# HG changeset patch # User xuelei # Date 1473726017 0 # Node ID b4c682966e2a277504e661516f5ef6b0fceb6a98 # Parent ac8db82dab601dd94f276912e8cc9d80fe224e62 8165071: Expand TLS support Reviewed-by: jnimeh, ahgross, asmotrak diff -r ac8db82dab60 -r b4c682966e2a jdk/src/java.base/share/conf/security/java.security --- a/jdk/src/java.base/share/conf/security/java.security Tue Aug 16 17:05:00 2016 +0530 +++ b/jdk/src/java.base/share/conf/security/java.security Tue Sep 13 00:20:17 2016 +0000 @@ -720,7 +720,7 @@ # Note: The algorithm restrictions do not apply to trust anchors or # self-signed certificates. # -# Note: This property is currently used by Oracle's JSSE implementation. +# Note: This property is currently used by the JDK Reference implementation. # It is not guaranteed to be examined and used by other implementations. # # Example: @@ -740,7 +740,7 @@ # During SSL/TLS security parameters negotiation, legacy algorithms will # not be negotiated unless there are no other candidates. # -# The syntax of the disabled algorithm string is described as this Java +# The syntax of the legacy algorithms string is described as this Java # BNF-style: # LegacyAlgorithms: # " LegacyAlgorithm { , LegacyAlgorithm } " @@ -776,7 +776,7 @@ # javax.net.ssl.SSLParameters.setAlgorithmConstraints()), # then the algorithm is completely disabled and will not be negotiated. # -# Note: This property is currently used by Oracle's JSSE implementation. +# Note: This property is currently used by the JDK Reference implementation. # It is not guaranteed to be examined and used by other implementations. # There is no guarantee the property will continue to exist or be of the # same syntax in future releases. @@ -789,7 +789,8 @@ DHE_DSS_EXPORT, DHE_RSA_EXPORT, DH_anon_EXPORT, DH_DSS_EXPORT, \ DH_RSA_EXPORT, RSA_EXPORT, \ DH_anon, ECDH_anon, \ - RC4_128, RC4_40, DES_CBC, DES40_CBC + RC4_128, RC4_40, DES_CBC, DES40_CBC, \ + 3DES_EDE_CBC # The pre-defined default finite field Diffie-Hellman ephemeral (DHE) # parameters for Transport Layer Security (SSL/TLS/DTLS) processing. diff -r ac8db82dab60 -r b4c682966e2a jdk/test/javax/net/ssl/SSLParameters/UseCipherSuitesOrder.java --- a/jdk/test/javax/net/ssl/SSLParameters/UseCipherSuitesOrder.java Tue Aug 16 17:05:00 2016 +0530 +++ b/jdk/test/javax/net/ssl/SSLParameters/UseCipherSuitesOrder.java Tue Sep 13 00:20:17 2016 +0000 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2015, 2016, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -31,7 +31,7 @@ * @bug 7188657 * @summary There should be a way to reorder the JSSE ciphers * @run main/othervm UseCipherSuitesOrder - * TLS_RSA_WITH_AES_128_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA + * TLS_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA */ import java.io.*;