Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

8140466: ChaCha20 and Poly1305 TLS Cipher Suites #59

Closed
wants to merge 2 commits into from
Closed

8140466: ChaCha20 and Poly1305 TLS Cipher Suites #59

wants to merge 2 commits into from

Conversation

@alexeybakhtin
Copy link
Contributor

@alexeybakhtin alexeybakhtin commented Jun 23, 2021
edited by openjdk bot

This backport adds ChaCha20 cipher suites to 11u implementation for TLSv1.3 and TLSv1.2 protocols.
TLS_CHACHA20_POLY1305_SHA256 is one of the cipher suites SHOULD be implemented according to rfc8446 [1].

The original patch applies almost clean except for the test/jdk/javax/net/ssl/TLSCommon/CipherSuite.java file - the list of cipher suites was reordered by JDK-8210632 [2]

Also, I had to update two jtreg tests with ChaCha cipher suites:
test/jdk/javax/net/ssl/sanity/ciphersuites/CheckCipherSuites.java is updated because of JDK-8217579 [3] backport to 11u missed CHACHA20 cipher suites

test/jdk/javax/net/ssl/sanity/ciphersuites/CipherSuitesInOrder.java is updated because of JDK-8234728 [4] backport to 11u missed CHACHA20 cipher suites

sun/security/ssl and javax/net/ssl tests passed

[1] - https://datatracker.ietf.org/doc/html/rfc8446
[2] - https://bugs.openjdk.java.net/browse/JDK-8210632
[3] - https://bugs.openjdk.java.net/browse/JDK-8217579
[4] - https://bugs.openjdk.java.net/browse/JDK-8234728

Progress

  • Change must not contain extraneous whitespace
  • Commit message must refer to an issue
  • Change must be properly reviewed

Issue

Reviewers

Reviewing

Using git

Checkout this PR locally:
$ git fetch https://git.openjdk.java.net/jdk11u-dev pull/59/head:pull/59
$ git checkout pull/59

Update a local copy of the PR:
$ git checkout pull/59
$ git pull https://git.openjdk.java.net/jdk11u-dev pull/59/head

Using Skara CLI tools

Checkout this PR locally:
$ git pr checkout 59

View PR using the GUI difftool:
$ git pr show -t 59

Using diff file

Download this PR as a diff file:
https://git.openjdk.java.net/jdk11u-dev/pull/59.diff
@alexeybakhtin
Backport 962e755
65b061c
@bridgekeeper
Copy link

@bridgekeeper bridgekeeper bot commented Jun 23, 2021

👋 Welcome back abakhtin! A progress list of the required criteria for merging this PR into master will be added to the body of your pull request. There are additional pull request commands available for use with this pull request.

@openjdk openjdk bot changed the title Backport 962e755c3ac6731566fe9f39520a414628f24ee0 8140466: ChaCha20 and Poly1305 TLS Cipher Suites Jun 23, 2021
@openjdk
Copy link

@openjdk openjdk bot commented Jun 23, 2021

This backport pull request has now been updated with issue from the original commit.

@openjdk openjdk bot added the backport label Jun 23, 2021
@alexeybakhtin
Fix trailing whitespaces
30f2fe7
@openjdk openjdk bot added the rfr label Jun 23, 2021
@mlbridge
Copy link

@mlbridge mlbridge bot commented Jun 23, 2021

Webrevs

TheRealMDoerr
TheRealMDoerr approved these changes Jun 24, 2021
View changes
Copy link
Contributor

@TheRealMDoerr TheRealMDoerr left a comment

Looks good. Thanks for backporting!

@openjdk
Copy link

@openjdk openjdk bot commented Jun 24, 2021
edited

@alexeybakhtin This change now passes all automated pre-integration checks.

After integration, the commit message for the final commit will be:

8140466: ChaCha20 and Poly1305 TLS Cipher Suites

Reviewed-by: mdoerr

You can use pull request commands such as /summary, /contributor and /issue to adjust it as needed.

At the time when this comment was updated there had been 14 new commits pushed to the master branch:

  • 8a40d25: 8268617: [11u REDO] - WebSocket over authenticating proxy fails with NPE
  • b74d798: 8265335: Epsilon: Minor typo in EpsilonElasticTLABDecay description
  • 5a7e7d3: 8265761: Font with missed font family name is not properly printed on Windows
  • f56d1f6: 8266480: Implicit null check optimization does not update control of hoisted memory operation
  • 2c2cc74: 8261496: Shenandoah: reconsider pacing updates memory ordering
  • a092a17: 8266813: Shenandoah: Use shorter instruction sequence for checking if marking in progress
  • 80a72de: 8266018: Shenandoah: fix an incorrect assert
  • a0958a8: 8210959: JShell fails and exits when statement throws an exception whose message contains a '%'.
  • 66d4ee9: 8247421: [TESTBUG] ReturnBlobToWrongHeapTest.java failed allocating blob
  • df587c7: 8264752: SIGFPE crash with option FlightRecorderOptions:threadbuffersize=30M
  • ... and 4 more: https://git.openjdk.java.net/jdk11u-dev/compare/ed48e5cb8bb90e1585a6bd658eb853b1536b15d5...master

As there are no conflicts, your changes will automatically be rebased on top of these commits when integrating. If you prefer to avoid this automatic rebasing, please check the documentation for the /integrate command for further details.

As you do not have Committer status in this project an existing Committer must agree to sponsor your change. Possible candidates are the reviewers of this PR (@TheRealMDoerr) but any other Committer may sponsor as well.

➡️ To flag this PR as ready for integration with the above commit message, type /integrate in a new comment. (Afterwards, your sponsor types /sponsor in a new comment to perform the integration).

@openjdk openjdk bot added the ready label Jun 24, 2021
@RealCLanger
Copy link
Contributor

@RealCLanger RealCLanger commented Jun 24, 2021

/csr

@openjdk
Copy link

@openjdk openjdk bot commented Jun 24, 2021

@RealCLanger the issue for this pull request, JDK-8140466, already has an approved CSR request: JDK-8204192

@RealCLanger
Copy link
Contributor

@RealCLanger RealCLanger commented Jun 24, 2021

@RealCLanger the issue for this pull request, JDK-8140466, already has an approved CSR request: JDK-8204192

OK, /csr obviously doesn't work with backports. We need to wait until JDK-8269299 is approved.

@alexeybakhtin
Copy link
Contributor Author

@alexeybakhtin alexeybakhtin commented Jun 28, 2021

/integrate

@openjdk openjdk bot added the sponsor label Jun 28, 2021
@openjdk
Copy link

@openjdk openjdk bot commented Jun 28, 2021

@alexeybakhtin
Your change (at version 30f2fe7) is now ready to be sponsored by a Committer.

@VladimirKempik
Copy link

@VladimirKempik VladimirKempik commented Jun 28, 2021

/sponsor

@openjdk
Copy link

@openjdk openjdk bot commented Jun 28, 2021

Going to push as commit e62d6a2.
Since your change was applied there have been 14 commits pushed to the master branch:

  • 8a40d25: 8268617: [11u REDO] - WebSocket over authenticating proxy fails with NPE
  • b74d798: 8265335: Epsilon: Minor typo in EpsilonElasticTLABDecay description
  • 5a7e7d3: 8265761: Font with missed font family name is not properly printed on Windows
  • f56d1f6: 8266480: Implicit null check optimization does not update control of hoisted memory operation
  • 2c2cc74: 8261496: Shenandoah: reconsider pacing updates memory ordering
  • a092a17: 8266813: Shenandoah: Use shorter instruction sequence for checking if marking in progress
  • 80a72de: 8266018: Shenandoah: fix an incorrect assert
  • a0958a8: 8210959: JShell fails and exits when statement throws an exception whose message contains a '%'.
  • 66d4ee9: 8247421: [TESTBUG] ReturnBlobToWrongHeapTest.java failed allocating blob
  • df587c7: 8264752: SIGFPE crash with option FlightRecorderOptions:threadbuffersize=30M
  • ... and 4 more: https://git.openjdk.java.net/jdk11u-dev/compare/ed48e5cb8bb90e1585a6bd658eb853b1536b15d5...master

Your commit was automatically rebased without conflicts.

@openjdk openjdk bot closed this Jun 28, 2021
@openjdk
Copy link

@openjdk openjdk bot commented Jun 28, 2021

@VladimirKempik @alexeybakhtin Pushed as commit e62d6a2.

💡 You may see a message that your pull request was closed with unmerged commits. This can be safely ignored.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@TheRealMDoerr TheRealMDoerr

Assignees
No one assigned
Labels
backport integrated
Milestone
No milestone
4 participants
@alexeybakhtin @RealCLanger @VladimirKempik @TheRealMDoerr