u

test/jdk/javax/net/ssl/DTLS/CipherSuite.java

@@ -75,18 +75,29 @@ public static void main(String[] args) throws Exception {
  try {
  testCase.runTest(testCase);
  } catch (javax.net.ssl.SSLHandshakeException sslhe) {
- if (Utils.isFIPS()
- && !SecurityUtils.TLS_CIPHERSUITES.containsKey(cipherSuite)) {
- if ("No appropriate protocol (protocol is disabled or cipher suites are inappropriate)".equals(sslhe.getMessage())) {
- System.out.println("Expected exception msg: <No appropriate protocol (protocol is disabled or cipher suites are inappropriate)> is caught");
+ if (Utils.isFIPS()) {
+ if(!SecurityUtils.TLS_CIPHERSUITES.containsKey(cipherSuite)) {
+ if ("No appropriate protocol (protocol is disabled or cipher suites are inappropriate)".equals(sslhe.getMessage())) {
+ System.out.println("Expected exception msg: <No appropriate protocol (protocol is disabled or cipher suites are inappropriate)> is caught");
+ return;
+ } else {
+ System.out.println("Unexpected exception msg: <" + sslhe.getMessage() + "> is caught");
+ return;
+ }
+ } else {
+ System.out.println("Unexpected exception is caught");
+ sslhe.printStackTrace();
  return;
  }
+ } else {
+ System.out.println("Unexpected exception is caught in Non-FIPS mode");
+ sslhe.printStackTrace();
+ return;
  }
  } catch (Exception e) {
  e.printStackTrace();
  return;
  }
- testCase.runTest(testCase);
  }
 
  @Override
@@ -99,4 +110,4 @@ SSLEngine createSSLEngine(boolean isClient) throws Exception {
 
  return engine;
  }
-}
+}

test/jdk/javax/net/ssl/DTLS/DTLSHandshakeWithReplicatedPacketsTest.java

@@ -48,9 +48,6 @@
 import javax.net.ssl.SSLEngine;
 import javax.net.ssl.SSLException;
 
-import jdk.test.lib.Utils;
-import jdk.test.lib.security.SecurityUtils;
-
 /**
  * Testing DTLS engines handshake using each of the supported cipher suites with
  * replicated packets check.
@@ -62,9 +59,7 @@ public class DTLSHandshakeWithReplicatedPacketsTest extends SSLEngineTestCase {
  public static void main(String[] args) {
  DTLSHandshakeWithReplicatedPacketsTest test
  = new DTLSHandshakeWithReplicatedPacketsTest();
- if (Utils.isFIPS()) {
- setUpAndStartKDCIfNeeded();
- }
+ setUpAndStartKDCIfNeeded();
  test.runTests();
  }
 

test/jdk/javax/net/ssl/DTLS/DTLSIncorrectAppDataTest.java

@@ -53,9 +53,6 @@
 import java.util.Random;
 import jdk.test.lib.RandomFactory;
 
-import jdk.test.lib.Utils;
-import jdk.test.lib.security.SecurityUtils;
-
 /**
  * Testing DTLS incorrect app data packages unwrapping. Incorrect application
  * data packages should be ignored by DTLS SSLEngine.
@@ -66,9 +63,7 @@ public class DTLSIncorrectAppDataTest extends SSLEngineTestCase {
 
  public static void main(String[] s) {
  DTLSIncorrectAppDataTest test = new DTLSIncorrectAppDataTest();
- if (Utils.isFIPS()) {
- setUpAndStartKDCIfNeeded();
- }
+ setUpAndStartKDCIfNeeded();
  test.runTests();
  }
 

test/jdk/javax/net/ssl/DTLS/DTLSOverDatagram.java

@@ -46,7 +46,6 @@
 import java.util.concurrent.atomic.AtomicBoolean;
 
 import jdk.test.lib.hexdump.HexPrinter;
-import jdk.test.lib.Utils;
 
 /**
  * An example to show the way to use SSLEngine in datagram connections.

test/jdk/javax/net/ssl/DTLS/DTLSSequenceNumberTest.java

@@ -55,9 +55,6 @@
 import java.util.Random;
 import jdk.test.lib.RandomFactory;
 
-import jdk.test.lib.Utils;
-import jdk.test.lib.security.SecurityUtils;
-
 /**
  * Testing DTLS records sequence number property support in application data
  * exchange.
@@ -72,9 +69,7 @@ public class DTLSSequenceNumberTest extends SSLEngineTestCase {
 
  public static void main(String[] args) {
  DTLSSequenceNumberTest test = new DTLSSequenceNumberTest();
- if (Utils.isFIPS()) {
- setUpAndStartKDCIfNeeded();
- }
+ setUpAndStartKDCIfNeeded();
  test.runTests();
  }
 

test/jdk/javax/net/ssl/DTLS/DTLSWontNegotiateV10.java

@@ -78,11 +78,24 @@ public static void main(String[] args) throws Exception {
  } catch (SocketTimeoutException exc) {
  System.out.println("The server timed-out waiting for packets from the client.");
  } catch (javax.net.ssl.SSLHandshakeException sslhe) {
- if (Utils.isFIPS() && !SecurityUtils.TLS_PROTOCOLS.contains(args[0])) {
- if ("No appropriate protocol (protocol is disabled or cipher suites are inappropriate)".equals(sslhe.getMessage())) {
- System.out.println("Expected exception msg: <No appropriate protocol (protocol is disabled or cipher suites are inappropriate)> is caught");
+ if (Utils.isFIPS()) {
+ if(!SecurityUtils.TLS_PROTOCOLS.contains(args[0])) {
+ if ("No appropriate protocol (protocol is disabled or cipher suites are inappropriate)".equals(sslhe.getMessage())) {
+ System.out.println("Expected exception msg: <No appropriate protocol (protocol is disabled or cipher suites are inappropriate)> is caught");
+ return;
+ } else {
+ System.out.println("Unexpected exception msg: <" + sslhe.getMessage() + "> is caught");
+ return;
+ }
+ } else {
+ System.out.println("Unexpected exception is caught");
+ sslhe.printStackTrace();
  return;
  }
+ } else {
+ System.out.println("Unexpected exception is caught in Non-FIPS mode");
+ sslhe.printStackTrace();
+ return;
  }
  }
  }

test/jdk/javax/net/ssl/DTLS/WeakCipherSuite.java

@@ -66,12 +66,24 @@ public static void main(String[] args) throws Exception {
  try {
  testCase.runTest(testCase);
  } catch (javax.net.ssl.SSLHandshakeException sslhe) {
- if (Utils.isFIPS()
- && !SecurityUtils.TLS_CIPHERSUITES.containsKey(cipherSuite)) {
- if ("No appropriate protocol (protocol is disabled or cipher suites are inappropriate)".equals(sslhe.getMessage())) {
- System.out.println("Expected exception msg: <No appropriate protocol (protocol is disabled or cipher suites are inappropriate)> is caught");
+ if (Utils.isFIPS()) {
+ if(!SecurityUtils.TLS_CIPHERSUITES.containsKey(cipherSuite)) {
+ if ("No appropriate protocol (protocol is disabled or cipher suites are inappropriate)".equals(sslhe.getMessage())) {
+ System.out.println("Expected exception msg: <No appropriate protocol (protocol is disabled or cipher suites are inappropriate)> is caught");
+ return;
+ } else {
+ System.out.println("Unexpected exception msg: <" + sslhe.getMessage() + "> is caught");
+ return;
+ }
+ } else {
+ System.out.println("Unexpected exception is caught");
+ sslhe.printStackTrace();
  return;
  }
+ } else {
+ System.out.println("Unexpected exception is caught in Non-FIPS mode");
+ sslhe.printStackTrace();
+ return;
  }
  } catch (Exception e) {
  e.printStackTrace();
@@ -86,4 +98,4 @@ SSLEngine createSSLEngine(boolean isClient) throws Exception {
 
  return engine;
  }
-}
+}

test/jdk/javax/net/ssl/FIPSFlag/FIPSFlagTests.java

@@ -37,4 +37,4 @@
  * -Dsemeru.fips=true
  * -Dsemeru.customprofile=OpenJCEPlusFIPS
  * TestFIPS true 140-3
- */
+ */

test/jdk/javax/net/ssl/FIPSFlag/TestFIPS.java

@@ -83,4 +83,4 @@ public FIPSException(String message) {
  super(message);
  }
  }
-}
+}

test/jdk/javax/net/ssl/FixingJavadocs/ImplicitHandshake.java

@@ -39,7 +39,6 @@
 import javax.net.ssl.*;
 
 import jdk.test.lib.Utils;
-import jdk.test.lib.security.SecurityUtils;
 
 public class ImplicitHandshake {
 

test/jdk/javax/net/ssl/HttpsURLConnection/CriticalSubjectAltName.java

@@ -55,7 +55,6 @@
 import java.security.cert.Certificate;
 
 import jdk.test.lib.Utils;
-import jdk.test.lib.security.SecurityUtils;
 
 public class CriticalSubjectAltName implements HostnameVerifier {
  /*
@@ -201,11 +200,20 @@ public static void main(String[] args) throws Exception {
  if ("Algorithm constraints check failed on signature algorithm: MD5withRSA".equals(e.getMessage())) {
  System.out.println("MD5withRSA is not a supported signature algorithm.");
  return;
+ } else {
+ System.out.println("Unexpected exception msg: <" + e.getMessage() + "> is caught");
+ return;
  }
+ } else {
+ System.out.println("Unexpected exception is caught");
+ e.printStackTrace();
+ return;
  }
+ } else {
+ System.out.println("Unexpected exception is caught in Non-FIPS mode");
+ e.printStackTrace();
+ return;
  }
- e.printStackTrace();
- return;
  }
  }
 

test/jdk/javax/net/ssl/HttpsURLConnection/GetResponseCode.java

@@ -39,7 +39,6 @@
 import java.security.cert.Certificate;
 
 import jdk.test.lib.Utils;
-import jdk.test.lib.security.SecurityUtils;
 
 public class GetResponseCode implements HostnameVerifier {
  /*

test/jdk/javax/net/ssl/SSLEngine/ArgCheck.java

@@ -36,9 +36,6 @@
 import java.security.*;
 import java.nio.*;
 
-import jdk.test.lib.Utils;
-import jdk.test.lib.security.SecurityUtils;
-
 public class ArgCheck {
 
  private static boolean debug = false;
@@ -261,8 +258,6 @@ static private SSLEngine createSSLEngine(String keyFile, String trustFile)
  KeyStore ks = KeyStore.getInstance("JKS");
  KeyStore ts = KeyStore.getInstance("JKS");
 
- ks.load(null, null);
-
  char[] passphrase = "passphrase".toCharArray();
 
  ks.load(new FileInputStream(keyFile), passphrase);

test/jdk/javax/net/ssl/SSLEngine/Arrays.java

@@ -196,13 +196,14 @@ public static void main(String args[]) throws Exception {
  contextVersion.equals("TLSv1.1")) {
  SecurityUtils.removeFromDisabledTlsAlgs(contextVersion);
  }
- } else {
- if (!SecurityUtils.TLS_PROTOCOLS.contains(contextVersion)) {
- return;
- }
- }
-
- Arrays test = null;
+ } 
+ // else {
+ // if (!SecurityUtils.TLS_PROTOCOLS.contains(contextVersion)) {
+ // return;
+ // }
+ // }
+
+ Arrays test;
 
  test = new Arrays();
 

test/jdk/javax/net/ssl/SSLEngine/Basics.java

@@ -74,7 +74,6 @@ private static void runTest(String protocol, String cipherSuite) throws Exceptio
 
  KeyStore ks = KeyStore.getInstance("JKS");
  KeyStore ts = KeyStore.getInstance("JKS");
-
  char[] passphrase = "passphrase".toCharArray();
 
  ks.load(new FileInputStream(KEYSTORE_PATH), passphrase);