On Mon, 13 Jul 2026 18:02:10 GMT, Artur Barashev <[email protected]> wrote:

>> test/jdk/sun/security/ssl/SSLAlgorithmDecomposer/BulkCipherDecomposition.java
>>  line 88:
>> 
>>> 86:         SSLEngine engine = SSLContext.getDefault().createSSLEngine();
>>> 87:         return Arrays.stream(engine.getSupportedCipherSuites())
>>> 88:                 .map(CipherSuite::cipherSuite)
>> 
>> Do we really need `CipherSuite` dependency here? 
>> `engine.getSupportedCipherSuites()` already returns the CS names we need, 
>> let's just filter out `TLS_EMPTY_RENEGOTIATION_INFO_SCSV` string. Also 
>> remove `@library /javax/net/ssl/TLSCommon` line above.
>
> Same for `BulkCipherDisabledAlgorithms` test.

I originally used CipherSuite intentionally to avoid hardcoded strings and to 
reuse the existing constants. My thinking was that if a new cipher suite is 
introduced in the future, references via the CipherSuite enum make such 
dependencies easier to discover and update.

That said, I agree that this test only needs the cipher suite names returned by 
SSLEngine, so the additional CipherSuite dependency is not strictly necessary. 
I'm also fine with removing the CipherSuite dependency if you think the simpler 
approach is preferable :)

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/31812#discussion_r3576734437

Reply via email to