ibmruntimes
diff --git a/‎test/jdk/javax/net/ssl/DTLS/CipherSuite.java
+2-2 b/‎test/jdk/javax/net/ssl/DTLS/CipherSuite.java
+2-2
diff --git a/‎test/jdk/javax/net/ssl/DTLS/DTLSWontNegotiateV10.java
+2-2 b/‎test/jdk/javax/net/ssl/DTLS/DTLSWontNegotiateV10.java
+2-2
diff --git a/‎test/jdk/javax/net/ssl/DTLS/WeakCipherSuite.java
+2-2 b/‎test/jdk/javax/net/ssl/DTLS/WeakCipherSuite.java
+2-2
diff --git a/‎test/jdk/javax/net/ssl/FixingJavadocs/ImplicitHandshake.java
+4-3 b/‎test/jdk/javax/net/ssl/FixingJavadocs/ImplicitHandshake.java
+4-3
diff --git a/‎test/jdk/javax/net/ssl/HttpsURLConnection/CriticalSubjectAltName.java
+6-5 b/‎test/jdk/javax/net/ssl/HttpsURLConnection/CriticalSubjectAltName.java
+6-5
diff --git a/‎test/jdk/javax/net/ssl/HttpsURLConnection/GetResponseCode.java
+4-3 b/‎test/jdk/javax/net/ssl/HttpsURLConnection/GetResponseCode.java
+4-3
diff --git a/‎test/jdk/javax/net/ssl/SSLEngine/Arrays.java
+2-2 b/‎test/jdk/javax/net/ssl/SSLEngine/Arrays.java
+2-2
diff --git a/‎test/jdk/javax/net/ssl/SSLEngine/Basics.java
+2-2 b/‎test/jdk/javax/net/ssl/SSLEngine/Basics.java
+2-2
diff --git a/‎test/jdk/javax/net/ssl/SSLEngine/CheckTlsEngineResults.java
+2-1 b/‎test/jdk/javax/net/ssl/SSLEngine/CheckTlsEngineResults.java
+2-1
diff --git a/‎test/jdk/javax/net/ssl/SSLEngine/ConnectionTest.java
+2-1 b/‎test/jdk/javax/net/ssl/SSLEngine/ConnectionTest.java
+2-1
diff --git a/‎test/jdk/javax/net/ssl/SSLEngine/EngineCloseOnAlert.java
+2-1 b/‎test/jdk/javax/net/ssl/SSLEngine/EngineCloseOnAlert.java
+2-1
diff --git a/‎test/jdk/javax/net/ssl/SSLEngine/LargeBufs.java
+2-1 b/‎test/jdk/javax/net/ssl/SSLEngine/LargeBufs.java
+2-1
diff --git a/‎test/jdk/javax/net/ssl/SSLEngine/NoAuthClientAuth.java
+2-2 b/‎test/jdk/javax/net/ssl/SSLEngine/NoAuthClientAuth.java
+2-2
diff --git a/‎test/jdk/javax/net/ssl/SSLEngine/TestAllSuites.java
+2-2 b/‎test/jdk/javax/net/ssl/SSLEngine/TestAllSuites.java
+2-2
diff --git a/‎test/jdk/javax/net/ssl/SSLParameters/UseCipherSuitesOrder.java
+6-5 b/‎test/jdk/javax/net/ssl/SSLParameters/UseCipherSuitesOrder.java
+6-5
diff --git a/‎test/jdk/javax/net/ssl/SSLSession/HttpsURLConnectionLocalCertificateChain.java
+4-3 b/‎test/jdk/javax/net/ssl/SSLSession/HttpsURLConnectionLocalCertificateChain.java
+4-3
diff --git a/‎test/jdk/javax/net/ssl/SSLSession/JSSERenegotiate.java
+5-4 b/‎test/jdk/javax/net/ssl/SSLSession/JSSERenegotiate.java
+5-4
diff --git a/‎test/jdk/javax/net/ssl/SSLSession/RenegotiateTLS13.java
+4-3 b/‎test/jdk/javax/net/ssl/SSLSession/RenegotiateTLS13.java
+4-3
@@ -65,7 +65,7 @@ public class CipherSuite extends DTLSOverDatagram {
 
     public static void main(String[] args) throws Exception {
         if (args.length > 1 && "re-enable".equals(args[1]) 
-        && !(Utils.isFIPS())) {
+        && !(SecurityUtils.isFIPS())) {
             Security.setProperty("jdk.tls.disabledAlgorithms", "");
         }
 
@@ -75,7 +75,7 @@ public static void main(String[] args) throws Exception {
         try {
             testCase.runTest(testCase);
         } catch (javax.net.ssl.SSLHandshakeException sslhe) {
-            if (Utils.isFIPS()) {
+            if (SecurityUtils.isFIPS()) {
                 if(!SecurityUtils.TLS_CIPHERSUITES.containsKey(cipherSuite)) {
                     if ("No appropriate protocol (protocol is disabled or cipher suites are inappropriate)".equals(sslhe.getMessage())) {
                         System.out.println("Expected exception msg: <No appropriate protocol (protocol is disabled or cipher suites are inappropriate)> is caught");
 
@@ -53,7 +53,7 @@ public class DTLSWontNegotiateV10 {
     public static void main(String[] args) throws Exception {
 
         if (args[0].equals(DTLSV_1_0) 
-        && !(Utils.isFIPS())) {
+        && !(SecurityUtils.isFIPS())) {
             SecurityUtils.removeFromDisabledTlsAlgs(DTLSV_1_0);
         }
 
@@ -77,7 +77,7 @@ public static void main(String[] args) throws Exception {
                 } catch (SocketTimeoutException exc) {
                     System.out.println("The server timed-out waiting for packets from the client.");
                 } catch (javax.net.ssl.SSLHandshakeException sslhe) {
-                    if (Utils.isFIPS()) {
+                    if (SecurityUtils.isFIPS()) {
                         if(!SecurityUtils.TLS_PROTOCOLS.contains(args[0])) {
                             if ("No appropriate protocol (protocol is disabled or cipher suites are inappropriate)".equals(sslhe.getMessage())) {
                                 System.out.println("Expected exception msg: <No appropriate protocol (protocol is disabled or cipher suites are inappropriate)> is caught");
 
@@ -55,7 +55,7 @@ public class WeakCipherSuite extends DTLSOverDatagram {
     public static void main(String[] args) throws Exception {
         // reset security properties to make sure that the algorithms
         // and keys used in this test are not disabled.
-        if (!(Utils.isFIPS())) {
+        if (!(SecurityUtils.isFIPS())) {
             Security.setProperty("jdk.tls.disabledAlgorithms", "");
             Security.setProperty("jdk.certpath.disabledAlgorithms", "");
         }
@@ -66,7 +66,7 @@ public static void main(String[] args) throws Exception {
         try {
             testCase.runTest(testCase);
         } catch (javax.net.ssl.SSLHandshakeException sslhe) {
-            if (Utils.isFIPS()) {
+            if (SecurityUtils.isFIPS()) {
                 if(!SecurityUtils.TLS_CIPHERSUITES.containsKey(cipherSuite)) {
                     if ("No appropriate protocol (protocol is disabled or cipher suites are inappropriate)".equals(sslhe.getMessage())) {
                         System.out.println("Expected exception msg: <No appropriate protocol (protocol is disabled or cipher suites are inappropriate)> is caught");
 
@@ -39,6 +39,7 @@
 import javax.net.ssl.*;
 
 import jdk.test.lib.Utils;
+import jdk.test.lib.security.SecurityUtils;
 
 public class ImplicitHandshake {
 
@@ -194,9 +195,9 @@ public static void main(String[] args) throws Exception {
             System.getProperty("test.src", "./") + "/" + pathToStores +
                 "/" + trustStoreFile;
 
-        if (Utils.isFIPS()) {
-            keyFilename = Utils.revertJKSToPKCS12(keyFilename, passwd);
-            trustFilename = Utils.revertJKSToPKCS12(trustFilename, passwd);
+        if (SecurityUtils.isFIPS()) {
+            keyFilename = SecurityUtils.revertJKSToPKCS12(keyFilename, passwd);
+            trustFilename = SecurityUtils.revertJKSToPKCS12(trustFilename, passwd);
         }
         System.setProperty("javax.net.ssl.keyStore", keyFilename);
         System.setProperty("javax.net.ssl.keyStorePassword", passwd);
 
@@ -55,6 +55,7 @@
 import java.security.cert.Certificate;
 
 import jdk.test.lib.Utils;
+import jdk.test.lib.security.SecurityUtils;
 
 public class CriticalSubjectAltName implements HostnameVerifier {
     /*
@@ -162,7 +163,7 @@ void doClientSide() throws Exception {
 
     public static void main(String[] args) throws Exception {
         // MD5 is used in this test case, don't disable MD5 algorithm.
-        if (!(Utils.isFIPS())) {
+        if (!(SecurityUtils.isFIPS())) {
             Security.setProperty("jdk.certpath.disabledAlgorithms",
                     "MD2, RSA keySize < 1024");
             Security.setProperty("jdk.tls.disabledAlgorithms",
@@ -176,9 +177,9 @@ public static void main(String[] args) throws Exception {
             System.getProperty("test.src", "./") + "/" + pathToStores +
                 "/" + trustStoreFile;
 
-        if (Utils.isFIPS()) {
-            keyFilename = Utils.revertJKSToPKCS12(keyFilename, passwd);
-            trustFilename = Utils.revertJKSToPKCS12(trustFilename, passwd);
+        if (SecurityUtils.isFIPS()) {
+            keyFilename = SecurityUtils.revertJKSToPKCS12(keyFilename, passwd);
+            trustFilename = SecurityUtils.revertJKSToPKCS12(trustFilename, passwd);
         }
 
         System.setProperty("javax.net.ssl.keyStore", keyFilename);
@@ -195,7 +196,7 @@ public static void main(String[] args) throws Exception {
         try {
             new CriticalSubjectAltName();
         } catch (Exception e) {
-            if (Utils.isFIPS()) {
+            if (SecurityUtils.isFIPS()) {
                 if (e instanceof java.security.cert.CertPathValidatorException) {
                     if ("Algorithm constraints check failed on signature algorithm: MD5withRSA".equals(e.getMessage())) {
                         System.out.println("MD5withRSA is not a supported signature algorithm.");
 
@@ -39,6 +39,7 @@
 import java.security.cert.Certificate;
 
 import jdk.test.lib.Utils;
+import jdk.test.lib.security.SecurityUtils;
 
 public class GetResponseCode implements HostnameVerifier {
     /*
@@ -152,9 +153,9 @@ public static void main(String[] args) throws Exception {
             System.getProperty("test.src", "./") + "/" + pathToStores +
                 "/" + trustStoreFile;
 
-        if (Utils.isFIPS()) {
-            keyFilename = Utils.revertJKSToPKCS12(keyFilename, passwd);
-            trustFilename = Utils.revertJKSToPKCS12(trustFilename, passwd);
+        if (SecurityUtils.isFIPS()) {
+            keyFilename = SecurityUtils.revertJKSToPKCS12(keyFilename, passwd);
+            trustFilename = SecurityUtils.revertJKSToPKCS12(trustFilename, passwd);
         }
 
         System.setProperty("javax.net.ssl.keyStore", keyFilename);
 
@@ -189,7 +189,7 @@ public static void main(String args[]) throws Exception {
         contextVersion = args[0];
         // Re-enable context version if it is disabled.
         // If context version is SSLv3, TLSv1 needs to be re-enabled.
-        if (!(Utils.isFIPS())) {
+        if (!(SecurityUtils.isFIPS())) {
             if (contextVersion.equals("SSLv3")) {
                 SecurityUtils.removeFromDisabledTlsAlgs("TLSv1");
             } else if (contextVersion.equals("TLSv1") ||
@@ -207,7 +207,7 @@ public static void main(String args[]) throws Exception {
         try {
             test.runTest();
         } catch (javax.net.ssl.SSLHandshakeException sslhe) {
-            if (Utils.isFIPS()) {
+            if (SecurityUtils.isFIPS()) {
                 if(!SecurityUtils.TLS_PROTOCOLS.contains(contextVersion)) {
                     if ("No appropriate protocol (protocol is disabled or cipher suites are inappropriate)".equals(sslhe.getMessage())) {
                         System.out.println("Expected exception msg: <No appropriate protocol (protocol is disabled or cipher suites are inappropriate)> is caught");
 
@@ -58,13 +58,13 @@ public class Basics {
                 "/" + TRUSTSTORE_FILE;
 
     public static void main(String[] args) throws Exception {
-        if (!(Utils.isFIPS())) {
+        if (!(SecurityUtils.isFIPS())) {
             SecurityUtils.removeFromDisabledTlsAlgs("TLSv1.1");
             runTest("TLSv1.1", "TLS_DHE_DSS_WITH_AES_128_CBC_SHA");
         }
 
         runTest("TLSv1.3", "TLS_AES_256_GCM_SHA384");
-        if (!(Utils.isFIPS())) {
+        if (!(SecurityUtils.isFIPS())) {
             runTest("TLSv1.2", "TLS_RSA_WITH_AES_256_GCM_SHA384");
         }
     }
 
@@ -41,6 +41,7 @@
 import java.nio.*;
 
 import jdk.test.lib.Utils;
+import jdk.test.lib.security.SecurityUtils;
 
 public class CheckTlsEngineResults {
 
@@ -128,7 +129,7 @@ private void test() throws Exception {
         SSLEngineResult result1;        // clientEngine's results from last operation
         SSLEngineResult result2;        // serverEngine's results from last operation
         String[] suite1;
-        if (!(Utils.isFIPS())) {
+        if (!(SecurityUtils.isFIPS())) {
             suite1 = new String [] {
                 "TLS_DHE_RSA_WITH_AES_128_CBC_SHA" };
         } else {
 
@@ -45,6 +45,7 @@
 import java.nio.*;
 
 import jdk.test.lib.Utils;
+import jdk.test.lib.security.SecurityUtils;
 
 public class ConnectionTest {
 
@@ -600,7 +601,7 @@ private static void log(Object msg) {
     public static void main(String args[]) throws Exception {
         // reset the security property to make sure that the algorithms
         // and keys used in this test are not disabled.
-        if (!(Utils.isFIPS())) {
+        if (!(SecurityUtils.isFIPS())) {
             Security.setProperty("jdk.tls.disabledAlgorithms", "");
         }
 
 
@@ -39,6 +39,7 @@
 import static javax.net.ssl.SSLEngineResult.HandshakeStatus.*;
 
 import jdk.test.lib.Utils;
+import jdk.test.lib.security.SecurityUtils;
 
 public class EngineCloseOnAlert {
 
@@ -56,7 +57,7 @@ public class EngineCloseOnAlert {
     private static KeyManagerFactory KMF;
     private static TrustManagerFactory TMF;
 
-    private static final String[] ONECIPHER = (Utils.isFIPS()) ?
+    private static final String[] ONECIPHER = (SecurityUtils.isFIPS()) ?
         new String[] { "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256" } : new String[] { "TLS_RSA_WITH_AES_128_CBC_SHA" };
 
 
 
@@ -44,6 +44,7 @@
 import java.util.Random;
 
 import jdk.test.lib.Utils;
+import jdk.test.lib.security.SecurityUtils;
 
 public class LargeBufs {
 
@@ -185,7 +186,7 @@ private void runTest(String cipher) throws Exception {
     public static void main(String args[]) throws Exception {
         LargeBufs test;
 
-        if (!(Utils.isFIPS())) {
+        if (!(SecurityUtils.isFIPS())) {
             // reset the security property to make sure that the algorithms
             // and keys used in this test are not disabled.
             Security.setProperty("jdk.tls.disabledAlgorithms", "");
 
@@ -144,7 +144,7 @@ public class NoAuthClientAuth {
      * Main entry point for this test.
      */
     public static void main(String args[]) throws Exception {
-        if (!(Utils.isFIPS())) {
+        if (!(SecurityUtils.isFIPS())) {
             Security.setProperty("jdk.tls.disabledAlgorithms", "");
             tlsProtocol = args[0];
         } else {
@@ -164,7 +164,7 @@ public static void main(String args[]) throws Exception {
         try {
             test.runTest();
         } catch (java.lang.IllegalArgumentException iae) {
-            if (Utils.isFIPS()) {
+            if (SecurityUtils.isFIPS()) {
                 if (tlsProtocol == null) {
                     if ("Unsupported protocolnull".equals(iae.getMessage())) {
                         System.out.println("Expected exception msg: <Unsupported protocolnull> is caught");
 
@@ -92,7 +92,7 @@ private void createSSLEngines() {
     private void test() throws Exception {
         List<String> tmpCipherSuites = new ArrayList<>();
         String [] suites;
-        if (Utils.isFIPS()) {
+        if (SecurityUtils.isFIPS()) {
             for (String ciphersuite : clientEngine.getEnabledCipherSuites()) {
                 if (!SecurityUtils.TLS_CIPHERSUITES.containsKey(ciphersuite)) {
                     continue;
@@ -243,7 +243,7 @@ public static void main(String args[]) throws Exception {
         if (args.length < 1) {
             throw new RuntimeException("Missing TLS protocol parameter.");
         }
-        if (!(Utils.isFIPS())) {
+        if (!(SecurityUtils.isFIPS())) {
             switch(args[0]) {
                 case "TLSv1.1" -> SecurityUtils.removeFromDisabledTlsAlgs("TLSv1.1");
                 case "TLSv1.3" -> SecurityUtils.addToDisabledTlsAlgs("TLSv1.2");
 
@@ -41,6 +41,7 @@
 import java.util.Arrays;
 
 import jdk.test.lib.Utils;
+import jdk.test.lib.security.SecurityUtils;
 
 public class UseCipherSuitesOrder {
 
@@ -177,7 +178,7 @@ private static void parseArguments(String[] args) throws Exception {
             throw new Exception("Need to enable at least two cipher suites");
         }
 
-        if (Utils.isFIPS()) {
+        if (SecurityUtils.isFIPS()) {
             cliEnabledCipherSuites = new String[] { "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384"};
         }
 
@@ -204,7 +205,7 @@ private static void parseArguments(String[] args) throws Exception {
     public static void main(String[] args) throws Exception {
         // reset the security property to make sure that the algorithms
         // and keys used in this test are not disabled.
-        if (!(Utils.isFIPS())) {
+        if (!(SecurityUtils.isFIPS())) {
             Security.setProperty("jdk.tls.disabledAlgorithms", "");
         }
 
@@ -218,9 +219,9 @@ public static void main(String[] args) throws Exception {
             System.getProperty("test.src", ".") + "/" + pathToStores +
                 "/" + trustStoreFile;
 
-        if (Utils.isFIPS()) {
-            keyFilename = Utils.revertJKSToPKCS12(keyFilename, passwd);
-            trustFilename = Utils.revertJKSToPKCS12(trustFilename, passwd);
+        if (SecurityUtils.isFIPS()) {
+            keyFilename = SecurityUtils.revertJKSToPKCS12(keyFilename, passwd);
+            trustFilename = SecurityUtils.revertJKSToPKCS12(trustFilename, passwd);
         }
 
         System.setProperty("javax.net.ssl.keyStore", keyFilename);
 
@@ -44,6 +44,7 @@
 import java.security.cert.*;
 
 import jdk.test.lib.Utils;
+import jdk.test.lib.security.SecurityUtils;
 
 public class HttpsURLConnectionLocalCertificateChain
         implements HandshakeCompletedListener,
@@ -247,9 +248,9 @@ public static void main(String[] args) throws Exception {
             System.getProperty("test.src", "./") + "/" + pathToStores +
                 "/" + trustStoreFile;
 
-        if (Utils.isFIPS()) {
-            keyFilename = Utils.revertJKSToPKCS12(keyFilename, passwd);
-            trustFilename = Utils.revertJKSToPKCS12(trustFilename, passwd);
+        if (SecurityUtils.isFIPS()) {
+            keyFilename = SecurityUtils.revertJKSToPKCS12(keyFilename, passwd);
+            trustFilename = SecurityUtils.revertJKSToPKCS12(trustFilename, passwd);
         }
 
         System.setProperty("javax.net.ssl.keyStore", keyFilename);
 
@@ -42,6 +42,7 @@
 import javax.net.ssl.*;
 
 import jdk.test.lib.Utils;
+import jdk.test.lib.security.SecurityUtils;
 
 public class JSSERenegotiate {
 
@@ -196,7 +197,7 @@ void doClientSide() throws Exception {
     public static void main(String[] args) throws Exception {
         // reset the security property to make sure that the cipher suites
         // used in this test are not disabled
-        if (!(Utils.isFIPS())) {
+        if (!(SecurityUtils.isFIPS())) {
             Security.setProperty("jdk.tls.disabledAlgorithms", "");
         }
 
@@ -207,9 +208,9 @@ public static void main(String[] args) throws Exception {
             System.getProperty("test.src", "./") + "/" + pathToStores +
                 "/" + trustStoreFile;
 
-        if (Utils.isFIPS()) {
-            keyFilename = Utils.revertJKSToPKCS12(keyFilename, passwd);
-            trustFilename = Utils.revertJKSToPKCS12(trustFilename, passwd);
+        if (SecurityUtils.isFIPS()) {
+            keyFilename = SecurityUtils.revertJKSToPKCS12(keyFilename, passwd);
+            trustFilename = SecurityUtils.revertJKSToPKCS12(trustFilename, passwd);
             suite1 = "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256";
             suite2 = "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384";
         } else {
 
@@ -42,6 +42,7 @@
 import java.security.SecureRandom;
 
 import jdk.test.lib.Utils;
+import jdk.test.lib.security.SecurityUtils;
 
 public class RenegotiateTLS13 {
 
@@ -142,9 +143,9 @@ public static void main(String[] args) throws Exception {
             System.getProperty("test.src", "./") + "/" + pathToStores +
                 "/" + trustStoreFile;
 
-        if (Utils.isFIPS()) {
-            keyFilename = Utils.revertJKSToPKCS12(keyFilename, passwd);
-            trustFilename = Utils.revertJKSToPKCS12(trustFilename, passwd);
+        if (SecurityUtils.isFIPS()) {
+            keyFilename = SecurityUtils.revertJKSToPKCS12(keyFilename, passwd);
+            trustFilename = SecurityUtils.revertJKSToPKCS12(trustFilename, passwd);
         }
 
         System.setProperty("javax.net.ssl.keyStore", keyFilename);
Original file line number	Diff line number	Diff line change
`@@ -58,13 +58,13 @@ public class Basics {`
`58`	`58`	`"/" + TRUSTSTORE_FILE;`
`59`	`59`
`60`	`60`	`public static void main(String[] args) throws Exception {`
`61`		`- if (!(Utils.isFIPS())) {`
	`61`	`+ if (!(SecurityUtils.isFIPS())) {`
`62`	`62`	`SecurityUtils.removeFromDisabledTlsAlgs("TLSv1.1");`
`63`	`63`	`runTest("TLSv1.1", "TLS_DHE_DSS_WITH_AES_128_CBC_SHA");`
`64`	`64`	`}`
`65`	`65`
`66`	`66`	`runTest("TLSv1.3", "TLS_AES_256_GCM_SHA384");`
`67`		`- if (!(Utils.isFIPS())) {`
	`67`	`+ if (!(SecurityUtils.isFIPS())) {`
`68`	`68`	`runTest("TLSv1.2", "TLS_RSA_WITH_AES_256_GCM_SHA384");`
`69`	`69`	`}`
`70`	`70`	`}`