Exclude list for FIPS140-3 strict profile

[JinhangZhang]

Adding tests to be ignored for FIPS140-3 strict profile.

@jasonkatonica FYI

[JinhangZhang]

@keithc-ca please help to review

[keithc-ca]

Is this a back-port of ibmruntimes/openj9-openjdk-jdk#861? If so, it helps to explicitly call out such facts.

[keithc-ca]

There is a significant number of differences relative to the head stream: Please explain the reason for each such difference.

[JinhangZhang]

If so, it helps to explicitly call out such facts.

Hi @keithc-ca , it's not a back-port of the headstream, each semeru jdk version has different failed cases.

[keithc-ca]

I find it difficult to understand why we have so many differences between jdk23 and the head stream, particularly those tests which are excluded in jdk23 but not in the head stream when the tests appear to be identical. For example

• com/sun/crypto/provider/Cipher/Test4958071.java
• com/sun/crypto/provider/KeyProtector/IterationCount.java
• com/sun/crypto/provider/Mac/Test6205692.java
• java/security/AccessController/DoPrivAccompliceTest.java
• java/security/Policy/ExtensiblePolicy/ExtensiblePolicyWithJarTest.java
• etc.

The other way around would make more sense to me (a test works in jdk23, but not (yet) in the head stream). Please provide more information than just to state that "each semeru jdk version has different failed cases".

[keithc-ca]

Please provide more information

[JinhangZhang]

After investigating, those failures occur in jdk23 but not in jdknext due to Error. Agent communication error: java.io.EOFException which seems to be an issue and is opened in https://bugs.openjdk.org/browse/CODETOOLS-7903082.

That are not FIPS related, I will remove those following additional failure from the ignore list.
Sanity.openjdk

• com/sun/crypto/provider/Cipher/Test4958071.java
• com/sun/crypto/provider/KeyProtector/IterationCount.java
• com/sun/crypto/provider/Mac/Test6205692.java
• java/security/AccessController/DoPrivAccompliceTest.java (not in jdknext)
• java/security/Policy/ExtensiblePolicy/ExtensiblePolicyWithJarTest.java (not in jdknext)

extended.openjdk

• com/sun/jndi/dns/ConfigTests/TcpTimeout.java
• com/sun/jndi/ldap/LdapPoolTimeoutTest.java
• com/sun/jndi/ldap/LdapTimeoutTest.java
• javax/naming/spi/FactoryCacheTest.java
• javax/naming/spi/providers/InitialContextTest.java
• javax/security/auth/Subject/UnsupportedSV.java
• javax/security/auth/login/modules/JaasModularClientTest.java
• javax/security/auth/login/modules/JaasModularDefaultHandlerTest.java
• jdk/internal/jline/JLineConsoleProviderTest.java
• jdk/internal/jline/LazyJdkConsoleProvider.java
• jdk/internal/jline/RedirectedStdOut.java
• jdk/security/logging/TestSecurityPropertyModificationLog.java
• jdk/security/logging/TestX509CertificateLog.java
• jdk/security/logging/TestX509ValidationLog.java
• sun/security/ec/ECDHKeyAgreementParamValidation.java
• sun/security/pkcs/pkcs8/LongPKCS8orX509KeySpec.java
• sun/security/pkcs/pkcs9/PKCS9AttrTypeTests.java
• sun/security/pkcs11/Config/ReadConfInUTF16Env.java
• sun/security/util/DerInputBuffer/PaddedBitString.java
• sun/security/util/DerValue/DeepOctets.java
• sun/security/util/DerValue/Indefinite.java
• sun/security/util/DerValue/WideTag.java
• sun/security/util/Resources/early/EarlyResources.java
• sun/security/x509/CertificateValidity/NullName.java
• sun/security/x509/EDIPartyName/NullName.java
• sun/security/x509/Extensions/IllegalExtensions.java
• sun/security/x509/X509CRLImpl/UnexpectedNPE.java