changeset 16497:3988073febb1

8165071: Expand TLS support Reviewed-by: jnimeh, ahgross, asmotrak
author xuelei
date Tue, 13 Sep 2016 00:20:17 +0000
parents e42ed4c98eb6
children 71a9f5431a44
files src/java.base/share/conf/security/java.security test/javax/net/ssl/SSLParameters/UseCipherSuitesOrder.java
diffstat 2 files changed, 7 insertions(+), 6 deletions(-) [+]
line wrap: on
line diff
--- a/src/java.base/share/conf/security/java.security	Tue Aug 16 17:05:00 2016 +0530
+++ b/src/java.base/share/conf/security/java.security	Tue Sep 13 00:20:17 2016 +0000
@@ -720,7 +720,7 @@
 # Note: The algorithm restrictions do not apply to trust anchors or
 # self-signed certificates.
 #
-# Note: This property is currently used by Oracle's JSSE implementation.
+# Note: This property is currently used by the JDK Reference implementation.
 # It is not guaranteed to be examined and used by other implementations.
 #
 # Example:
@@ -740,7 +740,7 @@
 # During SSL/TLS security parameters negotiation, legacy algorithms will
 # not be negotiated unless there are no other candidates.
 #
-# The syntax of the disabled algorithm string is described as this Java
+# The syntax of the legacy algorithms string is described as this Java
 # BNF-style:
 #   LegacyAlgorithms:
 #       " LegacyAlgorithm { , LegacyAlgorithm } "
@@ -776,7 +776,7 @@
 # javax.net.ssl.SSLParameters.setAlgorithmConstraints()),
 # then the algorithm is completely disabled and will not be negotiated.
 #
-# Note: This property is currently used by Oracle's JSSE implementation.
+# Note: This property is currently used by the JDK Reference implementation.
 # It is not guaranteed to be examined and used by other implementations.
 # There is no guarantee the property will continue to exist or be of the
 # same syntax in future releases.
@@ -789,7 +789,8 @@
         DHE_DSS_EXPORT, DHE_RSA_EXPORT, DH_anon_EXPORT, DH_DSS_EXPORT, \
         DH_RSA_EXPORT, RSA_EXPORT, \
         DH_anon, ECDH_anon, \
-        RC4_128, RC4_40, DES_CBC, DES40_CBC
+        RC4_128, RC4_40, DES_CBC, DES40_CBC, \
+        3DES_EDE_CBC
 
 # The pre-defined default finite field Diffie-Hellman ephemeral (DHE)
 # parameters for Transport Layer Security (SSL/TLS/DTLS) processing.
--- a/test/javax/net/ssl/SSLParameters/UseCipherSuitesOrder.java	Tue Aug 16 17:05:00 2016 +0530
+++ b/test/javax/net/ssl/SSLParameters/UseCipherSuitesOrder.java	Tue Sep 13 00:20:17 2016 +0000
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2015, 2016, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -31,7 +31,7 @@
  * @bug 7188657
  * @summary There should be a way to reorder the JSSE ciphers
  * @run main/othervm UseCipherSuitesOrder
- *     TLS_RSA_WITH_AES_128_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA
+ *     TLS_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA
  */
 
 import java.io.*;