u

test/jdk/javax/net/ssl/DTLS/CipherSuite.java

@@ -65,8 +65,7 @@ public class CipherSuite extends DTLSOverDatagram {
 
  public static void main(String[] args) throws Exception {
  if (args.length > 1 && "re-enable".equals(args[1]) 
- && !(Utils.isFIPS() 
- && Utils.getFipsProfile().equals("OpenJCEPlusFIPS.FIPS140-3-Test-TLS"))) {
+ && !(Utils.isFIPS())) {
  Security.setProperty("jdk.tls.disabledAlgorithms", "");
  }
 
@@ -76,8 +75,7 @@ public static void main(String[] args) throws Exception {
  try {
  testCase.runTest(testCase);
  } catch (javax.net.ssl.SSLHandshakeException sslhe) {
- if ((Utils.isFIPS() 
- && Utils.getFipsProfile().equals("OpenJCEPlusFIPS.FIPS140-3-Test-TLS"))
+ if (Utils.isFIPS()
  && !SecurityUtils.TLS_CIPHERSUITES.containsKey(cipherSuite)) {
  if ("No appropriate protocol (protocol is disabled or cipher suites are inappropriate)".equals(sslhe.getMessage())) {
  System.out.println("Expected exception msg: <No appropriate protocol (protocol is disabled or cipher suites are inappropriate)> is caught");

test/jdk/javax/net/ssl/DTLS/DTLSHandshakeWithReplicatedPacketsTest.java

@@ -62,7 +62,7 @@ public class DTLSHandshakeWithReplicatedPacketsTest extends SSLEngineTestCase {
  public static void main(String[] args) {
  DTLSHandshakeWithReplicatedPacketsTest test
  = new DTLSHandshakeWithReplicatedPacketsTest();
- if ((Utils.isFIPS() && Utils.getFipsProfile().equals("OpenJCEPlusFIPS.FIPS140-3-Test-TLS"))) {
+ if (Utils.isFIPS()) {
  setUpAndStartKDCIfNeeded();
  }
  test.runTests();

test/jdk/javax/net/ssl/DTLS/DTLSIncorrectAppDataTest.java

@@ -66,7 +66,7 @@ public class DTLSIncorrectAppDataTest extends SSLEngineTestCase {
 
  public static void main(String[] s) {
  DTLSIncorrectAppDataTest test = new DTLSIncorrectAppDataTest();
- if ((Utils.isFIPS() && Utils.getFipsProfile().equals("OpenJCEPlusFIPS.FIPS140-3-Test-TLS"))) {
+ if (Utils.isFIPS()) {
  setUpAndStartKDCIfNeeded();
  }
  test.runTests();

test/jdk/javax/net/ssl/DTLS/DTLSSequenceNumberTest.java

@@ -72,7 +72,7 @@ public class DTLSSequenceNumberTest extends SSLEngineTestCase {
 
  public static void main(String[] args) {
  DTLSSequenceNumberTest test = new DTLSSequenceNumberTest();
- if ((Utils.isFIPS() && Utils.getFipsProfile().equals("OpenJCEPlusFIPS.FIPS140-3-Test-TLS"))) {
+ if (Utils.isFIPS()) {
  setUpAndStartKDCIfNeeded();
  }
  test.runTests();

test/jdk/javax/net/ssl/DTLS/DTLSWontNegotiateV10.java

@@ -54,8 +54,7 @@ public class DTLSWontNegotiateV10 {
  public static void main(String[] args) throws Exception {
 
  if (args[0].equals(DTLSV_1_0) 
- && !(Utils.isFIPS() 
- && Utils.getFipsProfile().equals("OpenJCEPlusFIPS.FIPS140-3-Test-TLS"))) {
+ && !(Utils.isFIPS())) {
  SecurityUtils.removeFromDisabledTlsAlgs(DTLSV_1_0);
  }
 
@@ -78,6 +77,13 @@ public static void main(String[] args) throws Exception {
  break;
  } catch (SocketTimeoutException exc) {
  System.out.println("The server timed-out waiting for packets from the client.");
+ } catch (javax.net.ssl.SSLHandshakeException sslhe) {
+ if (Utils.isFIPS() && !SecurityUtils.TLS_PROTOCOLS.contains(args[0])) {
+ if ("No appropriate protocol (protocol is disabled or cipher suites are inappropriate)".equals(sslhe.getMessage())) {
+ System.out.println("Expected exception msg: <No appropriate protocol (protocol is disabled or cipher suites are inappropriate)> is caught");
+ return;
+ }
+ }
  }
  }
  if (tries == totalAttempts) {
@@ -102,15 +108,7 @@ private static void runServer(String protocol) throws Exception {
  clientProcess = builder.inheritIO().start();
  server.run();
  System.out.println("Success: DTLSv1.0 connection was not established.");
- // } catch (javax.net.ssl.SSLHandshakeException sslhe) {
- // if ((Utils.isFIPS() 
- // && Utils.getFipsProfile().equals("OpenJCEPlusFIPS.FIPS140-3-Test-TLS"))
- // && !SecurityUtils.TLS_PROTOCOLS.contains(args[0])) {
- // if ("No appropriate protocol (protocol is disabled or cipher suites are inappropriate)".equals(sslhe.getMessage())) {
- // System.out.println("Expected exception msg: <No appropriate protocol (protocol is disabled or cipher suites are inappropriate)> is caught");
- // return;
- // }
- // }
+
  } finally {
  if (clientProcess != null) {
  clientProcess.destroy();

test/jdk/javax/net/ssl/DTLS/WeakCipherSuite.java

@@ -55,7 +55,7 @@ public class WeakCipherSuite extends DTLSOverDatagram {
  public static void main(String[] args) throws Exception {
  // reset security properties to make sure that the algorithms
  // and keys used in this test are not disabled.
- if (!(Utils.isFIPS() && Utils.getFipsProfile().equals("OpenJCEPlusFIPS.FIPS140-3-Test-TLS"))) {
+ if (!(Utils.isFIPS())) {
  Security.setProperty("jdk.tls.disabledAlgorithms", "");
  Security.setProperty("jdk.certpath.disabledAlgorithms", "");
  }
@@ -66,8 +66,7 @@ public static void main(String[] args) throws Exception {
  try {
  testCase.runTest(testCase);
  } catch (javax.net.ssl.SSLHandshakeException sslhe) {
- if ((Utils.isFIPS() 
- && Utils.getFipsProfile().equals("OpenJCEPlusFIPS.FIPS140-3-Test-TLS"))
+ if (Utils.isFIPS()
  && !SecurityUtils.TLS_CIPHERSUITES.containsKey(cipherSuite)) {
  if ("No appropriate protocol (protocol is disabled or cipher suites are inappropriate)".equals(sslhe.getMessage())) {
  System.out.println("Expected exception msg: <No appropriate protocol (protocol is disabled or cipher suites are inappropriate)> is caught");

test/jdk/javax/net/ssl/FIPSFlag/TestFIPS.java

@@ -23,11 +23,12 @@
 
 public class TestFIPS {
 
- private static final String FIPSFlag = System.getProperty("semeru.fips");
+ private static final String SEMERU_FIPS = System.getProperty("semeru.fips");
+ // private static final String IBM_FIPS = System.getProperty("com.ibm.fips.mode");
  private static final String PROFILE = System.getProperty("semeru.customprofile");
 
  public static void main(String[] args) throws Exception {
- if (FIPSFlag == null) {
+ if (SEMERU_FIPS == null) {
  if (args.length == 1 && args[0].equals("false")) {
  System.out.println("PASS");
  } else {
@@ -36,8 +37,8 @@ public static void main(String[] args) throws Exception {
  return;
  }
 
- if (FIPSFlag.equals(args[0])) {
- System.out.println("com.ibm.fips.mode is: " + System.getProperty("com.ibm.fips.mode"));
+ if (SEMERU_FIPS.equals(args[0])) {
+ System.out.println("Customprofile is: " + PROFILE);
  if (PROFILE.equals(args[1])) {
  System.out.println("PASS");
  } else {

test/jdk/javax/net/ssl/FixingJavadocs/ImplicitHandshake.java

@@ -195,7 +195,7 @@ public static void main(String[] args) throws Exception {
  System.getProperty("test.src", "./") + "/" + pathToStores +
  "/" + trustStoreFile;
 
- if ((Utils.isFIPS() && Utils.getFipsProfile().equals("OpenJCEPlusFIPS.FIPS140-3-Test-TLS"))) {
+ if (Utils.isFIPS()) {
  keyFilename = Utils.revertJKSToPKCS12(keyFilename, passwd);
  trustFilename = Utils.revertJKSToPKCS12(trustFilename, passwd);
  }

test/jdk/javax/net/ssl/HttpsURLConnection/CriticalSubjectAltName.java

@@ -163,7 +163,7 @@ void doClientSide() throws Exception {
 
  public static void main(String[] args) throws Exception {
  // MD5 is used in this test case, don't disable MD5 algorithm.
- if (!(Utils.isFIPS() && Utils.getFipsProfile().equals("OpenJCEPlusFIPS.FIPS140-3-Test-TLS"))) {
+ if (!(Utils.isFIPS())) {
  Security.setProperty("jdk.certpath.disabledAlgorithms",
  "MD2, RSA keySize < 1024");
  Security.setProperty("jdk.tls.disabledAlgorithms",
@@ -177,7 +177,7 @@ public static void main(String[] args) throws Exception {
  System.getProperty("test.src", "./") + "/" + pathToStores +
  "/" + trustStoreFile;
 
- if ((Utils.isFIPS() && Utils.getFipsProfile().equals("OpenJCEPlusFIPS.FIPS140-3-Test-TLS"))) {
+ if (Utils.isFIPS()) {
  keyFilename = Utils.revertJKSToPKCS12(keyFilename, passwd);
  trustFilename = Utils.revertJKSToPKCS12(trustFilename, passwd);
  }

test/jdk/javax/net/ssl/HttpsURLConnection/GetResponseCode.java

@@ -153,7 +153,7 @@ public static void main(String[] args) throws Exception {
  System.getProperty("test.src", "./") + "/" + pathToStores +
  "/" + trustStoreFile;
 
- if ((Utils.isFIPS() && Utils.getFipsProfile().equals("OpenJCEPlusFIPS.FIPS140-3-Test-TLS"))) {
+ if (Utils.isFIPS()) {
  keyFilename = Utils.revertJKSToPKCS12(keyFilename, passwd);
  trustFilename = Utils.revertJKSToPKCS12(trustFilename, passwd);
  }

test/jdk/javax/net/ssl/SSLEngine/Arrays.java

@@ -189,7 +189,7 @@ public static void main(String args[]) throws Exception {
  contextVersion = args[0];
  // Re-enable context version if it is disabled.
  // If context version is SSLv3, TLSv1 needs to be re-enabled.
- if (!(Utils.isFIPS() && Utils.getFipsProfile().equals("OpenJCEPlusFIPS.FIPS140-3-Test-TLS"))) {
+ if (!(Utils.isFIPS())) {
  if (contextVersion.equals("SSLv3")) {
  SecurityUtils.removeFromDisabledTlsAlgs("TLSv1");
  } else if (contextVersion.equals("TLSv1") ||

test/jdk/javax/net/ssl/SSLEngine/Basics.java

@@ -58,13 +58,13 @@ public class Basics {
  "/" + TRUSTSTORE_FILE;
 
  public static void main(String[] args) throws Exception {
- if (!(Utils.isFIPS() && Utils.getFipsProfile().equals("OpenJCEPlusFIPS.FIPS140-3-Test-TLS"))) {
+ if (!(Utils.isFIPS())) {
  SecurityUtils.removeFromDisabledTlsAlgs("TLSv1.1");
  runTest("TLSv1.1", "TLS_DHE_DSS_WITH_AES_128_CBC_SHA");
  }
 
  runTest("TLSv1.3", "TLS_AES_256_GCM_SHA384");
- if (!(Utils.isFIPS() && Utils.getFipsProfile().equals("OpenJCEPlusFIPS.FIPS140-3-Test-TLS"))) {
+ if (!(Utils.isFIPS())) {
  runTest("TLSv1.2", "TLS_RSA_WITH_AES_256_GCM_SHA384");
  }
  }

test/jdk/javax/net/ssl/SSLEngine/CheckTlsEngineResults.java

@@ -135,7 +135,7 @@ private void test() throws Exception {
  SSLEngineResult result1; // clientEngine's results from last operation
  SSLEngineResult result2; // serverEngine's results from last operation
  String[] suite1;
- if (!(Utils.isFIPS() && Utils.getFipsProfile().equals("OpenJCEPlusFIPS.FIPS140-3-Test-TLS"))) {
+ if (!(Utils.isFIPS())) {
  suite1 = new String [] {
  "TLS_DHE_RSA_WITH_AES_128_CBC_SHA" };
  } else {

test/jdk/javax/net/ssl/SSLEngine/ConnectionTest.java

@@ -601,7 +601,7 @@ private static void log(Object msg) {
  public static void main(String args[]) throws Exception {
  // reset the security property to make sure that the algorithms
  // and keys used in this test are not disabled.
- if (!(Utils.isFIPS() && Utils.getFipsProfile().equals("OpenJCEPlusFIPS.FIPS140-3-Test-TLS"))) {
+ if (!(Utils.isFIPS())) {
  Security.setProperty("jdk.tls.disabledAlgorithms", "");
  }
 

test/jdk/javax/net/ssl/SSLEngine/EngineCloseOnAlert.java

@@ -57,7 +57,7 @@ public class EngineCloseOnAlert {
  private static KeyManagerFactory KMF;
  private static TrustManagerFactory TMF;
 
- private static final String[] ONECIPHER = (Utils.isFIPS() && Utils.getFipsProfile().equals("OpenJCEPlusFIPS.FIPS140-3-Test-TLS")) ?
+ private static final String[] ONECIPHER = (Utils.isFIPS()) ?
  new String[] { "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256" } : new String[] { "TLS_RSA_WITH_AES_128_CBC_SHA" };
 
 

test/jdk/javax/net/ssl/SSLEngine/LargeBufs.java

@@ -111,8 +111,6 @@ private void runTest(String cipher) throws Exception {
  result1 = ssle1.wrap(appOut1, oneToTwo);
  result2 = ssle2.wrap(appOut2, twoToOne);
 
- System.out.println("result1.bytesConsumed() is: " + result1.bytesConsumed());
-
  if ((result1.bytesConsumed() != 0) &&
  (result1.bytesConsumed() != appBufferMax) &&
  (result1.bytesConsumed() != OFFSET)) {
@@ -143,8 +141,6 @@ private void runTest(String cipher) throws Exception {
  result1 = ssle1.unwrap(twoToOne, appIn1);
  result2 = ssle2.unwrap(oneToTwo, appIn2);
 
- System.out.println("result1.bytesProduced() is: " + result1.bytesProduced());
-
  if ((result1.bytesProduced() != 0) &&
  (result1.bytesProduced() != appBufferMax) &&
  (result1.bytesProduced() != 2 * OFFSET)) {
@@ -188,29 +184,21 @@ private void runTest(String cipher) throws Exception {
  }
 
  public static void main(String args[]) throws Exception {
- // reset the security property to make sure that the algorithms
- // and keys used in this test are not disabled.
- if (!(Utils.isFIPS() && Utils.getFipsProfile().equals("OpenJCEPlusFIPS.FIPS140-3-Test-TLS"))) {
- Security.setProperty("jdk.tls.disabledAlgorithms", "");
- }
-
  LargeBufs test;
 
- if (!(Utils.isFIPS() && Utils.getFipsProfile().equals("OpenJCEPlusFIPS.FIPS140-3-Test-TLS"))) {
+ if (!(Utils.isFIPS())) {
+ // reset the security property to make sure that the algorithms
+ // and keys used in this test are not disabled.
+ Security.setProperty("jdk.tls.disabledAlgorithms", "");
  test = new LargeBufs();
  test.runTest("SSL_RSA_WITH_RC4_128_MD5");
- }
-
- if (!(Utils.isFIPS() && Utils.getFipsProfile().equals("OpenJCEPlusFIPS.FIPS140-3-Test-TLS"))) {
  test = new LargeBufs();
  test.runTest("SSL_RSA_WITH_3DES_EDE_CBC_SHA");
- }
-
- if ((Utils.isFIPS() && Utils.getFipsProfile().equals("OpenJCEPlusFIPS.FIPS140-3-Test-TLS"))) {
+ } else {
  test = new LargeBufs();
  test.runTest("TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256");
  test = new LargeBufs();
- test.runTest("TLS_AES_128_GCM_SHA256");
+ test.runTest("TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384");
  }
 
  System.out.println("Test Passed.");
@@ -264,7 +252,6 @@ private void createBuffers() {
  // that the ability to concume or produce applicaton data upto
  // the size. 16384 is the default JSSE implementation maximum
  // application size that could be consumed and produced.
- // appBufferMax = 16384;
  appBufferMax = 16384;
  netBufferMax = session.getPacketBufferSize();
 
@@ -329,5 +316,5 @@ private static void log(String str) {
  if (debug) {
  System.out.println(str);
  }
- } 
-}
+ }
+}

test/jdk/javax/net/ssl/SSLEngine/NoAuthClientAuth.java

@@ -144,7 +144,7 @@ public class NoAuthClientAuth {
  * Main entry point for this test.
  */
  public static void main(String args[]) throws Exception {
- if (!(Utils.isFIPS() && Utils.getFipsProfile().equals("OpenJCEPlusFIPS.FIPS140-3-Test-TLS"))) {
+ if (!(Utils.isFIPS())) {
  Security.setProperty("jdk.tls.disabledAlgorithms", "");
  tlsProtocol = args[0];
  } else {

test/jdk/javax/net/ssl/SSLEngine/TestAllSuites.java

@@ -243,7 +243,7 @@ public static void main(String args[]) throws Exception {
  if (args.length < 1) {
  throw new RuntimeException("Missing TLS protocol parameter.");
  }
- if (!(Utils.isFIPS() && Utils.getFipsProfile().equals("OpenJCEPlusFIPS.FIPS140-3-Test-TLS"))) {
+ if (!(Utils.isFIPS())) {
  switch(args[0]) {
  case "TLSv1.1" -> SecurityUtils.removeFromDisabledTlsAlgs("TLSv1.1");
  case "TLSv1.3" -> SecurityUtils.addToDisabledTlsAlgs("TLSv1.2");

test/jdk/javax/net/ssl/SSLParameters/UseCipherSuitesOrder.java

@@ -178,7 +178,7 @@ private static void parseArguments(String[] args) throws Exception {
  throw new Exception("Need to enable at least two cipher suites");
  }
 
- if ((Utils.isFIPS() && Utils.getFipsProfile().equals("OpenJCEPlusFIPS.FIPS140-3-Test-TLS"))) {
+ if (Utils.isFIPS()) {
  cliEnabledCipherSuites = new String[] { "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384"};
  }
 
@@ -205,7 +205,7 @@ private static void parseArguments(String[] args) throws Exception {
  public static void main(String[] args) throws Exception {
  // reset the security property to make sure that the algorithms
  // and keys used in this test are not disabled.
- if (!(Utils.isFIPS() && Utils.getFipsProfile().equals("OpenJCEPlusFIPS.FIPS140-3-Test-TLS"))) {
+ if (!(Utils.isFIPS())) {
  Security.setProperty("jdk.tls.disabledAlgorithms", "");
  }
 
@@ -219,7 +219,7 @@ public static void main(String[] args) throws Exception {
  System.getProperty("test.src", ".") + "/" + pathToStores +
  "/" + trustStoreFile;
 
- if ((Utils.isFIPS() && Utils.getFipsProfile().equals("OpenJCEPlusFIPS.FIPS140-3-Test-TLS"))) {
+ if (Utils.isFIPS()) {
  keyFilename = Utils.revertJKSToPKCS12(keyFilename, passwd);
  trustFilename = Utils.revertJKSToPKCS12(trustFilename, passwd);
  }

test/jdk/javax/net/ssl/SSLSession/HttpsURLConnectionLocalCertificateChain.java

@@ -248,7 +248,7 @@ public static void main(String[] args) throws Exception {
  System.getProperty("test.src", "./") + "/" + pathToStores +
  "/" + trustStoreFile;
 
- if ((Utils.isFIPS() && Utils.getFipsProfile().equals("OpenJCEPlusFIPS.FIPS140-3-Test-TLS"))) {
+ if (Utils.isFIPS()) {
  keyFilename = Utils.revertJKSToPKCS12(keyFilename, passwd);
  trustFilename = Utils.revertJKSToPKCS12(trustFilename, passwd);
  }

test/jdk/javax/net/ssl/SSLSession/JSSERenegotiate.java

@@ -197,7 +197,7 @@ void doClientSide() throws Exception {
  public static void main(String[] args) throws Exception {
  // reset the security property to make sure that the cipher suites
  // used in this test are not disabled
- if (!(Utils.isFIPS() && Utils.getFipsProfile().equals("OpenJCEPlusFIPS.FIPS140-3-Test-TLS"))) {
+ if (!(Utils.isFIPS())) {
  Security.setProperty("jdk.tls.disabledAlgorithms", "");
  }
 
@@ -208,7 +208,7 @@ public static void main(String[] args) throws Exception {
  System.getProperty("test.src", "./") + "/" + pathToStores +
  "/" + trustStoreFile;
 
- if ((Utils.isFIPS() && Utils.getFipsProfile().equals("OpenJCEPlusFIPS.FIPS140-3-Test-TLS"))) {
+ if (Utils.isFIPS()) {
  keyFilename = Utils.revertJKSToPKCS12(keyFilename, passwd);
  trustFilename = Utils.revertJKSToPKCS12(trustFilename, passwd);
  suite1 = "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256";
@@ -225,7 +225,6 @@ public static void main(String[] args) throws Exception {
 
  if (debug)
  System.setProperty("javax.net.debug", "all");
-
  /*
  * Start the tests.
  */