\n" +
+            "yeXwg8aDB9sbmeczZp0kWa1DiN3HgJGoA8HbPOUZbuetCVl2ME82ZPdKdLaHgjO/\n" +
+            "Af3/gjYGVR27YB5sVIXkq3wJ5wEF+EvePKQZqnHFLhjz0xIIyp7mU6NFr26TsNh0\n" +
+            "JYecs5S0ydhf41x9GS4p8KpqRcfAOX4z5DEBe+BjgSuprGZabflFCbZ/PQrtBmdp\n" +
+            "5+cg/cNcA3zEXnsAzLu2R/+73/h9v75g/Q==\n" +
+            "-----END CERTIFICATE-----",
+            "308187020100301306072a8648ce3d020106082a8648ce3d030107046d306b02" +
+            "010104200ab17f2b70ba744b08564635ebfc535c60d43139e1c722cfb9c7152e" +
+            "9faad5b3a144034200044dc2ccd74bbb7a1b312506d7df2a5b491333ed90e415" +
+            "2fd0b263c5d38352c220677103e3b6968f4ac8550c9ce28040df00273021d3b4" +
+            "047e04876a07701ea10f"),
+
+    // This certificate is generated by the below commands:
+    // openssl genpkey -algorithm ec -pkeyopt ec_paramgen_curve:P-256 \
+    //     -pkeyopt ec_param_enc:named_curve -out key.pem
+    // openssl req -new -key key.pem -subj "/CN=EXAMPLE" -sha256 -out csr.pem
+    // openssl x509 -req -CAcreateserial -in csr.pem -sha256 \
+    //     -CA CA.cer -CAkey CA.key -out cer.pem
+    // Actually the CA is EXAMPLE_RSA_2048_SHA256
+    EXAMPLE_EC_RSA_PRIME256V1_SHA256(
+            KeyAlgorithm.EC,
+            "-----BEGIN CERTIFICATE-----\n" +
+            "MIIB3zCByAIUbogHun+2LFxbX9B5fImITzFQVfIwDQYJKoZIhvcNAQELBQAwEjEQ\n" +
+            "MA4GA1UEAwwHRVhBTVBMRTAeFw0xOTAxMTYwNjA4NDZaFw0xOTAyMTUwNjA4NDZa\n" +
+            "MBIxEDAOBgNVBAMMB0VYQU1QTEUwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASA\n" +
+            "pPapPXO0qJO7mDm9dTuSKdsxWatAaloJZnwenBFIY8krulHd8VPSGbERmxRBY/z2\n" +
+            "+MH8dwaC1t9DAFb+1qdWMA0GCSqGSIb3DQEBCwUAA4IBAQA3SfXMUFj7xCl7nR8L\n" +
+            "/6mf0La/q4O1pGKmVpy55aP7dZmY3xzaPtDFevdnMqb7tBTiLl0Y8OehMQW/8usb\n" +
+            "qtcYPekZJV5g1ezMhyB/AHecotfsrBS7l9r+IWYf/GUoQ8izC1srNXVrqDCt0cbB\n" +
+            "o7bc0lQFhI+rcMt1AzQtrNkVhX0dcBbLyhNJzgyAXatSB5R0/R3kTddUZfrOtOoC\n" +
+            "IXUZJRQ7hZKx7qi/U4+q246IuKSSp2SjFTU1QpeO4/Q06eJ3sbtx5Nd1Rfzlo2Jq\n" +
+            "uYi8szOupFC8xKCB+odMndHvh1QO/8E4e4r0mShkrnK3M/lKiwi67yl3Jk9uY9ls\n" +
+            "X5Q6\n" +
+            "-----END CERTIFICATE-----",
+            "308187020100301306072a8648ce3d020106082a8648ce3d030107046d306b02" +
+            "01010420618ff6a884185b97322aaeab5f9fdf8a14ab18d0478565317b483db0" +
+            "0f3b5bf6a1440342000480a4f6a93d73b4a893bb9839bd753b9229db3159ab40" +
+            "6a5a09667c1e9c114863c92bba51ddf153d219b1119b144163fcf6f8c1fc7706" +
+            "82d6df430056fed6a756");
+
+    public final KeyAlgorithm keyAlgorithm;
     public final String certMaterials;
     public final String privKeyMaterials;
 
     private Cert(
-            SignatureAlgorithm signatureAlgorithm,
+            KeyAlgorithm keyAlgorithm,
             String certMaterials,
             String privKeyMaterials) {
-        this.signatureAlgorithm = signatureAlgorithm;
+        this.keyAlgorithm = keyAlgorithm;
         this.certMaterials = certMaterials;
         this.privKeyMaterials = privKeyMaterials;
     }
 
     // Two certificates (mainCert and exampleCert) are selected to respect the
     // specified cipher suite. SNI-associated cases specify exampleCert as desired.
-    public static Cert[] getCerts(String cipherSuite) {
-        Cert mainCert = Cert.DSA_SHA1_1024;
-        Cert exampleCert = Cert.DSA_EXAMPLE_SHA1_1024;
-        if (cipherSuite.contains("_ECDHE_RSA_")) {
-            mainCert = Cert.RSA_SHA1_1024;
-            exampleCert = Cert.RSA_EXAMPLE_SHA1_1024;
-        } else if (cipherSuite.contains("_EC")) {
-            mainCert = Cert.ECDSA_SHA1_PRIME256V1;
-            exampleCert = Cert.ECDSA_EXAMPLE_SHA1_PRIME256V1;
-        } else if (cipherSuite.contains("_RSA")) {
-            mainCert = Cert.RSA_SHA1_1024;
-            exampleCert = Cert.RSA_EXAMPLE_SHA1_1024;
+    public static Cert[] getCerts(CipherSuite cipherSuite) {
+        Cert mainCert = Cert.ECDSA_PRIME256V1_SHA256;
+        Cert exampleCert = Cert.EXAMPLE_ECDSA_PRIME256V1_SHA256;
+        if (cipherSuite.keyExAlgorithm == KeyExAlgorithm.ECDHE_RSA
+                || cipherSuite.keyExAlgorithm == KeyExAlgorithm.DHE_RSA
+                || cipherSuite.keyExAlgorithm == KeyExAlgorithm.RSA) {
+            mainCert = Cert.RSA_2048_SHA256;
+            exampleCert = Cert.EXAMPLE_RSA_2048_SHA256;
+        } else if (cipherSuite.keyExAlgorithm == KeyExAlgorithm.ECDH_RSA) {
+            mainCert = Cert.EC_RSA_PRIME256V1_SHA256;
+            exampleCert = Cert.EXAMPLE_EC_RSA_PRIME256V1_SHA256;
+        } else if (cipherSuite.keyExAlgorithm == KeyExAlgorithm.DHE_DSS) {
+            mainCert = Cert.DSA_2048_SHA256;
+            exampleCert = Cert.EXAMPLE_DSA_2048_SHA256;
         }
         System.out.printf("mainCert=%s, exampleCert=%s%n",
                 mainCert, exampleCert);
         return new Cert[] { mainCert, exampleCert };
     }
 }
-
-enum SignatureAlgorithm {
-
-    RSA, DSA, ECDSA;
-}
--- a/test/jdk/javax/net/ssl/compatibility/Client.java	Fri Jan 18 13:22:10 2019 -0800
+++ b/test/jdk/javax/net/ssl/compatibility/Client.java	Fri Jan 18 23:07:48 2019 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2017, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -137,7 +137,7 @@
         Status status = Status.SUCCESS;
         Client client = null;
         try {
-            client = new Client(Cert.getCerts(cipherSuite));
+            client = new Client(Cert.getCerts(CipherSuite.cipherSuite(cipherSuite)));
             client.setEnabledProtocols(protocol);
             client.setEnabledCipherSuites(cipherSuite);
 
--- a/test/jdk/javax/net/ssl/compatibility/Compatibility.java	Fri Jan 18 13:22:10 2019 -0800
+++ b/test/jdk/javax/net/ssl/compatibility/Compatibility.java	Fri Jan 18 23:07:48 2019 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2017, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2017, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -28,8 +28,8 @@
  *     Note that, this is a manual test. For more details about the test and
  *     its usages, please look through README.
  *
- * @library /test/lib
- * @compile -source 1.7 -target 1.7 JdkUtils.java Parameter.java Server.java Client.java
+ * @library /test/lib ../TLSCommon
+ * @compile -source 1.7 -target 1.7 JdkUtils.java Server.java Client.java
  * @run main/manual Compatibility
  */
 
@@ -81,20 +81,16 @@
 
             for (UseCase useCase : UseCase.getAllUseCases()) {
                 for (JdkInfo serverJdk : jdkInfos) {
-                    if (useCase.ignoredByJdk(serverJdk)) {
-                        continue;
-                    }
-
                     Map<String, String> props = new LinkedHashMap<>();
                     if (debug) {
-                        props.put("javax.net.debug", "ssl");
+                        props.put("javax.net.debug", "all");
                     }
                     props.put("java.security.properties", javaSecurityFile);
 
-                    props.put(Utils.PROP_PROTOCOL, useCase.protocol.version);
+                    props.put(Utils.PROP_PROTOCOL, useCase.protocol.name);
                     props.put(Utils.PROP_CIPHER_SUITE, useCase.cipherSuite.name());
-                    props.put(Utils.PROP_CLIENT_AUTH, useCase.clientAuth.name());
-                    if (useCase.appProtocol != AppProtocol.NONE) {
+                    props.put(Utils.PROP_CLIENT_AUTH, String.valueOf(useCase.clientAuth));
+                    if (useCase.appProtocol != UseCase.AppProtocol.NONE) {
                         props.put(Utils.PROP_APP_PROTOCOLS,
                                 Utils.join(Utils.VALUE_DELIMITER,
                                         useCase.appProtocol.appProtocols));
@@ -109,14 +105,10 @@
                             serverJdk.supportsALPN + "");
 
                     for (JdkInfo clientJdk : jdkInfos) {
-                        if (useCase.ignoredByJdk(clientJdk)) {
-                            continue;
-                        }
-
                         TestCase testCase = new TestCase(serverJdk, clientJdk,
                                 useCase);
                         System.out.println(Utils.anchorName(testCase.toString(),
-                                "----- Case start -----"));
+                                "===== Case start ====="));
                         System.out.println(testCase.toString());
 
                         props.put(Utils.PROP_NEGATIVE_CASE_ON_SERVER,
@@ -138,7 +130,7 @@
                                 clientJdk.supportsSNI + "");
                         props.put(Utils.PROP_SUPPORTS_ALPN_ON_CLIENT,
                                 clientJdk.supportsALPN + "");
-                        if (useCase.serverName != ServerName.NONE) {
+                        if (useCase.serverName != UseCase.ServerName.NONE) {
                             props.put(Utils.PROP_SERVER_NAME,
                                     useCase.serverName.name);
                         }
@@ -158,7 +150,7 @@
                                 "ServerStatus=%s, ClientStatus=%s, CaseStatus=%s%n",
                                 serverStatus, clientStatus, testCase.getStatus());
 
-                        System.out.println("----- Case end -----");
+                        System.out.println("===== Case end =====");
                     }
                 }
             }
@@ -309,14 +301,14 @@
                             i + ""),
                     testCase.serverJdk.version,
                     testCase.clientJdk.version,
-                    testCase.useCase.protocol.version,
+                    testCase.useCase.protocol.name,
                     testCase.useCase.cipherSuite,
                     Utils.boolToStr(
-                            testCase.useCase.clientAuth == ClientAuth.TRUE),
+                            testCase.useCase.clientAuth),
                     Utils.boolToStr(
-                            testCase.useCase.serverName == ServerName.EXAMPLE),
+                            testCase.useCase.serverName == UseCase.ServerName.EXAMPLE),
                     Utils.boolToStr(
-                            testCase.useCase.appProtocol == AppProtocol.EXAMPLE),
+                            testCase.useCase.appProtocol == UseCase.AppProtocol.EXAMPLE),
                     testCase.getStatus()));
             failed = failed
                     || testCase.getStatus() == Status.FAIL
--- a/test/jdk/javax/net/ssl/compatibility/JdkInfo.java	Fri Jan 18 13:22:10 2019 -0800
+++ b/test/jdk/javax/net/ssl/compatibility/JdkInfo.java	Fri Jan 18 23:07:48 2019 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2017, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -31,7 +31,8 @@
     public final String jdkPath;
 
     public final String version;
-    public final boolean supportsECKey;
+    public final String supportedProtocols;
+    public final String supportedCipherSuites;
     public final boolean supportsSNI;
     public final boolean supportsALPN;
 
@@ -46,9 +47,10 @@
 
         String[] attributes = Utils.split(output, Utils.PARAM_DELIMITER);
         version = attributes[0].replaceAll(".*=", "");
-        supportsECKey = Boolean.valueOf(attributes[1].replaceAll(".*=", ""));
-        supportsSNI = Boolean.valueOf(attributes[2].replaceAll(".*=", ""));
-        supportsALPN = Boolean.valueOf(attributes[3].replaceAll(".*=", ""));
+        supportedProtocols = attributes[1].replaceAll(".*=", "");
+        supportedCipherSuites = attributes[2].replaceAll(".*=", "");
+        supportsSNI = Boolean.valueOf(attributes[3].replaceAll(".*=", ""));
+        supportsALPN = Boolean.valueOf(attributes[4].replaceAll(".*=", ""));
     }
 
     // Determines the specific attributes for the specified JDK.
@@ -83,10 +85,11 @@
         return true;
     }
 
+    public boolean supportsProtocol(Protocol protocol) {
+        return supportedProtocols.contains(protocol.name);
+    }
+
     public boolean supportsCipherSuite(CipherSuite cipherSuite) {
-        JdkRelease jdkRelease = JdkRelease.getRelease(version);
-        return cipherSuite.startJdk.sequence <= jdkRelease.sequence
-                && (cipherSuite.endJdk == null
-                        || cipherSuite.endJdk.sequence >= jdkRelease.sequence);
+        return supportedCipherSuites.contains(cipherSuite.name());
     }
 }
--- a/test/jdk/javax/net/ssl/compatibility/JdkUtils.java	Fri Jan 18 13:22:10 2019 -0800
+++ b/test/jdk/javax/net/ssl/compatibility/JdkUtils.java	Fri Jan 18 23:07:48 2019 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2017, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -21,10 +21,11 @@
  * questions.
  */
 
-import java.security.KeyFactory;
 import java.security.NoSuchAlgorithmException;
 
+import javax.net.ssl.SSLContext;
 import javax.net.ssl.SSLParameters;
+import javax.net.ssl.SSLSocketFactory;
 
 /*
  * This class is used for returning some specific JDK information.
@@ -32,7 +33,8 @@
 public class JdkUtils {
 
     public static final String JAVA_RUNTIME_VERSION = "javaRuntimeVersion";
-    public static final String SUPPORTS_EC_KEY = "supportsECKey";
+    public static final String SUPPORTED_PROTOCOLS = "supportedProtocols";
+    public static final String SUPPORTED_CIPHER_SUITES = "supportedCipherSuites";
     public static final String SUPPORTS_SNI = "supportsSNI";
     public static final String SUPPORTS_ALPN = "supportsALPN";
 
@@ -41,15 +43,39 @@
         return System.getProperty("java.runtime.version");
     }
 
-    // Checks if EC key algorithm is supported by the JDK build.
-    private static boolean supportsECKey() {
-        boolean isSupported = true;
+    private static String supportedProtocols() {
+        StringBuilder protocols = new StringBuilder();
+        for (String protocol : new String[] {
+                "TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3" }) {
+            if (supportsProtocol(protocol)) {
+                protocols.append(protocol).append(Utils.VALUE_DELIMITER);
+            }
+        }
+        return protocols.toString().substring(
+                0, protocols.toString().length() - 1);
+    }
+
+    private static boolean supportsProtocol(String protocol) {
+        boolean supported = true;
         try {
-            KeyFactory.getInstance("EC");
+            SSLContext.getInstance(protocol);
         } catch (NoSuchAlgorithmException e) {
-            isSupported = false;
+            supported = false;
         }
-        return isSupported;
+        return supported;
+    }
+
+    private static String supportedCipherSuites() {
+        StringBuilder cipherSuites = new StringBuilder();
+        String[] supportedCipherSuites = ((SSLSocketFactory) SSLSocketFactory
+                .getDefault()).getSupportedCipherSuites();
+        for (int i = 0; i < supportedCipherSuites.length - 1; i++) {
+            cipherSuites.append(supportedCipherSuites[i])
+                    .append(Utils.VALUE_DELIMITER);
+        }
+        cipherSuites.append(
+                supportedCipherSuites[supportedCipherSuites.length - 1]);
+        return cipherSuites.toString();
     }
 
     // Checks if SNI is supported by the JDK build.
@@ -74,10 +100,11 @@
         return isSupported;
     }
 
-    public static void main(String[] args) {
+    public static void main(String[] args) throws NoSuchAlgorithmException {
         System.out.print(Utils.join(Utils.PARAM_DELIMITER,
                 attr(JAVA_RUNTIME_VERSION, javaRuntimeVersion()),
-                attr(SUPPORTS_EC_KEY, supportsECKey()),
+                attr(SUPPORTED_PROTOCOLS, supportedProtocols()),
+                attr(SUPPORTED_CIPHER_SUITES, supportedCipherSuites()),
                 attr(SUPPORTS_SNI, supportsSNI()),
                 attr(SUPPORTS_ALPN, supportsALPN())));
     }
--- a/test/jdk/javax/net/ssl/compatibility/Parameter.java	Fri Jan 18 13:22:10 2019 -0800
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,252 +0,0 @@
-/*
- * Copyright (c) 2017, 2018, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-/*
- * A tagging interface that all TLS communication parameters must implement.
- */
-public interface Parameter { }
-
-/* The followings are TLS communication parameters. */
-
-enum Protocol implements Parameter {
-
-    SSLV3_0(3, "SSLv3"),
-    TLSV1_0(4, "TLSv1"),
-    TLSV1_1(5, "TLSv1.1"),
-    TLSV1_2(6, "TLSv1.2");
-
-    public final int sequence;
-    public final String version;
-
-    private Protocol(int sequence, String version) {
-        this.sequence = sequence;
-        this.version = version;
-    }
-
-    static Protocol getProtocol(String version) {
-        for (Protocol protocol : values()) {
-            if (protocol.version.equals(version)) {
-                return protocol;
-            }
-        }
-
-        return null;
-    }
-
-    static Protocol[] getMandatoryValues() {
-        return new Protocol[] { TLSV1_0, TLSV1_1, TLSV1_2 };
-    }
-}
-
-enum CipherSuite implements Parameter {
-
-    TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384(
-            Protocol.TLSV1_2, JdkRelease.JDK7),
-    TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384(
-            Protocol.TLSV1_2, JdkRelease.JDK7),
-    TLS_RSA_WITH_AES_256_CBC_SHA256(
-            Protocol.TLSV1_2, JdkRelease.JDK7),
-    TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384(
-            Protocol.TLSV1_2, JdkRelease.JDK7),
-    TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384(
-            Protocol.TLSV1_2, JdkRelease.JDK7),
-    TLS_DHE_RSA_WITH_AES_256_CBC_SHA256(
-            Protocol.TLSV1_2, JdkRelease.JDK7),
-    TLS_DHE_DSS_WITH_AES_256_CBC_SHA256(
-            Protocol.TLSV1_2, JdkRelease.JDK7),
-    TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA(),
-    TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA(),
-    TLS_RSA_WITH_AES_256_CBC_SHA(),
-    TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA(),
-    TLS_ECDH_RSA_WITH_AES_256_CBC_SHA(),
-    TLS_DHE_RSA_WITH_AES_256_CBC_SHA(),
-    TLS_DHE_DSS_WITH_AES_256_CBC_SHA(),
-    TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256(
-            Protocol.TLSV1_2, JdkRelease.JDK7),
-    TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256(
-            Protocol.TLSV1_2, JdkRelease.JDK7),
-    TLS_RSA_WITH_AES_128_CBC_SHA256(
-            Protocol.TLSV1_2, JdkRelease.JDK7),
-    TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256(
-            Protocol.TLSV1_2, JdkRelease.JDK7),
-    TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256(
-            Protocol.TLSV1_2, JdkRelease.JDK7),
-    TLS_DHE_RSA_WITH_AES_128_CBC_SHA256(
-            Protocol.TLSV1_2, JdkRelease.JDK7),
-    TLS_DHE_DSS_WITH_AES_128_CBC_SHA256(
-            Protocol.TLSV1_2, JdkRelease.JDK7),
-    TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA(),
-    TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA(),
-    TLS_RSA_WITH_AES_128_CBC_SHA(),
-    TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA(),
-    TLS_ECDH_RSA_WITH_AES_128_CBC_SHA(
-            Protocol.SSLV3_0, JdkRelease.JDK7),
-    TLS_DHE_RSA_WITH_AES_128_CBC_SHA(),
-    TLS_DHE_DSS_WITH_AES_128_CBC_SHA(),
-    TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384(
-            Protocol.TLSV1_2, JdkRelease.JDK8),
-    TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256(
-            Protocol.TLSV1_2, JdkRelease.JDK8),
-    TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384(
-            Protocol.TLSV1_2, JdkRelease.JDK8),
-    TLS_RSA_WITH_AES_256_GCM_SHA384(
-            Protocol.TLSV1_2, JdkRelease.JDK8),
-    TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384(
-            Protocol.TLSV1_2, JdkRelease.JDK8),
-    TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384(
-            Protocol.TLSV1_2, JdkRelease.JDK8),
-    TLS_DHE_RSA_WITH_AES_256_GCM_SHA384(
-            Protocol.TLSV1_2, JdkRelease.JDK8),
-    TLS_DHE_DSS_WITH_AES_256_GCM_SHA384(
-            Protocol.TLSV1_2, JdkRelease.JDK8),
-    TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256(
-            Protocol.TLSV1_2, JdkRelease.JDK8),
-    TLS_RSA_WITH_AES_128_GCM_SHA256(
-            Protocol.TLSV1_2, JdkRelease.JDK8),
-    TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256(
-            Protocol.TLSV1_2, JdkRelease.JDK8),
-    TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256(
-            Protocol.TLSV1_2, JdkRelease.JDK8),
-    TLS_DHE_RSA_WITH_AES_128_GCM_SHA256(
-            Protocol.TLSV1_2, JdkRelease.JDK8),
-    TLS_DHE_DSS_WITH_AES_128_GCM_SHA256(
-            Protocol.TLSV1_2, JdkRelease.JDK8),
-    TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA(),
-    TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA(),
-    TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA(),
-    TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA(),
-    TLS_ECDHE_ECDSA_WITH_RC4_128_SHA(),
-    TLS_ECDHE_RSA_WITH_RC4_128_SHA(),
-    TLS_ECDH_ECDSA_WITH_RC4_128_SHA(),
-    TLS_ECDH_RSA_WITH_RC4_128_SHA(),
-    SSL_RSA_WITH_RC4_128_SHA(),
-    SSL_RSA_WITH_3DES_EDE_CBC_SHA(),
-    SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA(
-            Protocol.SSLV3_0, JdkRelease.JDK7),
-    SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA(
-            Protocol.SSLV3_0, JdkRelease.JDK7),
-    SSL_RSA_WITH_RC4_128_MD5(
-            Protocol.SSLV3_0, JdkRelease.JDK7);
-
-    private static final boolean FULL_CIPHER_SUITES
-            = Utils.getBoolProperty("fullCipherSuites");
-
-    final Protocol startProtocol;
-    final Protocol endProtocol;
-
-    final JdkRelease startJdk;
-    final JdkRelease endJdk;
-
-    private CipherSuite(
-            Protocol startProtocol, Protocol endProtocol,
-            JdkRelease startJdk, JdkRelease endJdk) {
-        this.startProtocol = startProtocol;
-        this.endProtocol = endProtocol;
-
-        this.startJdk = startJdk;
-        this.endJdk = endJdk;
-    }
-
-    private CipherSuite(Protocol startProtocol, JdkRelease startJdk) {
-        this(startProtocol, null, startJdk, null);
-    }
-
-    private CipherSuite() {
-        this(Protocol.TLSV1_0, null, JdkRelease.JDK7, null);
-    }
-
-    boolean supportedByProtocol(Protocol protocol) {
-        return startProtocol.sequence <= protocol.sequence
-                && (endProtocol == null || endProtocol.sequence >= protocol.sequence);
-    }
-
-    static CipherSuite[] getMandatoryValues() {
-        return FULL_CIPHER_SUITES
-               ? values()
-               : new CipherSuite[] {
-                       TLS_RSA_WITH_AES_128_CBC_SHA,
-                       TLS_DHE_DSS_WITH_AES_128_CBC_SHA,
-                       TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
-                       TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
-                       TLS_RSA_WITH_AES_256_CBC_SHA256,
-                       TLS_DHE_DSS_WITH_AES_256_CBC_SHA256,
-                       TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
-                       TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 };
-    }
-
-    static CipherSuite getCipherSuite(String name) {
-        for (CipherSuite cipherSuite : values()) {
-            if (cipherSuite.name().equals(name)) {
-                return cipherSuite;
-            }
-        }
-
-        return null;
-    }
-}
-
-enum ClientAuth implements Parameter {
-
-    FALSE,
-    TRUE;
-
-    static ClientAuth[] getMandatoryValues() {
-        return new ClientAuth[] { TRUE };
-    }
-}
-
-enum ServerName implements Parameter {
-
-    NONE(null),
-    EXAMPLE("www.example.com");
-
-    final String name;
-
-    private ServerName(String name) {
-        this.name = name;
-    }
-
-    static ServerName[] getMandatoryValues() {
-        return new ServerName[] { EXAMPLE };
-    }
-}
-
-enum AppProtocol implements Parameter {
-
-    NONE(null, null),
-    EXAMPLE(new String[] { Utils.HTTP_2, Utils.HTTP_1_1 }, Utils.HTTP_2);
-
-    final String[] appProtocols;
-
-    // Expected negotiated application protocol
-    final String negoAppProtocol;
-
-    private AppProtocol(String[] appProtocols, String negoAppProtocol) {
-        this.appProtocols = appProtocols;
-        this.negoAppProtocol = negoAppProtocol;
-    }
-
-    static AppProtocol[] getMandatoryValues() {
-        return new AppProtocol[] { EXAMPLE };
-    }
-}
--- a/test/jdk/javax/net/ssl/compatibility/README	Fri Jan 18 13:22:10 2019 -0800
+++ b/test/jdk/javax/net/ssl/compatibility/README	Fri Jan 18 23:07:48 2019 +0100
@@ -1,4 +1,4 @@
-# Copyright (c) 2017, 2018, Oracle and/or its affiliates. All rights reserved.
+# Copyright (c) 2017, 2019, Oracle and/or its affiliates. All rights reserved.
 # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 #
 # This code is free software; you can redistribute it and/or modify it
@@ -21,10 +21,10 @@
 
 ##### Summary #####
 This test is used to check the interop compatibility on JSSE among different
-JDK releases. The oldest version supported by the test is JDK 6. Some of Java
-source files, JdkUtils.java, Parameter.java, Server.java, and Client.java, use
-only JDK 6-compliant language features and APIs, in order to allowing different
-JDK releases can load and run associated classes.
+JDK releases. The oldest version supported by the test is JDK 7. Some of Java
+source files, JdkUtils.java, Server.java, and Client.java, use only JDK 7-compliant
+language features and APIs, in order to allowing different JDK releases can load
+and run associated classes.
 
 ##### Output #####
 The test can generate a report at $JTREG_WORKDIR/scratch/report.html to display
@@ -78,7 +78,7 @@
 Besides the common jtreg options, like -jdk, this test introduces some more
 properties:
 debug
-    It indicates if the test enable -Djavax.net.ssl=debug. This is a boolean
+    It indicates if the test enable -Djavax.net.debug=all. This is a boolean
     property, and the default value is false.
     It is not mandatory.
 
--- a/test/jdk/javax/net/ssl/compatibility/Server.java	Fri Jan 18 13:22:10 2019 -0800
+++ b/test/jdk/javax/net/ssl/compatibility/Server.java	Fri Jan 18 23:07:48 2019 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2017, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2017, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -120,7 +120,7 @@
         Status status = Status.SUCCESS;
         Server server = null;
         try {
-            server = new Server(Cert.getCerts(cipherSuite));
+            server = new Server(Cert.getCerts(CipherSuite.cipherSuite(cipherSuite)));
             System.out.println("port=" + server.getPort());
             server.setNeedClientAuth(clientAuth);
             server.setEnabledProtocols(protocol);
@@ -146,16 +146,20 @@
                 server.close();
             }
 
-            // Cleanups port log.
-            if (!new File(Utils.PORT_LOG).delete()) {
-                throw new RuntimeException("Cannot delete port log");
-            }
+            deletePortFile();
         }
 
         System.out.println("STATUS: " + status);
         System.out.println("----- Server end -----");
     }
 
+    private static void deletePortFile() {
+        File portFile = new File(Utils.PORT_LOG);
+        if (portFile.exists() && !portFile.delete()) {
+            throw new RuntimeException("Cannot delete port log");
+        }
+    }
+
     private static void savePort(int port) throws IOException {
         FileWriter writer = null;
         try {
--- a/test/jdk/javax/net/ssl/compatibility/UseCase.java	Fri Jan 18 13:22:10 2019 -0800
+++ b/test/jdk/javax/net/ssl/compatibility/UseCase.java	Fri Jan 18 23:07:48 2019 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2017, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -32,16 +32,119 @@
     private static final boolean FULL_CASES
             = Utils.getBoolProperty("fullCases");
 
-    private static final Parameter[][] PARAMS = new Parameter[][] {
-            FULL_CASES ? Protocol.values() : Protocol.getMandatoryValues(),
-            FULL_CASES ? CipherSuite.values() : CipherSuite.getMandatoryValues(),
-            FULL_CASES ? ClientAuth.values() : ClientAuth.getMandatoryValues(),
-            FULL_CASES ? ServerName.values() : ServerName.getMandatoryValues(),
-            FULL_CASES ? AppProtocol.values() : AppProtocol.getMandatoryValues() };
+    public static final boolean FULL_CIPHER_SUITES
+            = Utils.getBoolProperty("fullCipherSuites");
+
+    public static final Protocol[] PROTOCOLS = new Protocol[] {
+            Protocol.TLSV1,
+            Protocol.TLSV1_1,
+            Protocol.TLSV1_2,
+            Protocol.TLSV1_3 };
+
+    public static final CipherSuite[] CIPHER_SUITES = new CipherSuite[] {
+            CipherSuite.TLS_AES_128_GCM_SHA256,
+            CipherSuite.TLS_AES_256_GCM_SHA384,
+            CipherSuite.TLS_CHACHA20_POLY1305_SHA256,
+            CipherSuite.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
+            CipherSuite.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
+            CipherSuite.TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
+            CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
+            CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
+            CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA256,
+            CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,
+            CipherSuite.TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,
+            CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
+            CipherSuite.TLS_DHE_DSS_WITH_AES_256_CBC_SHA256,
+            CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
+            CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
+            CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA,
+            CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
+            CipherSuite.TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
+            CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
+            CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
+            CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
+            CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA256,
+            CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,
+            CipherSuite.TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,
+            CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
+            CipherSuite.TLS_DHE_DSS_WITH_AES_128_CBC_SHA256,
+            CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
+            CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
+            CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA,
+            CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
+            CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
+            CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
+            CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
+            CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
+            CipherSuite.TLS_RSA_WITH_AES_256_GCM_SHA384,
+            CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
+            CipherSuite.TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,
+            CipherSuite.TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
+            CipherSuite.TLS_DHE_DSS_WITH_AES_256_GCM_SHA384,
+            CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
+            CipherSuite.TLS_RSA_WITH_AES_128_GCM_SHA256,
+            CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
+            CipherSuite.TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,
+            CipherSuite.TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
+            CipherSuite.TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 };
+
+    public static final CipherSuite[] MANDATORY_CIPHER_SUITES = new CipherSuite[] {
+            CipherSuite.TLS_AES_128_GCM_SHA256,
+            CipherSuite.TLS_CHACHA20_POLY1305_SHA256,
+            CipherSuite.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
+            CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA,
+            CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
+            CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
+            CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA256,
+            CipherSuite.TLS_DHE_DSS_WITH_AES_256_CBC_SHA256,
+            CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
+            CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 };
+
+    enum ServerName {
+
+        NONE(null),
+        EXAMPLE("EXAMPLE");
+
+        final String name;
+
+        private ServerName(String name) {
+            this.name = name;
+        }
+    }
+
+    enum AppProtocol {
+
+        NONE(null, null),
+        EXAMPLE(new String[] { Utils.HTTP_2, Utils.HTTP_1_1 }, Utils.HTTP_2);
+
+        final String[] appProtocols;
+
+        // Expected negotiated application protocol
+        final String negoAppProtocol;
+
+        private AppProtocol(String[] appProtocols, String negoAppProtocol) {
+            this.appProtocols = appProtocols;
+            this.negoAppProtocol = negoAppProtocol;
+        }
+    }
+
+    private static final Object[][] PARAMS = new Object[][] {
+            FULL_CASES ? PROTOCOLS : PROTOCOLS,
+            FULL_CASES ? CIPHER_SUITES : MANDATORY_CIPHER_SUITES,
+            FULL_CASES ? new Boolean[] { false, true } : new Boolean[] { true },
+            FULL_CASES
+                    ? new ServerName[] { ServerName.NONE, ServerName.EXAMPLE }
+                    : new ServerName[] { ServerName.EXAMPLE },
+            FULL_CASES
+                    ? new AppProtocol[] {
+                            AppProtocol.NONE,
+                            AppProtocol.EXAMPLE }
+                    : new AppProtocol[] {
+                            AppProtocol.EXAMPLE } };
 
     public final Protocol protocol;
     public final CipherSuite cipherSuite;
-    public final ClientAuth clientAuth;
+    public final Boolean clientAuth;
     public final ServerName serverName;
     public final AppProtocol appProtocol;
 
@@ -50,7 +153,7 @@
     public UseCase(
             Protocol protocol,
             CipherSuite cipherSuite,
-            ClientAuth clientAuth,
+            boolean clientAuth,
             ServerName serverName,
             AppProtocol appProtocol) {
         this.protocol = protocol;
@@ -62,15 +165,10 @@
         negativeCase = !cipherSuite.supportedByProtocol(protocol);
     }
 
-    // JDK 6 doesn't support EC key algorithm.
-    public boolean ignoredByJdk(JdkInfo jdkInfo) {
-        return cipherSuite.name().contains("_EC") && !jdkInfo.supportsECKey;
-    }
-
     @Override
     public String toString() {
         return Utils.join(Utils.PARAM_DELIMITER,
-                "Protocol=" + protocol.version,
+                "Protocol=" + protocol.name,
                 "CipherSuite=" + cipherSuite,
                 "ClientAuth=" + clientAuth,
                 "ServerName=" + serverName,
@@ -79,12 +177,12 @@
 
     public static List<UseCase> getAllUseCases() {
         List<UseCase> useCases = new ArrayList<>();
-        getUseCases(PARAMS, 0, new Parameter[PARAMS.length], useCases);
+        getUseCases(PARAMS, 0, new Object[PARAMS.length], useCases);
         return useCases;
     }
 
-    private static void getUseCases(Parameter[][] params, int index,
-            Parameter[] currentValues, List<UseCase> useCases) {
+    private static void getUseCases(Object[][] params, int index,
+            Object[] currentValues, List<UseCase> useCases) {
         if (index == params.length) {
             Protocol protocol = (Protocol) currentValues[0];
             CipherSuite cipherSuite = (CipherSuite) currentValues[1];
@@ -92,12 +190,12 @@
             UseCase useCase = new UseCase(
                     protocol,
                     cipherSuite,
-                    (ClientAuth) currentValues[2],
+                    (Boolean) currentValues[2],
                     (ServerName) currentValues[3],
                     (AppProtocol) currentValues[4]);
             useCases.add(useCase);
         } else {
-            Parameter[] values = params[index];
+            Object[] values = params[index];
             for (int i = 0; i < values.length; i++) {
                 currentValues[index] = values[i];
                 getUseCases(params, index + 1, currentValues, useCases);
--- a/test/jdk/javax/net/ssl/compatibility/Utils.java	Fri Jan 18 13:22:10 2019 -0800
+++ b/test/jdk/javax/net/ssl/compatibility/Utils.java	Fri Jan 18 23:07:48 2019 +0100
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2017, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -124,19 +124,11 @@
         PKCS8EncodedKeySpec privKeySpec = new PKCS8EncodedKeySpec(
                 hexToBytes(cert.privKeyMaterials));
         KeyFactory keyFactory = KeyFactory.getInstance(
-                getKeyAlgorithm(cert.signatureAlgorithm));
+                cert.keyAlgorithm.name);
         PrivateKey privKey = keyFactory.generatePrivate(privKeySpec);
         return privKey;
     }
 
-    private static String getKeyAlgorithm(
-            SignatureAlgorithm signatureAlgorithm) {
-        String signatureAlogrithmName = signatureAlgorithm.name();
-        return signatureAlogrithmName.equals(SignatureAlgorithm.ECDSA.name())
-               ? "EC"
-               : signatureAlogrithmName;
-    }
-
     public static byte[] hexToBytes(String hex) {
         if (hex == null) {
             return null;