From 39c902f023ba4356a5bc9fd525dacf23b977eb04 Mon Sep 17 00:00:00 2001 From: Bjørn Christian Seime Date: Mon, 2 Dec 2019 13:57:23 +0100 Subject: Use JDK8 as build target for security-utils --- security-utils/pom.xml | 31 ++++++++++++++++++++++ .../com/yahoo/security/SubjectAlternativeName.java | 2 +- .../security/tls/AutoReloadingX509KeyManager.java | 4 +-- .../security/tls/ConfigFileBasedTlsContext.java | 8 +++--- .../com/yahoo/security/tls/DefaultTlsContext.java | 8 +++--- .../com/yahoo/security/tls/KeyManagerUtils.java | 2 +- .../java/com/yahoo/security/tls/TlsContext.java | 4 +-- .../com/yahoo/security/tls/TrustManagerUtils.java | 2 +- .../com/yahoo/vespa/jdk8compat/Collection.java | 16 +++++++++++ .../java/com/yahoo/vespa/jdk8compat/Files.java | 24 +++++++++++++++++ .../main/java/com/yahoo/vespa/jdk8compat/List.java | 17 ++++++++++++ .../main/java/com/yahoo/vespa/jdk8compat/Set.java | 18 +++++++++++++ .../com/yahoo/vespa/jdk8compat/package-info.java | 8 ++++++ .../tls/AutoReloadingX509KeyManagerTest.java | 9 +++---- .../tls/ConfigFileBasedTlsContextTest.java | 6 ++--- .../security/tls/MutableX509KeyManagerTest.java | 2 +- .../security/tls/TransportSecurityOptionsTest.java | 5 ++-- ...TransportSecurityOptionsJsonSerializerTest.java | 2 +- 18 files changed, 140 insertions(+), 28 deletions(-) create mode 100644 security-utils/src/main/java/com/yahoo/vespa/jdk8compat/Collection.java create mode 100644 security-utils/src/main/java/com/yahoo/vespa/jdk8compat/Files.java create mode 100644 security-utils/src/main/java/com/yahoo/vespa/jdk8compat/List.java create mode 100644 security-utils/src/main/java/com/yahoo/vespa/jdk8compat/Set.java create mode 100644 security-utils/src/main/java/com/yahoo/vespa/jdk8compat/package-info.java (limited to 'security-utils') diff --git a/security-utils/pom.xml b/security-utils/pom.xml index 10dec598915..4796a809293 100644 --- a/security-utils/pom.xml +++ b/security-utils/pom.xml @@ -11,6 +11,13 @@ security-utils container-plugin 7-SNAPSHOT + + + + + 8 + + @@ -19,6 +26,13 @@ ${project.version} provided + + + com.yahoo.vespa + jdisc_core + ${project.version} + provided + @@ -67,6 +81,23 @@ bundle-plugin true + + org.apache.maven.plugins + maven-compiler-plugin + + + ${java.version} + + ${java.version} + ${java.version} + true + + -Xlint:all + -Xlint:-serial + -Werror + + + diff --git a/security-utils/src/main/java/com/yahoo/security/SubjectAlternativeName.java b/security-utils/src/main/java/com/yahoo/security/SubjectAlternativeName.java index 81581c8146c..ab58c607891 100644 --- a/security-utils/src/main/java/com/yahoo/security/SubjectAlternativeName.java +++ b/security-utils/src/main/java/com/yahoo/security/SubjectAlternativeName.java @@ -64,7 +64,7 @@ public class SubjectAlternativeName { case GeneralName.directoryName: return X500Name.getInstance(name).toString(); case GeneralName.iPAddress: - var octets = DEROctetString.getInstance(name.toASN1Primitive()).getOctets(); + byte[] octets = DEROctetString.getInstance(name.toASN1Primitive()).getOctets(); try { return InetAddress.getByAddress(octets).getHostAddress(); } catch (UnknownHostException e) { diff --git a/security-utils/src/main/java/com/yahoo/security/tls/AutoReloadingX509KeyManager.java b/security-utils/src/main/java/com/yahoo/security/tls/AutoReloadingX509KeyManager.java index faf6ecb4348..18764f51dc5 100644 --- a/security-utils/src/main/java/com/yahoo/security/tls/AutoReloadingX509KeyManager.java +++ b/security-utils/src/main/java/com/yahoo/security/tls/AutoReloadingX509KeyManager.java @@ -64,8 +64,8 @@ public class AutoReloadingX509KeyManager extends X509ExtendedKeyManager implemen return KeyStoreBuilder.withType(KeyStoreType.PKCS12) .withKeyEntry( CERTIFICATE_ALIAS, - KeyUtils.fromPemEncodedPrivateKey(Files.readString(privateKey)), - X509CertificateUtils.certificateListFromPem(Files.readString(certificateChain))) + KeyUtils.fromPemEncodedPrivateKey(com.yahoo.vespa.jdk8compat.Files.readString(privateKey)), + X509CertificateUtils.certificateListFromPem(com.yahoo.vespa.jdk8compat.Files.readString(certificateChain))) .build(); } catch (IOException e) { throw new UncheckedIOException(e); diff --git a/security-utils/src/main/java/com/yahoo/security/tls/ConfigFileBasedTlsContext.java b/security-utils/src/main/java/com/yahoo/security/tls/ConfigFileBasedTlsContext.java index f5bd866eb27..f746480b126 100644 --- a/security-utils/src/main/java/com/yahoo/security/tls/ConfigFileBasedTlsContext.java +++ b/security-utils/src/main/java/com/yahoo/security/tls/ConfigFileBasedTlsContext.java @@ -85,7 +85,7 @@ public class ConfigFileBasedTlsContext implements TlsContext { private static KeyStore loadTruststore(Path caCertificateFile) { try { return KeyStoreBuilder.withType(KeyStoreType.PKCS12) - .withCertificateEntries("cert", X509CertificateUtils.certificateListFromPem(Files.readString(caCertificateFile))) + .withCertificateEntries("cert", X509CertificateUtils.certificateListFromPem(com.yahoo.vespa.jdk8compat.Files.readString(caCertificateFile))) .build(); } catch (IOException e) { throw new UncheckedIOException(e); @@ -97,8 +97,8 @@ public class ConfigFileBasedTlsContext implements TlsContext { return KeyStoreBuilder.withType(KeyStoreType.PKCS12) .withKeyEntry( "default", - KeyUtils.fromPemEncodedPrivateKey(Files.readString(privateKeyFile)), - X509CertificateUtils.certificateListFromPem(Files.readString(certificatesFile))) + KeyUtils.fromPemEncodedPrivateKey(com.yahoo.vespa.jdk8compat.Files.readString(privateKeyFile)), + X509CertificateUtils.certificateListFromPem(com.yahoo.vespa.jdk8compat.Files.readString(certificatesFile))) .build(); } catch (IOException e) { throw new UncheckedIOException(e); @@ -115,7 +115,7 @@ public class ConfigFileBasedTlsContext implements TlsContext { .withTrustManagerFactory( ignoredTruststore -> options.getAuthorizedPeers() .map(authorizedPeers -> (X509ExtendedTrustManager) new PeerAuthorizerTrustManager(authorizedPeers, mode, mutableTrustManager)) - .orElseGet(() -> new PeerAuthorizerTrustManager(new AuthorizedPeers(Set.of()), AuthorizationMode.DISABLE, mutableTrustManager))) + .orElseGet(() -> new PeerAuthorizerTrustManager(new AuthorizedPeers(com.yahoo.vespa.jdk8compat.Set.of()), AuthorizationMode.DISABLE, mutableTrustManager))) .build(); List acceptedCiphers = options.getAcceptedCiphers(); Set ciphers = acceptedCiphers.isEmpty() ? TlsContext.ALLOWED_CIPHER_SUITES : new HashSet<>(acceptedCiphers); diff --git a/security-utils/src/main/java/com/yahoo/security/tls/DefaultTlsContext.java b/security-utils/src/main/java/com/yahoo/security/tls/DefaultTlsContext.java index f4a89da988a..c3f10a464a5 100644 --- a/security-utils/src/main/java/com/yahoo/security/tls/DefaultTlsContext.java +++ b/security-utils/src/main/java/com/yahoo/security/tls/DefaultTlsContext.java @@ -63,14 +63,14 @@ public class DefaultTlsContext implements TlsContext { String.format("None of the accepted ciphers are supported (supported=%s, accepted=%s)", supportedCiphers, acceptedCiphers)); } - log.log(Level.FINE, () -> String.format("Allowed cipher suites that are supported: %s", List.of(allowedCiphers))); + log.log(Level.FINE, () -> String.format("Allowed cipher suites that are supported: %s", com.yahoo.vespa.jdk8compat.List.of(allowedCiphers))); return allowedCiphers; } private static String[] getAllowedProtocols(SSLContext sslContext) { Set allowedProtocols = TlsContext.getAllowedProtocols(sslContext); - log.log(Level.FINE, () -> String.format("Allowed protocols that are supported: %s", List.of(allowedProtocols))); - return allowedProtocols.toArray(String[]::new); + log.log(Level.FINE, () -> String.format("Allowed protocols that are supported: %s", com.yahoo.vespa.jdk8compat.List.of(allowedProtocols))); + return com.yahoo.vespa.jdk8compat.Collection.toArray(allowedProtocols, String[]::new); } @Override @@ -131,7 +131,7 @@ public class DefaultTlsContext implements TlsContext { if (authorizedPeers != null) { builder.withTrustManagerFactory(truststore -> new PeerAuthorizerTrustManager(authorizedPeers, mode, truststore)); } else { - builder.withTrustManagerFactory(truststore -> new PeerAuthorizerTrustManager(new AuthorizedPeers(Set.of()), AuthorizationMode.DISABLE, truststore)); + builder.withTrustManagerFactory(truststore -> new PeerAuthorizerTrustManager(new AuthorizedPeers(com.yahoo.vespa.jdk8compat.Set.of()), AuthorizationMode.DISABLE, truststore)); } return builder.build(); } diff --git a/security-utils/src/main/java/com/yahoo/security/tls/KeyManagerUtils.java b/security-utils/src/main/java/com/yahoo/security/tls/KeyManagerUtils.java index 2e48de3c01f..c60f13f9729 100644 --- a/security-utils/src/main/java/com/yahoo/security/tls/KeyManagerUtils.java +++ b/security-utils/src/main/java/com/yahoo/security/tls/KeyManagerUtils.java @@ -30,7 +30,7 @@ public class KeyManagerUtils { .filter(manager -> manager instanceof X509ExtendedKeyManager) .map(X509ExtendedKeyManager.class::cast) .findFirst() - .orElseThrow(() -> new RuntimeException("No X509ExtendedKeyManager in " + List.of(keyManagers))); + .orElseThrow(() -> new RuntimeException("No X509ExtendedKeyManager in " + com.yahoo.vespa.jdk8compat.List.of(keyManagers))); } catch (GeneralSecurityException e) { throw new RuntimeException(e); } diff --git a/security-utils/src/main/java/com/yahoo/security/tls/TlsContext.java b/security-utils/src/main/java/com/yahoo/security/tls/TlsContext.java index 4eea1eb3d72..e12ea3cf47d 100644 --- a/security-utils/src/main/java/com/yahoo/security/tls/TlsContext.java +++ b/security-utils/src/main/java/com/yahoo/security/tls/TlsContext.java @@ -23,7 +23,7 @@ public interface TlsContext extends AutoCloseable { * For TLSv1.3 we allow the DEFAULT group ciphers. * Note that we _only_ allow AEAD ciphers for either TLS version. */ - Set ALLOWED_CIPHER_SUITES = Set.of( + Set ALLOWED_CIPHER_SUITES = com.yahoo.vespa.jdk8compat.Set.of( "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256", // Java 12 @@ -34,7 +34,7 @@ public interface TlsContext extends AutoCloseable { "TLS_AES_256_GCM_SHA384", // TLSv1.3 "TLS_CHACHA20_POLY1305_SHA256"); // TLSv1.3, Java 12 - Set ALLOWED_PROTOCOLS = Set.of("TLSv1.2"); // TODO Enable TLSv1.3 + Set ALLOWED_PROTOCOLS = com.yahoo.vespa.jdk8compat.Set.of("TLSv1.2"); // TODO Enable TLSv1.3 String SSL_CONTEXT_VERSION = "TLSv1.2"; // TODO Enable TLSv1.3 /** diff --git a/security-utils/src/main/java/com/yahoo/security/tls/TrustManagerUtils.java b/security-utils/src/main/java/com/yahoo/security/tls/TrustManagerUtils.java index 7c1d7070617..17f56011261 100644 --- a/security-utils/src/main/java/com/yahoo/security/tls/TrustManagerUtils.java +++ b/security-utils/src/main/java/com/yahoo/security/tls/TrustManagerUtils.java @@ -29,7 +29,7 @@ public class TrustManagerUtils { .filter(manager -> manager instanceof X509ExtendedTrustManager) .map(X509ExtendedTrustManager.class::cast) .findFirst() - .orElseThrow(() -> new RuntimeException("No X509ExtendedTrustManager in " + List.of(trustManagers))); + .orElseThrow(() -> new RuntimeException("No X509ExtendedTrustManager in " + com.yahoo.vespa.jdk8compat.List.of(trustManagers))); } catch (GeneralSecurityException e) { throw new RuntimeException(e); } diff --git a/security-utils/src/main/java/com/yahoo/vespa/jdk8compat/Collection.java b/security-utils/src/main/java/com/yahoo/vespa/jdk8compat/Collection.java new file mode 100644 index 00000000000..fbfea01b2c7 --- /dev/null +++ b/security-utils/src/main/java/com/yahoo/vespa/jdk8compat/Collection.java @@ -0,0 +1,16 @@ +// Copyright 2019 Oath Inc. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. +package com.yahoo.vespa.jdk8compat; + +import java.util.function.IntFunction; + +/** + * Backport of new {@link java.util.Collection} methods added after JDK8 + * + * @author bjorncs + */ +public interface Collection { + static T[] toArray(java.util.Collection collection, IntFunction generator) { + return collection.toArray(generator.apply(collection.size())); + } + +} diff --git a/security-utils/src/main/java/com/yahoo/vespa/jdk8compat/Files.java b/security-utils/src/main/java/com/yahoo/vespa/jdk8compat/Files.java new file mode 100644 index 00000000000..cc3bd698cd5 --- /dev/null +++ b/security-utils/src/main/java/com/yahoo/vespa/jdk8compat/Files.java @@ -0,0 +1,24 @@ +// Copyright 2019 Oath Inc. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. +package com.yahoo.vespa.jdk8compat; + +import java.io.IOException; +import java.nio.charset.StandardCharsets; +import java.nio.file.OpenOption; +import java.nio.file.Path; + +/** + * Backport of new {@link java.nio.file.Files} methods added after JDK8 + * + * @author bjorncs + */ +public interface Files { + + static String readString(Path path) throws IOException { + byte[] bytes = java.nio.file.Files.readAllBytes(path); + return new String(bytes, StandardCharsets.UTF_8); + } + + static Path writeString(Path path, CharSequence string, OpenOption... options) throws IOException { + return java.nio.file.Files.write(path, string.toString().getBytes(), options); + } +} diff --git a/security-utils/src/main/java/com/yahoo/vespa/jdk8compat/List.java b/security-utils/src/main/java/com/yahoo/vespa/jdk8compat/List.java new file mode 100644 index 00000000000..f57834e93cb --- /dev/null +++ b/security-utils/src/main/java/com/yahoo/vespa/jdk8compat/List.java @@ -0,0 +1,17 @@ +// Copyright 2019 Oath Inc. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. +package com.yahoo.vespa.jdk8compat; + +import java.util.Arrays; + +/** + * Backport of new {@link java.util.List} methods added after JDK8 + * + * @author bjorncs + */ +public interface List { + @SafeVarargs + @SuppressWarnings("varargs") + static java.util.List of(E... elements) { + return Arrays.asList(elements); + } +} diff --git a/security-utils/src/main/java/com/yahoo/vespa/jdk8compat/Set.java b/security-utils/src/main/java/com/yahoo/vespa/jdk8compat/Set.java new file mode 100644 index 00000000000..b2c998bb716 --- /dev/null +++ b/security-utils/src/main/java/com/yahoo/vespa/jdk8compat/Set.java @@ -0,0 +1,18 @@ +// Copyright 2019 Oath Inc. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. +package com.yahoo.vespa.jdk8compat; + +import java.util.Arrays; +import java.util.HashSet; + +/** + * Backport of new {@link java.util.Set} methods added after JDK8 + * + * @author bjorncs + */ +public interface Set { + @SafeVarargs + @SuppressWarnings("varargs") + static java.util.Set of(E... elements) { + return new HashSet<>(Arrays.asList(elements)); + } +} diff --git a/security-utils/src/main/java/com/yahoo/vespa/jdk8compat/package-info.java b/security-utils/src/main/java/com/yahoo/vespa/jdk8compat/package-info.java new file mode 100644 index 00000000000..40d74321438 --- /dev/null +++ b/security-utils/src/main/java/com/yahoo/vespa/jdk8compat/package-info.java @@ -0,0 +1,8 @@ +// Copyright 2019 Oath Inc. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. +/** + * JDK8 port of types and methods added in later JDK versions. + * TODO Remove this package once vespa-http-client/security-utils no longer targets JDK8 + * + * @author bjorncs + */ +package com.yahoo.vespa.jdk8compat; \ No newline at end of file diff --git a/security-utils/src/test/java/com/yahoo/security/tls/AutoReloadingX509KeyManagerTest.java b/security-utils/src/test/java/com/yahoo/security/tls/AutoReloadingX509KeyManagerTest.java index 823989ac4ca..22710e7f393 100644 --- a/security-utils/src/test/java/com/yahoo/security/tls/AutoReloadingX509KeyManagerTest.java +++ b/security-utils/src/test/java/com/yahoo/security/tls/AutoReloadingX509KeyManagerTest.java @@ -15,7 +15,6 @@ import org.mockito.Mockito; import javax.security.auth.x500.X500Principal; import java.io.IOException; import java.math.BigInteger; -import java.nio.file.Files; import java.nio.file.Path; import java.security.KeyPair; import java.security.Principal; @@ -42,12 +41,12 @@ public class AutoReloadingX509KeyManagerTest { public void crypto_material_is_reloaded_when_scheduler_task_is_executed() throws IOException { KeyPair keyPair = KeyUtils.generateKeypair(KeyAlgorithm.EC); Path privateKeyFile = tempDirectory.newFile().toPath(); - Files.writeString(privateKeyFile, KeyUtils.toPem(keyPair.getPrivate())); + com.yahoo.vespa.jdk8compat.Files.writeString(privateKeyFile, KeyUtils.toPem(keyPair.getPrivate())); Path certificateFile = tempDirectory.newFile().toPath(); BigInteger serialNumberInitialCertificate = BigInteger.ONE; X509Certificate initialCertificate = generateCertificate(keyPair, serialNumberInitialCertificate); - Files.writeString(certificateFile, X509CertificateUtils.toPem(initialCertificate)); + com.yahoo.vespa.jdk8compat.Files.writeString(certificateFile, X509CertificateUtils.toPem(initialCertificate)); ScheduledExecutorService scheduler = Mockito.mock(ScheduledExecutorService.class); ArgumentCaptor updaterTaskCaptor = ArgumentCaptor.forClass(Runnable.class); @@ -60,9 +59,9 @@ public class AutoReloadingX509KeyManagerTest { assertThat(certChain).hasSize(1); assertThat(certChain[0].getSerialNumber()).isEqualTo(serialNumberInitialCertificate); - BigInteger serialNumberUpdatedCertificate = BigInteger.TWO; + BigInteger serialNumberUpdatedCertificate = BigInteger.TEN; X509Certificate updatedCertificate = generateCertificate(keyPair, serialNumberUpdatedCertificate); - Files.writeString(certificateFile, X509CertificateUtils.toPem(updatedCertificate)); + com.yahoo.vespa.jdk8compat.Files.writeString(certificateFile, X509CertificateUtils.toPem(updatedCertificate)); updaterTaskCaptor.getValue().run(); // run update task in ReloadingX509KeyManager diff --git a/security-utils/src/test/java/com/yahoo/security/tls/ConfigFileBasedTlsContextTest.java b/security-utils/src/test/java/com/yahoo/security/tls/ConfigFileBasedTlsContextTest.java index 4e6f0a141b0..54a1e3847f9 100644 --- a/security-utils/src/test/java/com/yahoo/security/tls/ConfigFileBasedTlsContextTest.java +++ b/security-utils/src/test/java/com/yahoo/security/tls/ConfigFileBasedTlsContextTest.java @@ -35,17 +35,17 @@ public class ConfigFileBasedTlsContextTest { public void can_create_sslcontext_from_credentials() throws IOException, InterruptedException { KeyPair keyPair = KeyUtils.generateKeypair(EC); Path privateKeyFile = tempDirectory.newFile().toPath(); - Files.writeString(privateKeyFile, KeyUtils.toPem(keyPair.getPrivate())); + com.yahoo.vespa.jdk8compat.Files.writeString(privateKeyFile, KeyUtils.toPem(keyPair.getPrivate())); X509Certificate certificate = X509CertificateBuilder .fromKeypair(keyPair, new X500Principal("CN=dummy"), EPOCH, EPOCH.plus(1, DAYS), SHA256_WITH_ECDSA, BigInteger.ONE) .build(); Path certificateChainFile = tempDirectory.newFile().toPath(); String certificatePem = X509CertificateUtils.toPem(certificate); - Files.writeString(certificateChainFile, certificatePem); + com.yahoo.vespa.jdk8compat.Files.writeString(certificateChainFile, certificatePem); Path caCertificatesFile = tempDirectory.newFile().toPath(); - Files.writeString(caCertificatesFile, certificatePem); + com.yahoo.vespa.jdk8compat.Files.writeString(caCertificatesFile, certificatePem); TransportSecurityOptions options = new TransportSecurityOptions.Builder() .withCertificates(certificateChainFile, privateKeyFile) diff --git a/security-utils/src/test/java/com/yahoo/security/tls/MutableX509KeyManagerTest.java b/security-utils/src/test/java/com/yahoo/security/tls/MutableX509KeyManagerTest.java index 30e54d3c09d..2a6ee35ec18 100644 --- a/security-utils/src/test/java/com/yahoo/security/tls/MutableX509KeyManagerTest.java +++ b/security-utils/src/test/java/com/yahoo/security/tls/MutableX509KeyManagerTest.java @@ -42,7 +42,7 @@ public class MutableX509KeyManagerTest { assertThat(certChain).hasSize(1); assertThat(certChain[0].getSerialNumber()).isEqualTo(serialNumberInitialCertificate); - BigInteger serialNumberUpdatedCertificate = BigInteger.TWO; + BigInteger serialNumberUpdatedCertificate = BigInteger.TEN; KeyStore updatedKeystore = generateKeystore(keyPair, serialNumberUpdatedCertificate); keyManager.updateKeystore(updatedKeystore, new char[0]); diff --git a/security-utils/src/test/java/com/yahoo/security/tls/TransportSecurityOptionsTest.java b/security-utils/src/test/java/com/yahoo/security/tls/TransportSecurityOptionsTest.java index 9d8f26cdd2c..28dc10d31d5 100644 --- a/security-utils/src/test/java/com/yahoo/security/tls/TransportSecurityOptionsTest.java +++ b/security-utils/src/test/java/com/yahoo/security/tls/TransportSecurityOptionsTest.java @@ -8,9 +8,8 @@ import java.nio.charset.StandardCharsets; import java.nio.file.Files; import java.nio.file.Path; import java.nio.file.Paths; -import java.util.List; -import static org.junit.Assert.*; +import static org.junit.Assert.assertEquals; /** * @author bjorncs @@ -21,7 +20,7 @@ public class TransportSecurityOptionsTest { private static final TransportSecurityOptions OPTIONS = new TransportSecurityOptions.Builder() .withCertificates(Paths.get("certs.pem"), Paths.get("myhost.key")) .withCaCertificates(Paths.get("my_cas.pem")) - .withAcceptedCiphers(List.of("TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384" , "TLS_AES_256_GCM_SHA384")) + .withAcceptedCiphers(com.yahoo.vespa.jdk8compat.List.of("TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384" , "TLS_AES_256_GCM_SHA384")) .build(); @Test diff --git a/security-utils/src/test/java/com/yahoo/security/tls/json/TransportSecurityOptionsJsonSerializerTest.java b/security-utils/src/test/java/com/yahoo/security/tls/json/TransportSecurityOptionsJsonSerializerTest.java index 03489a60784..078aa58c948 100644 --- a/security-utils/src/test/java/com/yahoo/security/tls/json/TransportSecurityOptionsJsonSerializerTest.java +++ b/security-utils/src/test/java/com/yahoo/security/tls/json/TransportSecurityOptionsJsonSerializerTest.java @@ -65,7 +65,7 @@ public class TransportSecurityOptionsJsonSerializerTest { TransportSecurityOptions options = new TransportSecurityOptions.Builder() .withCertificates(Paths.get("certs.pem"), Paths.get("myhost.key")) .withCaCertificates(Paths.get("my_cas.pem")) - .withAcceptedCiphers(List.of("TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384" , "TLS_AES_256_GCM_SHA384")) + .withAcceptedCiphers(com.yahoo.vespa.jdk8compat.List.of("TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384" , "TLS_AES_256_GCM_SHA384")) .build(); File outputFile = tempDirectory.newFile(); try (OutputStream out = Files.newOutputStream(outputFile.toPath())) { -- cgit v1.2.3