Commit Graph

44 Commits

Author SHA1 Message Date
Prasadrao Koppula 39c1549588 8211883: Disable anon and NULL cipher suites
Reviewed-by: mullan, coffeys
2018-10-30 11:06:28 +05:30
Ivan Gerasimov 14a439400a 8165071: Expand TLS support
Reviewed-by: jnimeh, ahgross, asmotrak
2016-09-18 23:22:46 +03:00
Ivan Gerasimov 7fc707d8d0 8146387: Test SSLSession/SessionCacheSizeTests socket accept timed out
Reviewed-by: weijun, wetmore
2016-04-26 20:31:59 +03:00
Ivan Gerasimov 97f5b2160f 8146669: Test SessionTimeOutTests fails intermittently
Reviewed-by: mullan
2016-04-26 20:31:56 +03:00
Ivan Gerasimov 5c4771e7b7 8037557: test SessionCacheSizeTests.java timeout
Reviewed-by: weijun
2016-04-26 20:31:58 +03:00
Ivan Gerasimov 2e6171c321 8144313: Test SessionTimeOutTests can be timeout
Reviewed-by: mullan
2016-04-26 20:31:54 +03:00
Ivan Gerasimov a5a7a15c18 8144773: Further reduce use of MD5
Reviewed-by: mullan, wetmore, jnimeh, ahgross
2015-12-15 16:20:09 +03:00
Sean Coffey 08f3b0d50f 8141287: Add MD5 to jdk.certpath.disabledAlgorithms - Take 2
Reviewed-by: xuelei
2015-11-03 19:07:45 +00:00
Abhijit Saha 61522abf9c 8138712: Backout JDK-8030829 and JDK-8136742 from 8u65, and 8u66 release
Backing out changeset 25108312011d, 343b26d13f12

Reviewed-by: coffeys
2015-10-01 11:16:16 -07:00
Ivan Gerasimov f5da3e8708 8030829: Add MD5 to jdk.certpath.disabledAlgorithms security property
Reviewed-by: mullan, weijun
2015-07-03 21:50:43 +03:00
Abhijit Saha bcb696c0b2 Merge 2015-05-29 10:15:38 -07:00
Xue-Lei Andrew Fan 35d4162361 8076221: Disable RC4 cipher suites
Reviewed-by: xuelei, wetmore
2015-04-15 11:17:01 +00:00
Artem Smotrakov eb19d4f31e 8043202: Prohibit RC4 cipher suites
Reviewed-by: xuelei
2015-04-15 13:26:17 +03:00
Artem Smotrakov 21ccf68678 8043201: Deprecate RC4 in SunJSSE provider
Reviewed-by: xuelei
2015-03-03 16:26:24 -08:00
Xue-Lei Andrew Fan b7ef3a6bdc 8061210: Issues in TLS
Reviewed-by: jnimeh, mullan, wetmore, ahgross, asmotrak
2014-10-24 11:49:24 +00:00
Xue-Lei Andrew Fan baeacc8e45 8061210: Issues in TLS
Reviewed-by: jnimeh, mullan, wetmore, ahgross, asmotrak
2014-10-24 11:49:24 +00:00
Lana Steuck 03b4e5d3ba 8029235: Update copyright year to match last edit in jdk8 jdk repository for 2013
Updated files with 2011, 2012 and 2013 years according to the file's last updated date

Reviewed-by: tbell, lancea, chegar
2013-12-26 12:04:16 -08:00
Xue-Lei Andrew Fan 48ff6566cc 7093640: Enable client-side TLS 1.2 by default
Reviewed-by: weijun, mullan, wetmore
2013-12-18 16:46:15 -08:00
Xue-Lei Andrew Fan cc6f28352f 8023147: Test DisabledShortRSAKeys.java intermittent failed
Reviewed-by: mullan
2013-11-13 01:14:23 -08:00
Xue-Lei Andrew Fan 8b9c8247a8 7188657: There should be a way to reorder the JSSE ciphers
Reviewed-by: weijun, wetmore
2013-09-07 17:05:22 -07:00
Xue-Lei Andrew Fan 1cff90b335 8024068: sun/security/ssl/javax/net/ssl/ServerName/IllegalSNIName.java fails
Reviewed-by: weijun
2013-09-01 20:00:03 -07:00
Xue-Lei Andrew Fan cac8b88f48 8022228: Intermittent test failures in sun/security/ssl/javax/net/ssl/NewAPIs
Reviewed-by: weijun
2013-08-21 19:44:35 -07:00
Xue-Lei Andrew Fan 2e2313ef87 8020842: IDN do not throw IAE when hostname ends with a trailing dot
Reviewed-by: weijun, michaelm
2013-08-19 17:42:39 -07:00
Xue-Lei Andrew Fan a973a4d533 8011680: Re-integrate AEAD implementation of JSSE
It is a re-merge of JDK-7030966.

Reviewed-by: wetmore
2013-04-11 18:57:14 -07:00
Bradford Wetmore 9e5da0ad31 8009925: Back out AEAD CipherSuites temporarily
Reviewed-by: valeriep
2013-03-12 15:31:49 -07:00
Xue-Lei Andrew Fan 9abb185430 7030966: Support AEAD CipherSuites
Reviewed-by: weijun, wetmore, valeriep
2013-03-01 02:34:34 -08:00
Mark Sheppard ec9e303630 8006182: cleanup to use java.util.Base64 in java security component, providers, and regression tests
Refactored code to use java.util.Base64 Mime Encoder and Decoder as a replacement for sun.misc.BASE64Encoder and sun.misc.BASE64Decoder

Reviewed-by: vinnie, chegar, sherman
2013-02-21 20:01:22 +00:00
Xue-Lei Andrew Fan 6d41a58c82 7109274: Restrict the use of certificates with RSA keys less than 1024 bits
This restriction is applied via the Java Security property, "jdk.certpath.disabledAlgorithms". This will impact providers that adhere to this security property.

Reviewed-by: mullan
2012-12-28 00:48:12 -08:00
Alan Bateman 430592a30e 7197491: update copyright year to match last edit in jdk8 jdk repository
Reviewed-by: chegar, ksrini
2012-11-02 15:50:11 +00:00
Xue-Lei Andrew Fan b01d15feb0 8001466: Nightly regression test failure of SSLSocketSNISensitive.java
Reviewed-by: weijun
2012-10-24 08:25:29 -07:00
Xue-Lei Andrew Fan 1892ebf911 7068321: Support TLS Server Name Indication (SNI) Extension in JSSE Server
Reviewed-by: mullan, weijun, wetmore
2012-10-18 01:14:00 -07:00
Xue-Lei Andrew Fan 8b5551f1eb 7106773: 512 bits RSA key cannot work with SHA384 and SHA512
Reviewed-by: weijun
2012-01-12 03:39:37 -08:00
Weijun Wang 687f622f95 7115744: Do not call File::deleteOnExit in security tests
Reviewed-by: xuelei
2011-11-28 18:16:29 +08:00
Abhijit Saha f03cbcc678 Merge 2011-11-14 11:52:09 -08:00
Xue-Lei Andrew Fan 73b50710f0 7064341: jsse/runtime security problem
Reviewed-by: wetmore
2011-09-29 17:31:30 -07:00
Weijun Wang 610c9dd4e3 7055363: jdk_security3 test target cleanup
Reviewed-by: alanb, xuelei
2011-08-12 12:26:31 +08:00
Xue-Lei Andrew Fan 2a48e38d0f 6976117: SSLContext.getInstance("TLSv1.1") returns SSLEngines/SSLSockets without TLSv1.1 enabled
Reorg the SSLContext implementation

Reviewed-by: weijun
2011-04-08 02:00:09 -07:00
Xue-Lei Andrew Fan 7705e63e30 7022855: Export "PKIX" as the standard algorithm name of KeyManagerFactory
Export the existing "NewSunX509" algorithm implementation using the standard name "PKIX"

Reviewed-by: weijun, wetmore
2011-03-15 23:13:35 -07:00
Xue-Lei Andrew Fan f685cc171a 6916074: Add support for TLS 1.2
6985179: To support Server Name Indication extension for JSSE client

Introduces the algorithm constraints to support signature and hash algorithm selection. Includes contributions from wetmore and weijung.

Reviewed-by: wetmore, weijun
2010-11-01 22:02:35 -07:00
Xue-Lei Andrew Fan aab01a90d7 4873188: Support TLS 1.1
Reviewed-by: wetmore, weijun
2010-10-30 18:39:17 +08:00
Xue-Lei Andrew Fan 53a219bfee 6914943: Implement final TLS renegotiation fix
RFC 5746 implementation

Reviewed-by: wetmore, weijun
2010-06-12 00:42:51 -07:00
Kelly O'Hair fe008ae27a 6943119: Rebrand source copyright notices
Reviewed-by: darcy, weijun
2010-05-25 15:58:33 -07:00
Xue-Lei Andrew Fan 309744138c 6898739: TLS renegotiation issue
The interim fix disables TLS/SSL renegotiation

Reviewed-by: mullan, chegar, wetmore
2009-12-07 21:16:41 -08:00
J. Duke 319a3b9947 Initial load 2007-12-01 00:00:00 +00:00