On Wed, 20 Sep 2023 20:13:35 GMT, Jamil Nimeh <jni...@openjdk.org> wrote:
>> Sean Mullan has updated the pull request incrementally with one additional >> commit since the last revision: >> >> Only adjust sever hello size for TLS_DHE_RSA_WITH_AES_128_CBC_SHA with >> TLSv1.2. >> Fix some typos. > > test/jdk/sun/security/ssl/DHKeyExchange/DHEKeySizing.java line 35: > >> 33: * @library /javax/net/ssl/templates >> 34: * @run main/othervm -Djdk.tls.client.enableSessionTicketExtension=false >> 35: * DHEKeySizing TLS_DHE_RSA_WITH_AES_128_CBC_SHA 1645 267 TLSv1 > > Just curious why the server key exchange length went up in size by a couple > bytes. Was 1643 incorrect before this change? Good question. Part of this is a cut-and-paste error. The only change to 1645 bytes should be for line 64. The previous version of this test used TLS 1.0 for all the tests. When testing this on different protocols, I noticed the server hello for this cipher suite takes 2 extra bytes on TLSv1.2, and this was enough to cause the test to fail even with the 6 extra bytes for KEY_LEN_BIAS. - I don't know the exact reason why it takes a few extra bytes though. I fixed this in the latest commit - only line 64 should be different now for the server hello length. ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/15846#discussion_r1333060926
