Hi Xuelei, Please review the updated webrev: http://cr.openjdk.java.net/~ssahoo/8205111/webrev.01/
- Now rsa_pss_pss* uses " DHE or ECDHE_RSA " ciphers for TLSv1.2 which is working fine now. - Additional code added for " read/write " after re-handshake. John, - PKCS12 used instead of JKS. - Comment section for private key updated. - try with resource used for socket. - "clientRenegoReady" variable is actually used and updated. Please check the Client section too. It is used for re-handshake completion. Yes it Is working as expected. - Multiple @run added to have the flexibility to change the parameter(Cipher) which are not in order(shuffled). Thanks, Siba -----Original Message----- From: Xuelei Fan Sent: Thursday, June 21, 2018 7:28 PM To: Sibabrata Sahoo <[email protected]>; [email protected] Subject: Re: [11] RFR: JDK-8205111: Develop new Test to verify different key types for supported TLS protocols. Note that rsa_pss_pss cannot work with TLS_RSA_WITH cipher suites, as this algorithm is limited to signature whiel TLS_RSA cipher suites need key encipherment. In lines 135-156, you can replace the TLS_RSA cipher suite with DHE or ECDHE_RSA. For the re-handshake part, please read/write something after the call to startHandshake() in each side. Otherwise, the key-update and session resumption may not complete before socket close. Otherwise, looks fine to me. Thanks, Xuelei On 6/20/2018 11:58 PM, Sibabrata Sahoo wrote: > Hi Xuelei, > > Please review the patch for, > > JBS: https://bugs.openjdk.java.net/browse/JDK-8205111 > > Webrev: http://cr.openjdk.java.net/~ssahoo/8205111/webrev.00/ > > Change: > > This Test file verifies all TLS protocols with the supported keytypes. > > Thanks, > > Siba >
