Artur Barashev

8341964: Add mechanism to disable different parts of TLS cipher suite

4

The current syntax of the jdk.tls.disabledAlgorithms makes it difficult to disable algorithms that affect both the key exchange and authentication parts of a TLS cipher suite. For example, if you...

8342838: ECDHE algorithm can't be disabled for TLSv1.3 cipher suites

4

`SSLAlgorithmDecomposer.decomposes(CipherSuite.KeyExchange keyExchange)` method is missing the `null` case: TLSv1.3 cipher suites with ECDHE being used for both key exchange and authentication have `null` for KeyExchange object. --------- ### Progress -...

8360539: DTLS handshakes fails due to improper cookie validation logic

4

DESCRIPTION OF THE PROBLEM: There appears to be a bug in the isCookieValid method of HelloCookieManager that can lead to improper cookie validation results after a new cookieSecret is generated....

Simplifying SSLAlgorithmConstraints 3

3

--------- ### Progress - [ ] Change must be properly reviewed (1 review required, with at least 1 [Reviewer](https://openjdk.org/bylaws#reviewer)) - [x] Change must not contain extraneous whitespace - [ ]...

Simplifying SSLAlgorithmConstraints 2

3

--------- ### Progress - [ ] Change must be properly reviewed (1 review required, with at least 1 [Reviewer](https://openjdk.org/bylaws#reviewer)) - [x] Change must not contain extraneous whitespace - [ ]...

Simplifying SSLAlgorithmConstraints

3

--------- ### Progress - [ ] Change must be properly reviewed (1 review required, with at least 1 [Reviewer](https://openjdk.org/bylaws#reviewer)) - [x] Change must not contain extraneous whitespace - [ ]...