On Thu, 26 Jan 2023 18:33:38 GMT, Rajan Halade <rhal...@openjdk.org> wrote:
>> * updated test for new TLS protocols and ciphersuites
>> * code cleanup
>
> test/jdk/javax/net/ssl/SSLEngine/TestAllSuites.java line 333:
>
>> 331:
>> 332: enum SupportedCipherSuites {
>> 333: TLSv11("TLSv1.1", new String []{
>
> Instead of this can we not continue with old approach of using
> `SSLEngine.getSupportedCipherSuites` and ignore not applicable suites?
The test verifies the handshake negotiation for each ciphersuite/protocol
combination. The `getSupportedCipherSuites()` and `getEnabledCipherSuites()`
are independent of the enabled protocols. In other words, if you called
`engine.setEnabledProtocols(new String[]{"TLSv1.2"})`, the output of
`engine.getEnabledCipherSuites()` would still include TLSv1.3 ciphers.
So trying to run the tests by looping over the output of those methods isn't
going to work. Instead of having this hard-coded set of things, I could run the
test with each protocol and one or two cipher suites. How does that sound?
-------------
PR: https://git.openjdk.org/jdk/pull/11780
