diff --git a/closed/test/jdk/openj9/internal/security/TestProviders.java b/closed/test/jdk/openj9/internal/security/TestProviders.java index c5b3427a626..25639c9a660 100644 --- a/closed/test/jdk/openj9/internal/security/TestProviders.java +++ b/closed/test/jdk/openj9/internal/security/TestProviders.java @@ -45,30 +45,30 @@ public class TestProviders { private static Stream patternMatches_expectedExitValue0() { return Stream.of( - // Test OpenJCEPlusFIPS strict profile provider list - Arguments.of("OpenJCEPlusFIPS.FIPS140-3", + // Test strict profile provider list + Arguments.of("TestBase.Version", System.getProperty("test.src") + "/provider-java.security", - "(?s)(?=.*OpenJCEPlusFIPS)(?=.*\\bSUN\\b)(?=.*SunJSSE)"), - // Test OpenJCEPlusFIPS default profile provider list - Arguments.of("OpenJCEPlusFIPS", + "(?s)(?=.*Sun)(?=.*\\bSunJCE\\b)(?=.*SunJSSE)"), + // Test default profile provider list + Arguments.of("TestBase", System.getProperty("test.src") + "/provider-java.security", - "(?s)(?=.*OpenJCEPlusFIPS)(?=.*\\bSUN\\b)(?=.*SunRsaSign)" + - "(?=.*SunEC)(?=.*SunJSSE)(?=.*SunJCE)(?=.*SunJGSS)(?=.*SunSASL)" + + "(?s)(?=.*Sun)(?=.*SunRsaSign)(?=.*SunEC)(?=.*SunJSSE)" + + "(?=.*SunJCE)(?=.*SunJGSS)(?=.*SunSASL)" + "(?=.*XMLDSig)(?=.*SunPCSC)(?=.*JdkLDAP)(?=.*JdkSASL)"), - // Test OpenJCEPlusFIPS weakly enforced profile provider list - Arguments.of("OpenJCEPlusFIPS.FIPS140-3-Weakly-Enforced", + // Test extended profile provider list + Arguments.of("TestBase.Version-Extended", System.getProperty("test.src") + "/provider-java.security", - "(?s)(?=.*OpenJCEPlusFIPS)(?=.*\\bSUN\\b)(?=.*SunRsaSign)" + - "(?=.*SunEC)(?=.*SunJSSE)(?=.*SunJCE)(?=.*SunJGSS)(?=.*SunSASL)" + + "(?s)(?=.*Sun)(?=.*SunRsaSign)(?=.*SunEC)(?=.*SunJSSE)" + + "(?=.*SunJCE)(?=.*SunJGSS)(?=.*SunSASL)" + "(?=.*XMLDSig)(?=.*SunPCSC)(?=.*JdkLDAP)(?=.*JdkSASL)"), // Test update provider list with value Arguments.of("Test-Profile.Updated_1", System.getProperty("test.src") + "/provider-java.security", - "(?s)(?=.*OpenJCEPlusFIPS)(?=.*\\bSUN\\b)(?=.*SunSASL)"), + "(?s)(?=.*Sun)(?=.*\\bSunJCE\\b)(?=.*SunSASL)"), // Test update provider list with null Arguments.of("Test-Profile.Updated_2", System.getProperty("test.src") + "/provider-java.security", - "(?s)(?=.*OpenJCEPlusFIPS)(?=.*\\bSUN\\b)(?=.*SunJSSE)") + "(?s)(?=.*Sun)(?=.*\\bSunJCE\\b)(?=.*SunJSSE)") ); } diff --git a/closed/test/jdk/openj9/internal/security/property-java.security b/closed/test/jdk/openj9/internal/security/property-java.security index 8fd3253ba38..70915490f0a 100644 --- a/closed/test/jdk/openj9/internal/security/property-java.security +++ b/closed/test/jdk/openj9/internal/security/property-java.security @@ -1,7 +1,7 @@ RestrictedSecurity.TestBase.Version.desc.name = Test Base Profile RestrictedSecurity.TestBase.Version.desc.default = false RestrictedSecurity.TestBase.Version.desc.fips = true -RestrictedSecurity.TestBase.Version.desc.hash = SHA256:1d216c0b9032a83521c185273e753a960b8e1695bb06da0f193dffe0f6ed9898 +RestrictedSecurity.TestBase.Version.desc.hash = SHA256:0ca32676ac2ae92d0469cbf293f3a69416c5d0312c80473319452f4d6995d234 RestrictedSecurity.TestBase.Version.desc.number = Certificate #XXX RestrictedSecurity.TestBase.Version.desc.policy = https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/ RestrictedSecurity.TestBase.Version.desc.sunsetDate = 2026-09-21 @@ -14,8 +14,8 @@ RestrictedSecurity.TestBase.Version.tls.legacyAlgorithms = RestrictedSecurity.TestBase.Version.jce.certpath.disabledAlgorithms = RestrictedSecurity.TestBase.Version.jce.legacyAlgorithms = -RestrictedSecurity.TestBase.Version.jce.provider.1 = com.ibm.crypto.plus.provider.OpenJCEPlusFIPS -RestrictedSecurity.TestBase.Version.jce.provider.2 = sun.security.provider.Sun +RestrictedSecurity.TestBase.Version.jce.provider.1 = sun.security.provider.Sun +RestrictedSecurity.TestBase.Version.jce.provider.2 = com.sun.crypto.provider.SunJCE RestrictedSecurity.TestBase.Version.jce.provider.3 = sun.security.ssl.SunJSSE RestrictedSecurity.TestBase.Version.javax.net.ssl.keyStore = NONE @@ -27,18 +27,17 @@ RestrictedSecurity.TestBase.Version-Extended.desc.default = true RestrictedSecurity.TestBase.Version-Extended.extends = RestrictedSecurity.TestBase.Version RestrictedSecurity.TestBase.Version-Extended.tls.disabledAlgorithms = -RestrictedSecurity.TestBase.Version-Extended.jce.provider.1 = com.ibm.crypto.plus.provider.OpenJCEPlusFIPS -RestrictedSecurity.TestBase.Version-Extended.jce.provider.2 = sun.security.provider.Sun -RestrictedSecurity.TestBase.Version-Extended.jce.provider.3 = sun.security.rsa.SunRsaSign -RestrictedSecurity.TestBase.Version-Extended.jce.provider.4 = sun.security.ec.SunEC -RestrictedSecurity.TestBase.Version-Extended.jce.provider.5 = sun.security.ssl.SunJSSE -RestrictedSecurity.TestBase.Version-Extended.jce.provider.6 = com.sun.crypto.provider.SunJCE -RestrictedSecurity.TestBase.Version-Extended.jce.provider.7 = sun.security.jgss.SunProvider -RestrictedSecurity.TestBase.Version-Extended.jce.provider.8 = com.sun.security.sasl.Provider -RestrictedSecurity.TestBase.Version-Extended.jce.provider.9 = org.jcp.xml.dsig.internal.dom.XMLDSigRI -RestrictedSecurity.TestBase.Version-Extended.jce.provider.10 = sun.security.smartcardio.SunPCSC -RestrictedSecurity.TestBase.Version-Extended.jce.provider.11 = sun.security.provider.certpath.ldap.JdkLDAP -RestrictedSecurity.TestBase.Version-Extended.jce.provider.12 = com.sun.security.sasl.gsskerb.JdkSASL +RestrictedSecurity.TestBase.Version-Extended.jce.provider.1 = sun.security.provider.Sun +RestrictedSecurity.TestBase.Version-Extended.jce.provider.2 = sun.security.rsa.SunRsaSign +RestrictedSecurity.TestBase.Version-Extended.jce.provider.3 = sun.security.ec.SunEC +RestrictedSecurity.TestBase.Version-Extended.jce.provider.4 = sun.security.ssl.SunJSSE +RestrictedSecurity.TestBase.Version-Extended.jce.provider.5 = com.sun.crypto.provider.SunJCE +RestrictedSecurity.TestBase.Version-Extended.jce.provider.6 = sun.security.jgss.SunProvider +RestrictedSecurity.TestBase.Version-Extended.jce.provider.7 = com.sun.security.sasl.Provider +RestrictedSecurity.TestBase.Version-Extended.jce.provider.8 = org.jcp.xml.dsig.internal.dom.XMLDSigRI +RestrictedSecurity.TestBase.Version-Extended.jce.provider.9 = sun.security.smartcardio.SunPCSC +RestrictedSecurity.TestBase.Version-Extended.jce.provider.10 = sun.security.provider.certpath.ldap.JdkLDAP +RestrictedSecurity.TestBase.Version-Extended.jce.provider.11 = com.sun.security.sasl.gsskerb.JdkSASL # # Test-Profile.Base @@ -55,8 +54,8 @@ RestrictedSecurity.Test-Profile.Base.fips.mode = 140-3 RestrictedSecurity.Test-Profile.Base.tls.disabledAlgorithmsWrongTypo = -RestrictedSecurity.Test-Profile.Base.jce.provider.1 = com.ibm.crypto.plus.provider.OpenJCEPlusFIPS -RestrictedSecurity.Test-Profile.Base.jce.provider.2 = sun.security.provider.Sun +RestrictedSecurity.Test-Profile.Base.jce.provider.1 = sun.security.provider.Sun +RestrictedSecurity.Test-Profile.Base.jce.provider.2 = com.sun.crypto.provider.SunJCE RestrictedSecurity.Test-Profile.Base.jce.provider.3 = sun.security.ssl.SunJSSE RestrictedSecurity.Test-Profile.Base.securerandom.provider = OpenJCEPlusFIPS @@ -71,8 +70,8 @@ RestrictedSecurity.Test-Profile.Extended_1.desc.default = true RestrictedSecurity.Test-Profile.Extended_1.extends = RestrictedSecurity.TestBase.Version RestrictedSecurity.Test-Profile.Extended_1.tls.disabledAlgorithms = -RestrictedSecurity.Test-Profile.Extended_1.jce.provider.1 = com.ibm.crypto.plus.provider.OpenJCEPlusFIPS -RestrictedSecurity.Test-Profile.Extended_1.jce.provider.2 = sun.security.provider.Sun +RestrictedSecurity.Test-Profile.Extended_1.jce.provider.1 = sun.security.provider.Sun +RestrictedSecurity.Test-Profile.Extended_1.jce.provider.2 = com.sun.crypto.provider.SunJCE RestrictedSecurity.Test-Profile.Extended_1.jce.providerWrongTypo = sun.security.rsa.SunRsaSign RestrictedSecurity.Test-Profile.Extended_1.jce.provider.4 = sun.security.ec.SunEC RestrictedSecurity.Test-Profile.Extended_1.jce.provider.5 = sun.security.ssl.SunJSSE @@ -106,8 +105,8 @@ RestrictedSecurity.Test-Profile-MultiDefault.Base.desc.policy = https://csrc.nis RestrictedSecurity.Test-Profile-MultiDefault.Base.desc.sunsetDate = 2026-09-21 RestrictedSecurity.Test-Profile-MultiDefault.Base.fips.mode = 140-3 -RestrictedSecurity.Test-Profile-MultiDefault.Base.jce.provider.1 = com.ibm.crypto.plus.provider.OpenJCEPlusFIPS -RestrictedSecurity.Test-Profile-MultiDefault.Base.jce.provider.2 = sun.security.provider.Sun +RestrictedSecurity.Test-Profile-MultiDefault.Base.jce.provider.1 = sun.security.provider.Sun +RestrictedSecurity.Test-Profile-MultiDefault.Base.jce.provider.2 = com.sun.crypto.provider.SunJCE RestrictedSecurity.Test-Profile-MultiDefault.Base.jce.provider.3 = sun.security.ssl.SunJSSE RestrictedSecurity.Test-Profile-MultiDefault.Base.securerandom.provider = OpenJCEPlusFIPS @@ -122,7 +121,7 @@ RestrictedSecurity.Test-Profile-MultiDefault.Extension.desc.default = true RestrictedSecurity.Test-Profile-MultiDefault.Extension.extends = RestrictedSecurity.Test-Profile-MultiDefault.Base RestrictedSecurity.Test-Profile-MultiDefault.Extension.tls.disabledAlgorithms = -RestrictedSecurity.Test-Profile-MultiDefault.Extension.jce.provider.1 = com.ibm.crypto.plus.provider.OpenJCEPlusFIPS +RestrictedSecurity.Test-Profile-MultiDefault.Extension.jce.provider.1 = sun.security.provider.Sun # # Test-Profile-NoDefault @@ -133,7 +132,7 @@ RestrictedSecurity.Test-Profile-NoDefault.desc.default = false RestrictedSecurity.Test-Profile-NoDefault.extends = RestrictedSecurity.TestBase.Version RestrictedSecurity.Test-Profile-NoDefault.tls.disabledAlgorithms = -RestrictedSecurity.Test-Profile-NoDefault.jce.providerWrongTypo.1 = com.ibm.crypto.plus.provider.OpenJCEPlusFIPS +RestrictedSecurity.Test-Profile-NoDefault.jce.providerWrongTypo.1 = sun.security.provider.Sun # # Test-Profile.Extended_3 @@ -144,7 +143,7 @@ RestrictedSecurity.Test-Profile.Extended_3.desc.default = false RestrictedSecurity.Test-Profile.Extended_3.extends = RestrictedSecurity.Test-Profile.BaseNotExist RestrictedSecurity.Test-Profile.Extended_3.tls.disabledAlgorithms = -RestrictedSecurity.Test-Profile.Extended_3.jce.providerWrongTypo.1 = com.ibm.crypto.plus.provider.OpenJCEPlusFIPS +RestrictedSecurity.Test-Profile.Extended_3.jce.providerWrongTypo.1 = sun.security.provider.Sun # # Test-Profile.Extended_4 @@ -155,7 +154,7 @@ RestrictedSecurity.Test-Profile.Extended_4.desc.default = false RestrictedSecurity.Test-Profile.Extended_4.extends = RestrictedSecurity.BaseNotFullProfileName RestrictedSecurity.Test-Profile.Extended_4.tls.disabledAlgorithms = -RestrictedSecurity.Test-Profile.Extended_4.jce.providerWrongTypo.1 = com.ibm.crypto.plus.provider.OpenJCEPlusFIPS +RestrictedSecurity.Test-Profile.Extended_4.jce.providerWrongTypo.1 = sun.security.provider.Sun # # Test-Profile-BaseWithoutHash @@ -169,7 +168,7 @@ RestrictedSecurity.Test-Profile-BaseWithoutHash.desc.policy = https://csrc.nist. RestrictedSecurity.Test-Profile-BaseWithoutHash.desc.sunsetDate = 2026-09-21 RestrictedSecurity.Test-Profile-BaseWithoutHash.fips.mode = 140-3 -RestrictedSecurity.Test-Profile-BaseWithoutHash.jce.provider.1 = com.ibm.crypto.plus.provider.OpenJCEPlusFIPS +RestrictedSecurity.Test-Profile-BaseWithoutHash.jce.provider.1 = sun.security.provider.Sun RestrictedSecurity.Test-Profile-BaseWithoutHash.securerandom.provider = OpenJCEPlusFIPS RestrictedSecurity.Test-Profile-BaseWithoutHash.securerandom.algorithm = SHA512DRBG @@ -187,7 +186,7 @@ RestrictedSecurity.Test-Profile-Hash_1.desc.policy = https://csrc.nist.gov/proje RestrictedSecurity.Test-Profile-Hash_1.desc.sunsetDate = 2026-09-21 RestrictedSecurity.Test-Profile-Hash_1.fips.mode = 140-3 -RestrictedSecurity.Test-Profile-Hash_1.jce.provider.1 = com.ibm.crypto.plus.provider.OpenJCEPlusFIPS +RestrictedSecurity.Test-Profile-Hash_1.jce.provider.1 = sun.security.provider.Sun RestrictedSecurity.Test-Profile-Hash_1.securerandom.provider = OpenJCEPlusFIPS RestrictedSecurity.Test-Profile-Hash_1.securerandom.algorithm = SHA512DRBG @@ -205,7 +204,7 @@ RestrictedSecurity.Test-Profile-Hash_2.desc.policy = https://csrc.nist.gov/proje RestrictedSecurity.Test-Profile-Hash_2.desc.sunsetDate = 2026-09-21 RestrictedSecurity.Test-Profile-Hash_2.fips.mode = 140-3 -RestrictedSecurity.Test-Profile-Hash_2.jce.provider.1 = com.ibm.crypto.plus.provider.OpenJCEPlusFIPS +RestrictedSecurity.Test-Profile-Hash_2.jce.provider.1 = sun.security.provider.Sun RestrictedSecurity.Test-Profile-Hash_2.securerandom.provider = OpenJCEPlusFIPS RestrictedSecurity.Test-Profile-Hash_2.securerandom.algorithm = SHA512DRBG @@ -232,8 +231,8 @@ RestrictedSecurity.Test-Profile-SetProperty.Base.tls.disabledAlgorithms = \ RestrictedSecurity.Test-Profile-SetProperty.Base.tls.ephemeralDHKeySize = RestrictedSecurity.Test-Profile-SetProperty.Base.jce.certpath.disabledAlgorithms = -RestrictedSecurity.Test-Profile-SetProperty.Base.jce.provider.1 = com.ibm.crypto.plus.provider.OpenJCEPlusFIPS -RestrictedSecurity.Test-Profile-SetProperty.Base.jce.provider.2 = sun.security.provider.Sun +RestrictedSecurity.Test-Profile-SetProperty.Base.jce.provider.1 = sun.security.provider.Sun +RestrictedSecurity.Test-Profile-SetProperty.Base.jce.provider.2 = com.sun.crypto.provider.SunJCE RestrictedSecurity.Test-Profile-SetProperty.Base.jce.provider.3 = sun.security.ssl.SunJSSE RestrictedSecurity.Test-Profile-SetProperty.Base.securerandom.provider = OpenJCEPlusFIPS @@ -248,7 +247,7 @@ RestrictedSecurity.Test-Profile-SetProperty.Extension_1.desc.default = true RestrictedSecurity.Test-Profile-SetProperty.Extension_1.extends = RestrictedSecurity.Test-Profile-SetProperty.Base RestrictedSecurity.Test-Profile-SetProperty.Extension_1.securerandom.provider = + Sun -RestrictedSecurity.Test-Profile-SetProperty.Extension_1.jce.provider.1 = com.ibm.crypto.plus.provider.OpenJCEPlusFIPS +RestrictedSecurity.Test-Profile-SetProperty.Extension_1.jce.provider.1 = sun.security.provider.Sun # # Test-Profile-SetProperty.Extension_2 @@ -259,7 +258,7 @@ RestrictedSecurity.Test-Profile-SetProperty.Extension_2.desc.default = true RestrictedSecurity.Test-Profile-SetProperty.Extension_2.extends = RestrictedSecurity.Test-Profile-SetProperty.Base RestrictedSecurity.Test-Profile-SetProperty.Extension_2.tls.disabledNamedCurves = + TestNamedCurves -RestrictedSecurity.Test-Profile-SetProperty.Extension_2.jce.provider.1 = com.ibm.crypto.plus.provider.OpenJCEPlusFIPS +RestrictedSecurity.Test-Profile-SetProperty.Extension_2.jce.provider.1 = sun.security.provider.Sun # # Test-Profile-SetProperty.Extension_3 @@ -270,7 +269,7 @@ RestrictedSecurity.Test-Profile-SetProperty.Extension_3.desc.default = true RestrictedSecurity.Test-Profile-SetProperty.Extension_3.extends = RestrictedSecurity.Test-Profile-SetProperty.Base RestrictedSecurity.Test-Profile-SetProperty.Extension_3.tls.disabledAlgorithms = - TestDisabledlgorithms -RestrictedSecurity.Test-Profile-SetProperty.Extension_3.jce.provider.1 = com.ibm.crypto.plus.provider.OpenJCEPlusFIPS +RestrictedSecurity.Test-Profile-SetProperty.Extension_3.jce.provider.1 = sun.security.provider.Sun # # Test-Profile-PolicySunset.Base @@ -285,7 +284,7 @@ RestrictedSecurity.Test-Profile-PolicySunset.Base.desc.policy = https://csrc.nis RestrictedSecurity.Test-Profile-PolicySunset.Base.desc.sunsetDate = 2023-09-21 RestrictedSecurity.Test-Profile-PolicySunset.Base.fips.mode = 140-3 -RestrictedSecurity.Test-Profile-PolicySunset.Base.jce.provider.1 = com.ibm.crypto.plus.provider.OpenJCEPlusFIPS +RestrictedSecurity.Test-Profile-PolicySunset.Base.jce.provider.1 = sun.security.provider.Sun RestrictedSecurity.Test-Profile-PolicySunset.Base.securerandom.provider = OpenJCEPlusFIPS RestrictedSecurity.Test-Profile-PolicySunset.Base.securerandom.algorithm = SHA512DRBG @@ -303,7 +302,7 @@ RestrictedSecurity.Test-Profile-PolicySunsetFormat.Base.desc.policy = https://cs RestrictedSecurity.Test-Profile-PolicySunsetFormat.Base.desc.sunsetDate = 09-21-2024 RestrictedSecurity.Test-Profile-PolicySunsetFormat.Base.fips.mode = 140-3 -RestrictedSecurity.Test-Profile-PolicySunsetFormat.Base.jce.provider.1 = com.ibm.crypto.plus.provider.OpenJCEPlusFIPS +RestrictedSecurity.Test-Profile-PolicySunsetFormat.Base.jce.provider.1 = sun.security.provider.Sun RestrictedSecurity.Test-Profile-PolicySunsetFormat.Base.securerandom.provider = OpenJCEPlusFIPS RestrictedSecurity.Test-Profile-PolicySunsetFormat.Base.securerandom.algorithm = SHA512DRBG @@ -321,7 +320,7 @@ RestrictedSecurity.Test-Profile-SecureRandomCheck_1.desc.policy = https://csrc.n RestrictedSecurity.Test-Profile-SecureRandomCheck_1.desc.sunsetDate = 2026-09-21 RestrictedSecurity.Test-Profile-SecureRandomCheck_1.fips.mode = 140-3 -RestrictedSecurity.Test-Profile-SecureRandomCheck_1.jce.provider.1 = com.ibm.crypto.plus.provider.OpenJCEPlusFIPS +RestrictedSecurity.Test-Profile-SecureRandomCheck_1.jce.provider.1 = sun.security.provider.Sun RestrictedSecurity.Test-Profile-SecureRandomCheck_1.securerandom.provider = RestrictedSecurity.Test-Profile-SecureRandomCheck_1.securerandom.algorithm = SHA512DRBG @@ -339,7 +338,7 @@ RestrictedSecurity.Test-Profile-SecureRandomCheck_2.desc.policy = https://csrc.n RestrictedSecurity.Test-Profile-SecureRandomCheck_2.desc.sunsetDate = 2026-09-21 RestrictedSecurity.Test-Profile-SecureRandomCheck_2.fips.mode = 140-3 -RestrictedSecurity.Test-Profile-SecureRandomCheck_2.jce.provider.1 = com.ibm.crypto.plus.provider.OpenJCEPlusFIPS +RestrictedSecurity.Test-Profile-SecureRandomCheck_2.jce.provider.1 = sun.security.provider.Sun RestrictedSecurity.Test-Profile-SecureRandomCheck_2.securerandom.provider = OpenJCEPlusFIPS @@ -356,7 +355,7 @@ RestrictedSecurity.Test-Profile-Constraint_1.desc.policy = https://csrc.nist.gov RestrictedSecurity.Test-Profile-Constraint_1.desc.sunsetDate = 2026-09-21 RestrictedSecurity.Test-Profile-Constraint_1.fips.mode = 140-3 -RestrictedSecurity.Test-Profile-Constraint_1.jce.provider.1 = com.ibm.crypto.plus.provider.OpenJCEPlusFIPS \ +RestrictedSecurity.Test-Profile-Constraint_1.jce.provider.1 = com.sun.crypto.provider.SunJCE \ {AlgorithmParameterGenerator, AESGCM, *}, \ {AlgorithmParameterGenerator, CCM, *}] @@ -376,7 +375,7 @@ RestrictedSecurity.Test-Profile-Constraint_2.desc.policy = https://csrc.nist.gov RestrictedSecurity.Test-Profile-Constraint_2.desc.sunsetDate = 2026-09-21 RestrictedSecurity.Test-Profile-Constraint_2.fips.mode = 140-3 -RestrictedSecurity.Test-Profile-Constraint_2.jce.provider.1 = com.ibm.crypto.plus.provider.OpenJCEPlusFIPS [ \ +RestrictedSecurity.Test-Profile-Constraint_2.jce.provider.1 = com.sun.crypto.provider.SunJCE [ \ {AlgorithmParameterGenerator, AESGCM, *} \ {AlgorithmParameterGenerator, CCM, *}] @@ -396,7 +395,7 @@ RestrictedSecurity.Test-Profile-Constraint_3.desc.policy = https://csrc.nist.gov RestrictedSecurity.Test-Profile-Constraint_3.desc.sunsetDate = 2026-09-21 RestrictedSecurity.Test-Profile-Constraint_3.fips.mode = 140-3 -RestrictedSecurity.Test-Profile-Constraint_3.jce.provider.1 = com.ibm.crypto.plus.provider.OpenJCEPlusFIPS [ {} ] +RestrictedSecurity.Test-Profile-Constraint_3.jce.provider.1 = com.sun.crypto.provider.SunJCE [ {} ] RestrictedSecurity.Test-Profile-Constraint_3.securerandom.provider = OpenJCEPlusFIPS RestrictedSecurity.Test-Profile-Constraint_3.securerandom.algorithm = SHA512DRBG @@ -414,7 +413,7 @@ RestrictedSecurity.Test-Profile-Constraint_Attributes.desc.policy = https://csrc RestrictedSecurity.Test-Profile-Constraint_Attributes.desc.sunsetDate = 2026-09-21 RestrictedSecurity.Test-Profile-Constraint_Attributes.fips.mode = 140-3 -RestrictedSecurity.Test-Profile-Constraint_Attributes.jce.provider.1 = com.ibm.crypto.plus.provider.OpenJCEPlusFIPS +RestrictedSecurity.Test-Profile-Constraint_Attributes.jce.provider.1 = com.sun.crypto.provider.SunJCE RestrictedSecurity.Test-Profile-Constraint_Attributes.jce.provider.2 = sun.security.provider.Sun [ \ {CertificateFactory, X.509, ImplementedInSoftware}] @@ -434,7 +433,7 @@ RestrictedSecurity.Test-Profile-ConstraintChanged_1.Base.desc.policy = https://c RestrictedSecurity.Test-Profile-ConstraintChanged_1.Base.desc.sunsetDate = 2026-09-21 RestrictedSecurity.Test-Profile-ConstraintChanged_1.Base.fips.mode = 140-3 -RestrictedSecurity.Test-Profile-ConstraintChanged_1.Base.jce.provider.1 = com.ibm.crypto.plus.provider.OpenJCEPlusFIPS [ \ +RestrictedSecurity.Test-Profile-ConstraintChanged_1.Base.jce.provider.1 = com.sun.crypto.provider.SunJCE [ \ {AlgorithmParameterGenerator, AESGCM, *}, \ {AlgorithmParameterGenerator, CCM, *}] RestrictedSecurity.Test-Profile-ConstraintChanged_1.Base.jce.provider.2 = sun.security.provider.Sun [ \ @@ -467,7 +466,7 @@ RestrictedSecurity.Test-Profile-ConstraintChanged_2.Base.desc.policy = https://c RestrictedSecurity.Test-Profile-ConstraintChanged_2.Base.desc.sunsetDate = 2026-09-21 RestrictedSecurity.Test-Profile-ConstraintChanged_2.Base.fips.mode = 140-3 -RestrictedSecurity.Test-Profile-ConstraintChanged_2.Base.jce.provider.1 = com.ibm.crypto.plus.provider.OpenJCEPlusFIPS [ \ +RestrictedSecurity.Test-Profile-ConstraintChanged_2.Base.jce.provider.1 = com.sun.crypto.provider.SunJCE [ \ {AlgorithmParameterGenerator, AESGCM, *}, \ {AlgorithmParameterGenerator, CCM, *}] RestrictedSecurity.Test-Profile-ConstraintChanged_2.Base.jce.provider.2 = sun.security.provider.Sun [ \ @@ -500,7 +499,7 @@ RestrictedSecurity.Test-Profile-ConstraintChanged_3.Base.desc.policy = https://c RestrictedSecurity.Test-Profile-ConstraintChanged_3.Base.desc.sunsetDate = 2026-09-21 RestrictedSecurity.Test-Profile-ConstraintChanged_3.Base.fips.mode = 140-3 -RestrictedSecurity.Test-Profile-ConstraintChanged_3.Base.jce.provider.1 = com.ibm.crypto.plus.provider.OpenJCEPlusFIPS [ + \ +RestrictedSecurity.Test-Profile-ConstraintChanged_3.Base.jce.provider.1 = com.sun.crypto.provider.SunJCE [ + \ {AlgorithmParameterGenerator, AESGCM, *} \ {AlgorithmParameterGenerator, CCM, *}] diff --git a/closed/test/jdk/openj9/internal/security/provider-java.security b/closed/test/jdk/openj9/internal/security/provider-java.security index b06a3df02dc..b6a50256057 100644 --- a/closed/test/jdk/openj9/internal/security/provider-java.security +++ b/closed/test/jdk/openj9/internal/security/provider-java.security @@ -1,7 +1,7 @@ RestrictedSecurity.TestBase.Version.desc.name = Test Base Profile RestrictedSecurity.TestBase.Version.desc.default = false RestrictedSecurity.TestBase.Version.desc.fips = true -RestrictedSecurity.TestBase.Version.desc.hash = SHA256:1d216c0b9032a83521c185273e753a960b8e1695bb06da0f193dffe0f6ed9898 +RestrictedSecurity.TestBase.Version.desc.hash = SHA256:0ca32676ac2ae92d0469cbf293f3a69416c5d0312c80473319452f4d6995d234 RestrictedSecurity.TestBase.Version.desc.number = Certificate #XXX RestrictedSecurity.TestBase.Version.desc.policy = https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/ RestrictedSecurity.TestBase.Version.desc.sunsetDate = 2026-09-21 @@ -14,8 +14,8 @@ RestrictedSecurity.TestBase.Version.tls.legacyAlgorithms = RestrictedSecurity.TestBase.Version.jce.certpath.disabledAlgorithms = RestrictedSecurity.TestBase.Version.jce.legacyAlgorithms = -RestrictedSecurity.TestBase.Version.jce.provider.1 = com.ibm.crypto.plus.provider.OpenJCEPlusFIPS -RestrictedSecurity.TestBase.Version.jce.provider.2 = sun.security.provider.Sun +RestrictedSecurity.TestBase.Version.jce.provider.1 = sun.security.provider.Sun +RestrictedSecurity.TestBase.Version.jce.provider.2 = com.sun.crypto.provider.SunJCE RestrictedSecurity.TestBase.Version.jce.provider.3 = sun.security.ssl.SunJSSE RestrictedSecurity.TestBase.Version.javax.net.ssl.keyStore = NONE @@ -27,18 +27,17 @@ RestrictedSecurity.TestBase.Version-Extended.desc.default = true RestrictedSecurity.TestBase.Version-Extended.extends = RestrictedSecurity.TestBase.Version RestrictedSecurity.TestBase.Version-Extended.tls.disabledAlgorithms = -RestrictedSecurity.TestBase.Version-Extended.jce.provider.1 = com.ibm.crypto.plus.provider.OpenJCEPlusFIPS -RestrictedSecurity.TestBase.Version-Extended.jce.provider.2 = sun.security.provider.Sun -RestrictedSecurity.TestBase.Version-Extended.jce.provider.3 = sun.security.rsa.SunRsaSign -RestrictedSecurity.TestBase.Version-Extended.jce.provider.4 = sun.security.ec.SunEC -RestrictedSecurity.TestBase.Version-Extended.jce.provider.5 = sun.security.ssl.SunJSSE -RestrictedSecurity.TestBase.Version-Extended.jce.provider.6 = com.sun.crypto.provider.SunJCE -RestrictedSecurity.TestBase.Version-Extended.jce.provider.7 = sun.security.jgss.SunProvider -RestrictedSecurity.TestBase.Version-Extended.jce.provider.8 = com.sun.security.sasl.Provider -RestrictedSecurity.TestBase.Version-Extended.jce.provider.9 = org.jcp.xml.dsig.internal.dom.XMLDSigRI -RestrictedSecurity.TestBase.Version-Extended.jce.provider.10 = sun.security.smartcardio.SunPCSC -RestrictedSecurity.TestBase.Version-Extended.jce.provider.11 = sun.security.provider.certpath.ldap.JdkLDAP -RestrictedSecurity.TestBase.Version-Extended.jce.provider.12 = com.sun.security.sasl.gsskerb.JdkSASL +RestrictedSecurity.TestBase.Version-Extended.jce.provider.1 = sun.security.provider.Sun +RestrictedSecurity.TestBase.Version-Extended.jce.provider.2 = sun.security.rsa.SunRsaSign +RestrictedSecurity.TestBase.Version-Extended.jce.provider.3 = sun.security.ec.SunEC +RestrictedSecurity.TestBase.Version-Extended.jce.provider.4 = sun.security.ssl.SunJSSE +RestrictedSecurity.TestBase.Version-Extended.jce.provider.5 = com.sun.crypto.provider.SunJCE +RestrictedSecurity.TestBase.Version-Extended.jce.provider.6 = sun.security.jgss.SunProvider +RestrictedSecurity.TestBase.Version-Extended.jce.provider.7 = com.sun.security.sasl.Provider +RestrictedSecurity.TestBase.Version-Extended.jce.provider.8 = org.jcp.xml.dsig.internal.dom.XMLDSigRI +RestrictedSecurity.TestBase.Version-Extended.jce.provider.9 = sun.security.smartcardio.SunPCSC +RestrictedSecurity.TestBase.Version-Extended.jce.provider.10 = sun.security.provider.certpath.ldap.JdkLDAP +RestrictedSecurity.TestBase.Version-Extended.jce.provider.11 = com.sun.security.sasl.gsskerb.JdkSASL # # Test-Profile.Updated_1 @@ -49,8 +48,8 @@ RestrictedSecurity.Test-Profile.Updated_1.desc.default = true RestrictedSecurity.Test-Profile.Updated_1.extends = RestrictedSecurity.TestBase.Version RestrictedSecurity.Test-Profile.Updated_1.tls.disabledAlgorithms = -RestrictedSecurity.Test-Profile.Updated_1.jce.provider.1 = com.ibm.crypto.plus.provider.OpenJCEPlusFIPS -RestrictedSecurity.Test-Profile.Updated_1.jce.provider.2 = sun.security.provider.Sun +RestrictedSecurity.Test-Profile.Updated_1.jce.provider.1 = sun.security.provider.Sun +RestrictedSecurity.Test-Profile.Updated_1.jce.provider.2 = com.sun.crypto.provider.SunJCE RestrictedSecurity.Test-Profile.Updated_1.jce.provider.3 = com.sun.security.sasl.Provider # @@ -62,7 +61,7 @@ RestrictedSecurity.Test-Profile.Updated_2.desc.default = true RestrictedSecurity.Test-Profile.Updated_2.extends = RestrictedSecurity.TestBase.Version RestrictedSecurity.Test-Profile.Updated_2.tls.disabledAlgorithms = -RestrictedSecurity.Test-Profile.Updated_2.jce.provider.1 = com.ibm.crypto.plus.provider.OpenJCEPlusFIPS +RestrictedSecurity.Test-Profile.Updated_2.jce.provider.1 = sun.security.provider.Sun RestrictedSecurity.Test-Profile.Updated_2.jce.provider.3 = sun.security.ssl.SunJSSE # @@ -74,8 +73,8 @@ RestrictedSecurity.Test-Profile.Updated_3.desc.default = true RestrictedSecurity.Test-Profile.Updated_3.extends = RestrictedSecurity.TestBase.Version RestrictedSecurity.Test-Profile.Updated_3.tls.disabledAlgorithms = -RestrictedSecurity.Test-Profile.Updated_3.jce.provider.1 = com.ibm.crypto.plus.provider.OpenJCEPlusFIPS -RestrictedSecurity.Test-Profile.Updated_3.jce.provider.2 = sun.security.provider.Sun +RestrictedSecurity.Test-Profile.Updated_3.jce.provider.1 = sun.security.provider.Sun +RestrictedSecurity.Test-Profile.Updated_3.jce.provider.2 = com.sun.crypto.provider.SunJCE RestrictedSecurity.Test-Profile.Updated_3.jce.provider.3 = RestrictedSecurity.Test-Profile.Updated_3.jce.provider.4 = sun.security.ec.SunEC RestrictedSecurity.Test-Profile.Updated_3.jce.provider.5 = sun.security.ssl.SunJSSE @@ -89,7 +88,7 @@ RestrictedSecurity.Test-Profile.Updated_4.desc.default = true RestrictedSecurity.Test-Profile.Updated_4.extends = RestrictedSecurity.TestBase.Version RestrictedSecurity.Test-Profile.Updated_4.tls.disabledAlgorithms = -RestrictedSecurity.Test-Profile.Updated_4.jce.provider.1 = com.ibm.crypto.plus.provider.OpenJCEPlusFIPS +RestrictedSecurity.Test-Profile.Updated_4.jce.provider.1 = sun.security.provider.Sun RestrictedSecurity.Test-Profile.Updated_4.jce.provider.2 = RestrictedSecurity.Test-Profile.Updated_4.jce.provider.3 = sun.security.ec.SunEC RestrictedSecurity.Test-Profile.Updated_4.jce.provider.4 = sun.security.ssl.SunJSSE @@ -103,8 +102,8 @@ RestrictedSecurity.Test-Profile.Base.desc.default = true RestrictedSecurity.Test-Profile.Base.desc.hash = SHA256:e71c49d65fd291efe75993ccbe6999e6cfb26bf9ef3e8424cb086c7e2a225ce6 RestrictedSecurity.Test-Profile.Base.tls.disabledAlgorithms = -RestrictedSecurity.Test-Profile.Base.jce.provider.1 = com.ibm.crypto.plus.provider.OpenJCEPlusFIPS -RestrictedSecurity.Test-Profile.Base.jce.provider.2 = sun.security.provider.Sun +RestrictedSecurity.Test-Profile.Base.jce.provider.1 = sun.security.provider.Sun +RestrictedSecurity.Test-Profile.Base.jce.provider.2 = com.sun.crypto.provider.SunJCE RestrictedSecurity.Test-Profile.Base.jce.provider.4 = sun.security.ssl.SunJSSE # @@ -116,8 +115,8 @@ RestrictedSecurity.Test-Profile.Extended_1.desc.default = true RestrictedSecurity.Test-Profile.Extended_1.extends = RestrictedSecurity.TestBase.Version RestrictedSecurity.Test-Profile.Extended_1.tls.disabledAlgorithms = -RestrictedSecurity.Test-Profile.Extended_1.jce.provider.1 = com.ibm.crypto.plus.provider.OpenJCEPlusFIPS -RestrictedSecurity.Test-Profile.Extended_1.jce.provider.2 = sun.security.provider.Sun +RestrictedSecurity.Test-Profile.Extended_1.jce.provider.1 = sun.security.provider.Sun +RestrictedSecurity.Test-Profile.Extended_1.jce.provider.2 = com.sun.crypto.provider.SunJCE RestrictedSecurity.Test-Profile.Extended_1.jce.provider.3 = sun.security.rsa.SunRsaSign RestrictedSecurity.Test-Profile.Extended_1.jce.provider.5 = sun.security.ssl.SunJSSE @@ -141,8 +140,8 @@ RestrictedSecurity.Test-Profile.BaseOneProviderEmpty.desc.default = true RestrictedSecurity.Test-Profile.BaseOneProviderEmpty.desc.hash = SHA256:e71c49d65fd291efe75993ccbe6999e6cfb26bf9ef3e8424cb086c7e2a225ce6 RestrictedSecurity.Test-Profile.BaseOneProviderEmpty.tls.disabledAlgorithms = -RestrictedSecurity.Test-Profile.BaseOneProviderEmpty.jce.provider.1 = com.ibm.crypto.plus.provider.OpenJCEPlusFIPS -RestrictedSecurity.Test-Profile.BaseOneProviderEmpty.jce.provider.2 = sun.security.provider.Sun +RestrictedSecurity.Test-Profile.BaseOneProviderEmpty.jce.provider.1 = sun.security.provider.Sun +RestrictedSecurity.Test-Profile.BaseOneProviderEmpty.jce.provider.2 = com.sun.crypto.provider.SunJCE RestrictedSecurity.Test-Profile.BaseOneProviderEmpty.jce.provider.3 = RestrictedSecurity.Test-Profile.BaseOneProviderEmpty.jce.provider.4 = sun.security.ssl.SunJSSE @@ -155,12 +154,12 @@ RestrictedSecurity.Test-Profile.ExtendedOneProviderEmpty.desc.default = true RestrictedSecurity.Test-Profile.ExtendedOneProviderEmpty.extends = RestrictedSecurity.TestBase.Version RestrictedSecurity.Test-Profile.ExtendedOneProviderEmpty.tls.disabledAlgorithms = -RestrictedSecurity.Test-Profile.ExtendedOneProviderEmpty.jce.provider.1 = com.ibm.crypto.plus.provider.OpenJCEPlusFIPS -RestrictedSecurity.Test-Profile.ExtendedOneProviderEmpty.jce.provider.2 = sun.security.provider.Sun +RestrictedSecurity.Test-Profile.ExtendedOneProviderEmpty.jce.provider.1 = sun.security.provider.Sun +RestrictedSecurity.Test-Profile.ExtendedOneProviderEmpty.jce.provider.2 = com.sun.crypto.provider.SunJCE RestrictedSecurity.Test-Profile.ExtendedOneProviderEmpty.jce.provider.3 = sun.security.ssl.SunJSSE RestrictedSecurity.Test-Profile.ExtendedOneProviderEmpty.jce.provider.4 = sun.security.ec.SunEC RestrictedSecurity.Test-Profile.ExtendedOneProviderEmpty.jce.provider.5 = -RestrictedSecurity.Test-Profile.ExtendedOneProviderEmpty.jce.provider.6 = com.sun.crypto.provider.SunJCE +RestrictedSecurity.Test-Profile.ExtendedOneProviderEmpty.jce.provider.6 = sun.security.pkcs11.SunPKCS11 # # Test-Profile.BaseNoProviderList @@ -180,7 +179,7 @@ RestrictedSecurity.Test-Profile.ProviderClassName.desc.default = true RestrictedSecurity.Test-Profile.ProviderClassName.desc.hash = SHA256:e71c49d65fd291efe75993ccbe6999e6cfb26bf9ef3e8424cb086c7e2a225ce6 RestrictedSecurity.Test-Profile.ProviderClassName.tls.disabledAlgorithms = -RestrictedSecurity.Test-Profile.ProviderClassName.jce.provider.1 = OpenJCEPlusFIPS +RestrictedSecurity.Test-Profile.ProviderClassName.jce.provider.1 = SunJCE # # Test-Profile.ProviderFormat @@ -191,6 +190,6 @@ RestrictedSecurity.Test-Profile.ProviderFormat.desc.default = true RestrictedSecurity.Test-Profile.ProviderFormat.desc.hash = SHA256:e71c49d65fd291efe75993ccbe6999e6cfb26bf9ef3e8424cb086c7e2a225ce6 RestrictedSecurity.Test-Profile.ProviderFormat.tls.disabledAlgorithms = -RestrictedSecurity.Test-Profile.ProviderFormat.jce.provider.1 = com.ibm.crypto.plus.provider.OpenJCEPlusFIPS [ \ +RestrictedSecurity.Test-Profile.ProviderFormat.jce.provider.1 = com.sun.crypto.provider.SunJCE [ \ {AlgorithmParameterGenerator, AESGCM, *), \ {Signature, SHA512withRSA, *}]