Skip to content

add get/setUseCipherSuitesOrder to ParametersHelper#287

Merged
cconlon merged 2 commits intowolfSSL:masterfrom
rlm2002:SSLContextImpl_PropnParams
Oct 15, 2025
Merged

add get/setUseCipherSuitesOrder to ParametersHelper#287
cconlon merged 2 commits intowolfSSL:masterfrom
rlm2002:SSLContextImpl_PropnParams

Conversation

@rlm2002
Copy link
Copy Markdown
Contributor

@rlm2002 rlm2002 commented Sep 19, 2025
edited
Loading

Add out.setUseCipherSuitesOrder(in.getUseCipherSuitesOrder()); and ret.setUseCipherSuitesOrder(in.getUseCipherSuitesOrder()); to ParametersHelper.

Wraps wolfSSL_UseClientSuites() to set native ssl to use client's order of preference if SSLParameter useCipherSuiteOrder = false when calling setLocalCiphers() in WolfSSLEngineHelper.

Add unit test to ensure function works properly.

Change was made to pass SunJSSE test SSLContextImpl/DefaultCipherSuitePreference.java

@rlm2002 rlm2002 self-assigned this Sep 19, 2025
@rlm2002 rlm2002 force-pushed the SSLContextImpl_PropnParams branch 2 times, most recently from dae452b to 1307631 Compare September 19, 2025 19:27
@rlm2002 rlm2002 assigned cconlon and unassigned rlm2002 Sep 22, 2025
@cconlon
Copy link
Copy Markdown
Member

cconlon commented Sep 22, 2025

Looks good so far. Please continue with implementation of wrapping native wolfSSL's wolfSSL_UseClientSuites() in JNI inside WolfSSLSession.java, and calling it from WolfSSLEngineHelper.setLocalCipherSuiteOrder() when set via the Java parameters.

@cconlon cconlon assigned rlm2002 and unassigned cconlon Sep 22, 2025
@rlm2002 rlm2002 force-pushed the SSLContextImpl_PropnParams branch 2 times, most recently from 4dbd6bc to 01e4e80 Compare September 26, 2025 18:11
@rlm2002
JSSE: add get/setUseCipherSuitesOrder to ParametersHelper
b0edf0e 
 wrap get/set SNIMatchers and UsecipherSuitesOrder with try/catch
@rlm2002 rlm2002 force-pushed the SSLContextImpl_PropnParams branch from 01e4e80 to a4631ad Compare September 26, 2025 21:33
@rlm2002 rlm2002 assigned cconlon and unassigned rlm2002 Sep 26, 2025
@cconlon cconlon requested a review from Copilot October 14, 2025 20:54
Copilot AI reviewed Oct 14, 2025
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR implements support for client cipher suite preference ordering in wolfSSL, adding the ability to honor the client's cipher suite order when establishing TLS connections.

  • Adds get/setUseCipherSuitesOrder methods to WolfSSLParametersHelper with reflection-based handling
  • Implements native useClientSuites() wrapper around wolfSSL_UseClientSuites()
  • Adds comprehensive unit test to verify server honors client cipher suite preferences

Reviewed Changes

Copilot reviewed 6 out of 6 changed files in this pull request and generated 3 comments.

Show a summary per file
File Description
WolfSSLParametersHelper.java Adds reflection support for UseCipherSuitesOrder parameter handling
WolfSSLEngineHelper.java Implements logic to call useClientSuites() when server should honor client preferences
WolfSSLSession.java Adds useClientSuites() method wrapper for native wolfSSL function
com_wolfssl_WolfSSLSession.h Adds JNI header declaration for useClientSuites
com_wolfssl_WolfSSLSession.c Implements JNI native method calling wolfSSL_UseClientSuites()
WolfSSLSocketTest.java Adds unit test and converts C-style comments to Java-style

Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.

Comment thread src/java/com/wolfssl/WolfSSLSession.java Outdated
Comment thread src/java/com/wolfssl/provider/jsse/WolfSSLParametersHelper.java Outdated
Comment thread src/java/com/wolfssl/provider/jsse/WolfSSLParametersHelper.java
cconlon
cconlon requested changes Oct 15, 2025
View reviewed changes
Copy link
Copy Markdown
Member

@cconlon cconlon left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

See minor comments from Copilot, thanks

@cconlon cconlon assigned rlm2002 and unassigned cconlon Oct 15, 2025
@rlm2002
JCE: wrap useClientSuites() in WolfSSLSession, modify logic in WolfSS…
57f1dfe 
…LEngineHelper

JSSE: add unit test for useClientSuites
add alias for cipher to cipher suite preference test
@rlm2002 rlm2002 force-pushed the SSLContextImpl_PropnParams branch from a4631ad to 57f1dfe Compare October 15, 2025 15:49
@rlm2002 rlm2002 assigned cconlon and unassigned rlm2002 Oct 15, 2025
@cconlon cconlon merged commit ca4bfe1 into wolfSSL:master Oct 15, 2025
55 checks passed
@rlm2002 rlm2002 deleted the SSLContextImpl_PropnParams branch January 5, 2026 16:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@cconlon cconlon cconlon approved these changes

Assignees

@cconlon cconlon

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@rlm2002 @cconlon