8140466: ChaCha20 and Poly1305 TLS Cipher Suites #59
Conversation
|
👋 Welcome back abakhtin! A progress list of the required criteria for merging this PR into |
openjdk
bot
changed the title
|
This backport pull request has now been updated with issue from the original commit. |
|
@alexeybakhtin This change now passes all automated pre-integration checks. After integration, the commit message for the final commit will be: You can use pull request commands such as /summary, /contributor and /issue to adjust it as needed. At the time when this comment was updated there had been 14 new commits pushed to the
As there are no conflicts, your changes will automatically be rebased on top of these commits when integrating. If you prefer to avoid this automatic rebasing, please check the documentation for the /integrate command for further details. As you do not have Committer status in this project an existing Committer must agree to sponsor your change. Possible candidates are the reviewers of this PR (@TheRealMDoerr) but any other Committer may sponsor as well. ➡️ To flag this PR as ready for integration with the above commit message, type |
|
/csr |
|
@RealCLanger the issue for this pull request, JDK-8140466, already has an approved CSR request: JDK-8204192 |
OK, /csr obviously doesn't work with backports. We need to wait until JDK-8269299 is approved. |
|
/integrate |
|
@alexeybakhtin |
|
/sponsor |
|
Going to push as commit e62d6a2.
Your commit was automatically rebased without conflicts. |
openjdk
bot
added
integrated
|
@VladimirKempik @alexeybakhtin Pushed as commit e62d6a2. 💡 You may see a message that your pull request was closed with unmerged commits. This can be safely ignored. |
This backport adds ChaCha20 cipher suites to 11u implementation for TLSv1.3 and TLSv1.2 protocols.
TLS_CHACHA20_POLY1305_SHA256 is one of the cipher suites SHOULD be implemented according to rfc8446 [1].
The original patch applies almost clean except for the test/jdk/javax/net/ssl/TLSCommon/CipherSuite.java file - the list of cipher suites was reordered by JDK-8210632 [2]
Also, I had to update two jtreg tests with ChaCha cipher suites:
test/jdk/javax/net/ssl/sanity/ciphersuites/CheckCipherSuites.java is updated because of JDK-8217579 [3] backport to 11u missed CHACHA20 cipher suites
test/jdk/javax/net/ssl/sanity/ciphersuites/CipherSuitesInOrder.java is updated because of JDK-8234728 [4] backport to 11u missed CHACHA20 cipher suites
sun/security/ssl and javax/net/ssl tests passed
[1] - https://datatracker.ietf.org/doc/html/rfc8446
[2] - https://bugs.openjdk.java.net/browse/JDK-8210632
[3] - https://bugs.openjdk.java.net/browse/JDK-8217579
[4] - https://bugs.openjdk.java.net/browse/JDK-8234728
Progress
Issue
Reviewers
Reviewing
Using
gitCheckout this PR locally:
$ git fetch https://git.openjdk.java.net/jdk11u-dev pull/59/head:pull/59$ git checkout pull/59Update a local copy of the PR:
$ git checkout pull/59$ git pull https://git.openjdk.java.net/jdk11u-dev pull/59/headUsing Skara CLI tools
Checkout this PR locally:
$ git pr checkout 59View PR using the GUI difftool:
$ git pr show -t 59Using diff file
Download this PR as a diff file:
https://git.openjdk.java.net/jdk11u-dev/pull/59.diff