diff options
| author | Tor Brede Vekterli <vekterli@oath.com> | 2019-01-24 16:34:54 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-01-24 16:34:54 +0100 |
| commit | 25f41d6c5fd105b47d9f0d0c1642f25fd9ac8795 (patch) | |
| tree | b5e22db7bcee5a9d41da33f261c33f351307cad1 /jrt/tests | |
| parent | 1ed75a5681fc19966fdb1940f3f55e6c8f5c2c76 (diff) | |
| parent | e9fb2bbd3ceb780b48c9aa60026f4f096ba2cc50 (diff) | |
Merge pull request #8218 from vespa-engine/bjorncs/tls
bjorncs/tls
Diffstat (limited to 'jrt/tests')
| -rw-r--r-- | jrt/tests/com/yahoo/jrt/CryptoUtils.java | 11 |
1 files changed, 5 insertions, 6 deletions
diff --git a/jrt/tests/com/yahoo/jrt/CryptoUtils.java b/jrt/tests/com/yahoo/jrt/CryptoUtils.java index 1c2280567cb..6890fe88da5 100644 --- a/jrt/tests/com/yahoo/jrt/CryptoUtils.java +++ b/jrt/tests/com/yahoo/jrt/CryptoUtils.java @@ -18,8 +18,8 @@ import java.security.KeyPair; import java.security.cert.X509Certificate; import java.time.Instant; -import static com.yahoo.security.KeyAlgorithm.RSA; -import static com.yahoo.security.SignatureAlgorithm.SHA256_WITH_RSA; +import static com.yahoo.security.KeyAlgorithm.EC; +import static com.yahoo.security.SignatureAlgorithm.SHA256_WITH_ECDSA; import static com.yahoo.security.X509CertificateBuilder.generateRandomSerialNumber; import static java.time.Instant.EPOCH; import static java.time.temporal.ChronoUnit.DAYS; @@ -29,13 +29,12 @@ import static java.util.Collections.singletonList; /** * @author bjorncs */ -// TODO Use EC. Java/JSSE is currently unable to find compatible ciphers when using elliptic curve crypto from BouncyCastle class CryptoUtils { - static final KeyPair keyPair = KeyUtils.generateKeypair(RSA); + static final KeyPair keyPair = KeyUtils.generateKeypair(EC); static final X509Certificate certificate = X509CertificateBuilder - .fromKeypair(keyPair, new X500Principal("CN=dummy"), EPOCH, Instant.now().plus(1, DAYS), SHA256_WITH_RSA, generateRandomSerialNumber()) + .fromKeypair(keyPair, new X500Principal("CN=dummy"), EPOCH, Instant.now().plus(1, DAYS), SHA256_WITH_ECDSA, generateRandomSerialNumber()) .build(); static final AuthorizedPeers authorizedPeers = new AuthorizedPeers( @@ -49,7 +48,7 @@ class CryptoUtils { Field.CN, new HostGlobPattern("dummy")))))); static TlsContext createTestTlsContext() { - return new DefaultTlsContext(singletonList(certificate), keyPair.getPrivate(), singletonList(certificate), authorizedPeers, AuthorizationMode.ENFORCE); + return new DefaultTlsContext(singletonList(certificate), keyPair.getPrivate(), singletonList(certificate), authorizedPeers, AuthorizationMode.ENFORCE, DefaultTlsContext.ALLOWED_CIPHER_SUITES); } } |