Migrate the rest of the ssl package to junit5 (#11483)

Motivation: We should use junit5 everywhere. Modifications: - Refactor rest of tests to use junit5 Result: Part of https://github.com/netty/netty/issues/10757
2021-07-15 08:50:24 +02:00 · 2021-07-15 08:50:24 +02:00 · e236e99006
commit e236e99006
parent 2914134522
22 changed files with 1579 additions and 1508 deletions
--- a/handler/src/test/java/io/netty/handler/ssl/AmazonCorrettoSslEngineTest.java
+++ b/handler/src/test/java/io/netty/handler/ssl/AmazonCorrettoSslEngineTest.java
@ -17,48 +17,28 @@ package io.netty.handler.ssl;
 import com.amazon.corretto.crypto.provider.AmazonCorrettoCryptoProvider;
 import com.amazon.corretto.crypto.provider.SelfTestStatus;
-import org.junit.After;
+import org.junit.jupiter.api.AfterEach;
-import org.junit.Assert;
+import org.junit.jupiter.api.BeforeEach;
-import org.junit.Before;
+import org.junit.jupiter.api.Disabled;
-import org.junit.BeforeClass;
+import org.junit.jupiter.api.condition.DisabledIf;
 import org.junit.Ignore;
 import org.junit.runner.RunWith;
 import org.junit.runners.Parameterized;
 import javax.crypto.Cipher;
 import java.security.Security;
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.List;
-import static org.junit.Assume.assumeTrue;
+import static org.junit.jupiter.api.Assertions.assertEquals;
 import static org.junit.jupiter.api.Assertions.assertNull;
-@RunWith(Parameterized.class)
+
@DisabledIf("checkIfAccpIsDisabled")
 public class AmazonCorrettoSslEngineTest extends SSLEngineTest {
-    @Parameterized.Parameters(name = "{index}: bufferType = {0}, combo = {1}, delegate = {2}")
+    static boolean checkIfAccpIsDisabled() {
-    public static Collection<Object[]> data() {
+        return AmazonCorrettoCryptoProvider.INSTANCE.getLoadingError() != null ||
-        List<Object[]> params = new ArrayList<Object[]>();
+                !AmazonCorrettoCryptoProvider.INSTANCE.runSelfTests().equals(SelfTestStatus.PASSED);
        for (BufferType type: BufferType.values()) {
            params.add(new Object[] { type, ProtocolCipherCombo.tlsv12(), false });
            params.add(new Object[] { type, ProtocolCipherCombo.tlsv12(), true });
            if (SslProvider.isTlsv13Supported(SslProvider.JDK)) {
                params.add(new Object[] { type, ProtocolCipherCombo.tlsv13(), true });
                params.add(new Object[] { type, ProtocolCipherCombo.tlsv13(), false });
            }
        }
        return params;
    }
-    public AmazonCorrettoSslEngineTest(BufferType type, ProtocolCipherCombo combo, boolean delegate) {
+    public AmazonCorrettoSslEngineTest() {
-        super(type, combo, delegate);
+        super(SslProvider.isTlsv13Supported(SslProvider.JDK));
    }
    @BeforeClass
    public static void checkAccp() {
        assumeTrue(AmazonCorrettoCryptoProvider.INSTANCE.getLoadingError() == null &&
                AmazonCorrettoCryptoProvider.INSTANCE.runSelfTests().equals(SelfTestStatus.PASSED));
    }
    @Override
@ -71,7 +51,7 @@ public class AmazonCorrettoSslEngineTest extends SSLEngineTest {
        return SslProvider.JDK;
    }
-    @Before
+    @BeforeEach
    @Override
    public void setup() {
        // See https://github.com/corretto/amazon-corretto-crypto-provider/blob/develop/README.md#code
@ -81,7 +61,7 @@ public class AmazonCorrettoSslEngineTest extends SSLEngineTest {
        try {
            AmazonCorrettoCryptoProvider.INSTANCE.assertHealthy();
            String providerName = Cipher.getInstance("AES/GCM/NoPadding").getProvider().getName();
-            Assert.assertEquals(AmazonCorrettoCryptoProvider.PROVIDER_NAME, providerName);
+            assertEquals(AmazonCorrettoCryptoProvider.PROVIDER_NAME, providerName);
        } catch (Throwable e) {
            Security.removeProvider(AmazonCorrettoCryptoProvider.PROVIDER_NAME);
            throw new AssertionError(e);
@ -89,24 +69,24 @@ public class AmazonCorrettoSslEngineTest extends SSLEngineTest {
        super.setup();
    }
-    @After
+    @AfterEach
    @Override
    public void tearDown() throws InterruptedException {
        super.tearDown();
        // Remove the provider again and verify that it was removed
        Security.removeProvider(AmazonCorrettoCryptoProvider.PROVIDER_NAME);
-        Assert.assertNull(Security.getProvider(AmazonCorrettoCryptoProvider.PROVIDER_NAME));
+        assertNull(Security.getProvider(AmazonCorrettoCryptoProvider.PROVIDER_NAME));
    }
-    @Ignore /* Does the JDK support a "max certificate chain length"? */
+    @Disabled /* Does the JDK support a "max certificate chain length"? */
    @Override
-    public void testMutualAuthValidClientCertChainTooLongFailOptionalClientAuth() {
+    public void testMutualAuthValidClientCertChainTooLongFailOptionalClientAuth(SSLEngineTestParam param) {
    }
-    @Ignore /* Does the JDK support a "max certificate chain length"? */
+    @Disabled /* Does the JDK support a "max certificate chain length"? */
    @Override
-    public void testMutualAuthValidClientCertChainTooLongFailRequireClientAuth() {
+    public void testMutualAuthValidClientCertChainTooLongFailRequireClientAuth(SSLEngineTestParam param) {
    }
    @Override
--- a/handler/src/test/java/io/netty/handler/ssl/ConscryptJdkSslEngineInteropTest.java
+++ b/handler/src/test/java/io/netty/handler/ssl/ConscryptJdkSslEngineInteropTest.java
@ -16,39 +16,22 @@
 package io.netty.handler.ssl;
 import java.security.Provider;
 import org.junit.BeforeClass;
 import org.junit.Ignore;
-import org.junit.runner.RunWith;
+import org.junit.jupiter.api.Disabled;
-import org.junit.runners.Parameterized;
+import org.junit.jupiter.api.condition.DisabledIf;
 import javax.net.ssl.SSLSessionContext;
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.List;
 import static org.junit.Assume.assumeTrue;
-@RunWith(Parameterized.class)
+@DisabledIf("checkConscryptDisabled")
 public class ConscryptJdkSslEngineInteropTest extends SSLEngineTest {
-    @Parameterized.Parameters(name = "{index}: bufferType = {0}, combo = {1}, delegate = {2}")
+    public ConscryptJdkSslEngineInteropTest() {
-    public static Collection<Object[]> data() {
+        super(false);
        List<Object[]> params = new ArrayList<Object[]>();
        for (BufferType type: BufferType.values()) {
            params.add(new Object[] { type, ProtocolCipherCombo.tlsv12(), false });
            params.add(new Object[] { type, ProtocolCipherCombo.tlsv12(), true });
        }
        return params;
    }
-    public ConscryptJdkSslEngineInteropTest(BufferType type, ProtocolCipherCombo combo, boolean delegate) {
+    static boolean checkConscryptDisabled() {
-        super(type, combo, delegate);
+        return !Conscrypt.isAvailable();
    }
    @BeforeClass
    public static void checkConscrypt() {
        assumeTrue(Conscrypt.isAvailable());
    }
    @Override
@ -66,14 +49,16 @@ public class ConscryptJdkSslEngineInteropTest extends SSLEngineTest {
        return Java8SslTestUtils.conscryptProvider();
    }
-    @Ignore /* Does the JDK support a "max certificate chain length"? */
+    @Disabled /* Does the JDK support a "max certificate chain length"? */
    @Override
-    public void testMutualAuthValidClientCertChainTooLongFailOptionalClientAuth() throws Exception {
+    public void testMutualAuthValidClientCertChainTooLongFailOptionalClientAuth(SSLEngineTestParam param)
            throws Exception {
    }
-    @Ignore /* Does the JDK support a "max certificate chain length"? */
+    @Disabled /* Does the JDK support a "max certificate chain length"? */
    @Override
-    public void testMutualAuthValidClientCertChainTooLongFailRequireClientAuth() throws Exception {
+    public void testMutualAuthValidClientCertChainTooLongFailRequireClientAuth(SSLEngineTestParam param)
            throws Exception {
    }
    @Override
--- a/handler/src/test/java/io/netty/handler/ssl/ConscryptOpenSslEngineInteropTest.java
+++ b/handler/src/test/java/io/netty/handler/ssl/ConscryptOpenSslEngineInteropTest.java
@ -15,48 +15,35 @@
 */
 package io.netty.handler.ssl;
-import org.junit.BeforeClass;
+import org.junit.jupiter.api.BeforeAll;
-import org.junit.Ignore;
+import org.junit.jupiter.api.Disabled;
-import org.junit.Test;
+import org.junit.jupiter.api.condition.DisabledIf;
 import org.junit.runner.RunWith;
 import org.junit.runners.Parameterized;
 import javax.net.ssl.SSLEngine;
 import javax.net.ssl.SSLSessionContext;
 import java.security.Provider;
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.List;
 import static io.netty.handler.ssl.OpenSslTestUtils.checkShouldUseKeyManagerFactory;
-import static org.junit.Assume.assumeTrue;
+import static org.junit.jupiter.api.Assumptions.assumeTrue;
-@RunWith(Parameterized.class)
+@DisabledIf("checkConscryptDisabled")
 public class ConscryptOpenSslEngineInteropTest extends ConscryptSslEngineTest {
-    @Parameterized.Parameters(name = "{index}: bufferType = {0}, combo = {1}, delegate = {2}, useTasks = {3}")
+    @Override
-    public static Collection<Object[]> data() {
+    protected List<SSLEngineTestParam> newTestParams() {
-        List<Object[]> params = new ArrayList<Object[]>();
+        List<SSLEngineTestParam> params = super.newTestParams();
-        for (BufferType type: BufferType.values()) {
+        List<SSLEngineTestParam> testParams = new ArrayList<SSLEngineTestParam>();
-            params.add(new Object[] { type, ProtocolCipherCombo.tlsv12(), false, false });
+        for (SSLEngineTestParam param: params) {
-            params.add(new Object[] { type, ProtocolCipherCombo.tlsv12(), false, true });
+            testParams.add(new OpenSslEngineTestParam(true, param));
-
+            testParams.add(new OpenSslEngineTestParam(false, param));
            params.add(new Object[] { type, ProtocolCipherCombo.tlsv12(), true, false });
            params.add(new Object[] { type, ProtocolCipherCombo.tlsv12(), true, true });
        }
-        return params;
+        return testParams;
    }
-    private final boolean useTasks;
+    @BeforeAll
    public ConscryptOpenSslEngineInteropTest(BufferType type, ProtocolCipherCombo combo,
                                             boolean delegate, boolean useTasks) {
        super(type, combo, delegate);
        this.useTasks = useTasks;
    }
    @BeforeClass
    public static void checkOpenssl() {
        OpenSsl.ensureAvailability();
    }
@ -77,17 +64,15 @@ public class ConscryptOpenSslEngineInteropTest extends ConscryptSslEngineTest {
    }
    @Override
-    @Test
+    @Disabled("TODO: Make this work with Conscrypt")
-    @Ignore("TODO: Make this work with Conscrypt")
+    public void testMutualAuthValidClientCertChainTooLongFailOptionalClientAuth(SSLEngineTestParam param) {
-    public void testMutualAuthValidClientCertChainTooLongFailOptionalClientAuth() {
+        super.testMutualAuthValidClientCertChainTooLongFailOptionalClientAuth(param);
        super.testMutualAuthValidClientCertChainTooLongFailOptionalClientAuth();
    }
    @Override
-    @Test
+    @Disabled("TODO: Make this work with Conscrypt")
-    @Ignore("TODO: Make this work with Conscrypt")
+    public void testMutualAuthValidClientCertChainTooLongFailRequireClientAuth(SSLEngineTestParam param) {
-    public void testMutualAuthValidClientCertChainTooLongFailRequireClientAuth() {
+        super.testMutualAuthValidClientCertChainTooLongFailRequireClientAuth(param);
        super.testMutualAuthValidClientCertChainTooLongFailRequireClientAuth();
    }
    @Override
@ -97,45 +82,42 @@ public class ConscryptOpenSslEngineInteropTest extends ConscryptSslEngineTest {
    }
    @Override
-    @Test
+    public void testMutualAuthInvalidIntermediateCASucceedWithOptionalClientAuth(SSLEngineTestParam param)
-    public void testMutualAuthInvalidIntermediateCASucceedWithOptionalClientAuth() throws Exception {
+            throws Exception {
        checkShouldUseKeyManagerFactory();
-        super.testMutualAuthInvalidIntermediateCASucceedWithOptionalClientAuth();
+        super.testMutualAuthInvalidIntermediateCASucceedWithOptionalClientAuth(param);
    }
    @Override
-    @Test
+    public void testMutualAuthInvalidIntermediateCAFailWithOptionalClientAuth(SSLEngineTestParam param)
-    public void testMutualAuthInvalidIntermediateCAFailWithOptionalClientAuth() throws Exception {
+            throws Exception {
        checkShouldUseKeyManagerFactory();
-        super.testMutualAuthInvalidIntermediateCAFailWithOptionalClientAuth();
+        super.testMutualAuthInvalidIntermediateCAFailWithOptionalClientAuth(param);
    }
    @Override
-    @Test
+    public void testMutualAuthInvalidIntermediateCAFailWithRequiredClientAuth(SSLEngineTestParam param)
-    public void testMutualAuthInvalidIntermediateCAFailWithRequiredClientAuth() throws Exception {
+            throws Exception {
        checkShouldUseKeyManagerFactory();
-        super.testMutualAuthInvalidIntermediateCAFailWithRequiredClientAuth();
+        super.testMutualAuthInvalidIntermediateCAFailWithRequiredClientAuth(param);
    }
    @Override
-    @Test
+    public void testSessionAfterHandshakeKeyManagerFactory(SSLEngineTestParam param) throws Exception {
    public void testSessionAfterHandshakeKeyManagerFactory() throws Exception {
        checkShouldUseKeyManagerFactory();
-        super.testSessionAfterHandshakeKeyManagerFactory();
+        super.testSessionAfterHandshakeKeyManagerFactory(param);
    }
    @Override
-    @Test
+    public void testSessionAfterHandshakeKeyManagerFactoryMutualAuth(SSLEngineTestParam param) throws Exception {
    public void testSessionAfterHandshakeKeyManagerFactoryMutualAuth() throws Exception {
        checkShouldUseKeyManagerFactory();
-        super.testSessionAfterHandshakeKeyManagerFactoryMutualAuth();
+        super.testSessionAfterHandshakeKeyManagerFactoryMutualAuth(param);
    }
    @Override
-    @Test
+    public void testSupportedSignatureAlgorithms(SSLEngineTestParam param) throws Exception {
    public void testSupportedSignatureAlgorithms() throws Exception {
        checkShouldUseKeyManagerFactory();
-        super.testSupportedSignatureAlgorithms();
+        super.testSupportedSignatureAlgorithms(param);
    }
    @Override
@ -145,18 +127,17 @@ public class ConscryptOpenSslEngineInteropTest extends ConscryptSslEngineTest {
    }
    @Override
-    @Test
+    public void testSessionLocalWhenNonMutualWithKeyManager(SSLEngineTestParam param) throws Exception {
    public void testSessionLocalWhenNonMutualWithKeyManager() throws Exception {
        checkShouldUseKeyManagerFactory();
-        super.testSessionLocalWhenNonMutualWithKeyManager();
+        super.testSessionLocalWhenNonMutualWithKeyManager(param);
    }
    @Override
-    public void testSessionLocalWhenNonMutualWithoutKeyManager() throws Exception {
+    public void testSessionLocalWhenNonMutualWithoutKeyManager(SSLEngineTestParam param) throws Exception {
        // This only really works when the KeyManagerFactory is supported as otherwise we not really know when
        // we need to provide a cert.
        assumeTrue(OpenSsl.supportsKeyManagerFactory());
-        super.testSessionLocalWhenNonMutualWithoutKeyManager();
+        super.testSessionLocalWhenNonMutualWithoutKeyManager(param);
    }
    @Override
@ -165,24 +146,21 @@ public class ConscryptOpenSslEngineInteropTest extends ConscryptSslEngineTest {
    }
    @Override
-    @Test
+    public void testSessionCache(SSLEngineTestParam param) throws Exception {
    public void testSessionCache() throws Exception {
        assumeTrue(OpenSsl.isSessionCacheSupported());
-        super.testSessionCache();
+        super.testSessionCache(param);
    }
    @Override
-    @Test
+    public void testSessionCacheTimeout(SSLEngineTestParam param) throws Exception {
    public void testSessionCacheTimeout() throws Exception {
        assumeTrue(OpenSsl.isSessionCacheSupported());
-        super.testSessionCacheTimeout();
+        super.testSessionCacheTimeout(param);
    }
    @Override
-    @Test
+    public void testSessionCacheSize(SSLEngineTestParam param) throws Exception {
    public void testSessionCacheSize() throws Exception {
        assumeTrue(OpenSsl.isSessionCacheSupported());
-        super.testSessionCacheSize();
+        super.testSessionCacheSize(param);
    }
    @Override
@ -192,9 +170,11 @@ public class ConscryptOpenSslEngineInteropTest extends ConscryptSslEngineTest {
    @SuppressWarnings("deprecation")
    @Override
-    protected SslContext wrapContext(SslContext context) {
+    protected SslContext wrapContext(SSLEngineTestParam param, SslContext context) {
        if (context instanceof OpenSslContext) {
-            ((OpenSslContext) context).setUseTasks(useTasks);
+            if (param instanceof OpenSslEngineTestParam) {
                ((OpenSslContext) context).setUseTasks(((OpenSslEngineTestParam) param).useTasks);
            }
            // Explicit enable the session cache as its disabled by default on the client side.
            ((OpenSslContext) context).sessionContext().setSessionCacheEnabled(true);
        }
--- a/handler/src/test/java/io/netty/handler/ssl/ConscryptSslEngineTest.java
+++ b/handler/src/test/java/io/netty/handler/ssl/ConscryptSslEngineTest.java
@ -15,39 +15,22 @@
 */
 package io.netty.handler.ssl;
-import org.junit.BeforeClass;
+
-import org.junit.Ignore;
+import org.junit.jupiter.api.Disabled;
-import org.junit.runner.RunWith;
+import org.junit.jupiter.api.condition.DisabledIf;
 import org.junit.runners.Parameterized;
 import javax.net.ssl.SSLSessionContext;
 import java.security.Provider;
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.List;
-import static org.junit.Assume.assumeTrue;
+@DisabledIf("checkConscryptDisabled")
@RunWith(Parameterized.class)
 public class ConscryptSslEngineTest extends SSLEngineTest {
-    @Parameterized.Parameters(name = "{index}: bufferType = {0}, combo = {1}, delegate = {2}")
+    static boolean checkConscryptDisabled() {
-    public static Collection<Object[]> data() {
+        return !Conscrypt.isAvailable();
        List<Object[]> params = new ArrayList<Object[]>();
        for (BufferType type: BufferType.values()) {
            params.add(new Object[] { type, ProtocolCipherCombo.tlsv12(), false });
            params.add(new Object[] { type, ProtocolCipherCombo.tlsv12(), true });
        }
        return params;
    }
-    public ConscryptSslEngineTest(BufferType type, ProtocolCipherCombo combo, boolean delegate) {
+    public ConscryptSslEngineTest() {
-        super(type, combo, delegate);
+        super(false);
    }
    @BeforeClass
    public static void checkConscrypt() {
        assumeTrue(Conscrypt.isAvailable());
    }
    @Override
@ -70,14 +53,14 @@ public class ConscryptSslEngineTest extends SSLEngineTest {
        return Java8SslTestUtils.conscryptProvider();
    }
-    @Ignore /* Does the JDK support a "max certificate chain length"? */
+    @Disabled /* Does the JDK support a "max certificate chain length"? */
    @Override
-    public void testMutualAuthValidClientCertChainTooLongFailOptionalClientAuth() {
+    public void testMutualAuthValidClientCertChainTooLongFailOptionalClientAuth(SSLEngineTestParam param) {
    }
-    @Ignore /* Does the JDK support a "max certificate chain length"? */
+    @Disabled /* Does the JDK support a "max certificate chain length"? */
    @Override
-    public void testMutualAuthValidClientCertChainTooLongFailRequireClientAuth() {
+    public void testMutualAuthValidClientCertChainTooLongFailRequireClientAuth(SSLEngineTestParam param) {
    }
    @Override
@ -85,8 +68,8 @@ public class ConscryptSslEngineTest extends SSLEngineTest {
        // Not supported by conscrypt
    }
-    @Ignore("Possible Conscrypt bug")
+    @Disabled("Possible Conscrypt bug")
-    public void testSessionCacheTimeout() throws Exception {
+    public void testSessionCacheTimeout(SSLEngineTestParam param) throws Exception {
        // Skip
        // https://github.com/google/conscrypt/issues/851
    }
--- a/handler/src/test/java/io/netty/handler/ssl/Java8SslTestUtils.java
+++ b/handler/src/test/java/io/netty/handler/ssl/Java8SslTestUtils.java
@ -29,7 +29,7 @@ import java.security.cert.X509Certificate;
 import java.util.Arrays;
 import java.util.Collections;
-import static org.junit.Assert.assertNotNull;
+import static org.junit.jupiter.api.Assertions.assertNotNull;
 public final class Java8SslTestUtils {
@ -70,7 +70,7 @@ public final class Java8SslTestUtils {
            InputStream is = null;
            try {
                is = SslContextTest.class.getResourceAsStream(resourceName);
-                assertNotNull("Cannot find " + resourceName, is);
+                assertNotNull(is, "Cannot find " + resourceName);
                certCollection[i] = (X509Certificate) certFactory
                        .generateCertificate(is);
            } finally {
--- a/handler/src/test/java/io/netty/handler/ssl/JdkConscryptSslEngineInteropTest.java
+++ b/handler/src/test/java/io/netty/handler/ssl/JdkConscryptSslEngineInteropTest.java
@ -17,39 +17,20 @@ package io.netty.handler.ssl;
 import java.security.Provider;
-import org.junit.BeforeClass;
+import org.junit.jupiter.api.Disabled;
-import org.junit.Ignore;
+import org.junit.jupiter.api.condition.DisabledIf;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.junit.runners.Parameterized;
 import javax.net.ssl.SSLSessionContext;
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.List;
-import static org.junit.Assume.assumeTrue;
+@DisabledIf("checkConscryptDisabled")
@RunWith(Parameterized.class)
 public class JdkConscryptSslEngineInteropTest extends SSLEngineTest {
-    @Parameterized.Parameters(name = "{index}: bufferType = {0}, combo = {1}, delegate = {2}")
+    static boolean checkConscryptDisabled() {
-    public static Collection<Object[]> data() {
+        return !Conscrypt.isAvailable();
        List<Object[]> params = new ArrayList<Object[]>();
        for (BufferType type: BufferType.values()) {
            params.add(new Object[] { type, ProtocolCipherCombo.tlsv12(), false });
            params.add(new Object[] { type, ProtocolCipherCombo.tlsv12(), true });
        }
        return params;
    }
-    public JdkConscryptSslEngineInteropTest(BufferType type, ProtocolCipherCombo combo, boolean delegate) {
+    public JdkConscryptSslEngineInteropTest() {
-        super(type, combo, delegate);
+        super(false);
    }
    @BeforeClass
    public static void checkConscrypt() {
        assumeTrue(Conscrypt.isAvailable());
    }
    @Override
@ -68,17 +49,17 @@ public class JdkConscryptSslEngineInteropTest extends SSLEngineTest {
    }
    @Override
-    @Test
+    @Disabled("TODO: Make this work with Conscrypt")
-    @Ignore("TODO: Make this work with Conscrypt")
+    public void testMutualAuthValidClientCertChainTooLongFailOptionalClientAuth(SSLEngineTestParam param)
-    public void testMutualAuthValidClientCertChainTooLongFailOptionalClientAuth() throws Exception {
+            throws Exception {
-        super.testMutualAuthValidClientCertChainTooLongFailOptionalClientAuth();
+        super.testMutualAuthValidClientCertChainTooLongFailOptionalClientAuth(param);
    }
    @Override
-    @Test
+    @Disabled("TODO: Make this work with Conscrypt")
-    @Ignore("TODO: Make this work with Conscrypt")
+    public void testMutualAuthValidClientCertChainTooLongFailRequireClientAuth(SSLEngineTestParam param)
-    public void testMutualAuthValidClientCertChainTooLongFailRequireClientAuth() throws Exception {
+            throws Exception {
-        super.testMutualAuthValidClientCertChainTooLongFailRequireClientAuth();
+        super.testMutualAuthValidClientCertChainTooLongFailRequireClientAuth(param);
    }
    @Override
@ -87,9 +68,9 @@ public class JdkConscryptSslEngineInteropTest extends SSLEngineTest {
        return super.mySetupMutualAuthServerIsValidClientException(cause) || causedBySSLException(cause);
    }
-    @Ignore("Ignore due bug in Conscrypt")
+    @Disabled("Ignore due bug in Conscrypt")
    @Override
-    public void testHandshakeSession() throws Exception {
+    public void testHandshakeSession(SSLEngineTestParam param) throws Exception {
        // Ignore as Conscrypt does not correctly return the local certificates while the TrustManager is invoked.
        // See https://github.com/google/conscrypt/issues/634
    }
@ -99,8 +80,8 @@ public class JdkConscryptSslEngineInteropTest extends SSLEngineTest {
        // Not supported by conscrypt
    }
-    @Ignore("Possible Conscrypt bug")
+    @Disabled("Possible Conscrypt bug")
-    public void testSessionCacheTimeout() {
+    public void testSessionCacheTimeout(SSLEngineTestParam param) {
        // Skip
        // https://github.com/google/conscrypt/issues/851
    }
--- a/handler/src/test/java/io/netty/handler/ssl/JdkOpenSslEngineInteroptTest.java
+++ b/handler/src/test/java/io/netty/handler/ssl/JdkOpenSslEngineInteroptTest.java
@ -15,54 +15,36 @@
 */
 package io.netty.handler.ssl;
-import org.junit.BeforeClass;
+import org.junit.jupiter.api.BeforeAll;
-import org.junit.Ignore;
+import org.junit.jupiter.api.Disabled;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.junit.runners.Parameterized;
 import javax.net.ssl.SSLEngine;
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.List;
 import static io.netty.handler.ssl.OpenSslTestUtils.checkShouldUseKeyManagerFactory;
 import static io.netty.internal.tcnative.SSL.SSL_CVERIFY_IGNORED;
-import static org.junit.Assume.assumeTrue;
+import static org.junit.jupiter.api.Assumptions.assumeTrue;
@RunWith(Parameterized.class)
 public class JdkOpenSslEngineInteroptTest extends SSLEngineTest {
-    @Parameterized.Parameters(name = "{index}: bufferType = {0}, combo = {1}, delegate = {2}, useTasks = {3}")
+    public JdkOpenSslEngineInteroptTest() {
-    public static Collection<Object[]> data() {
+        super(SslProvider.isTlsv13Supported(SslProvider.JDK) &&
-        List<Object[]> params = new ArrayList<Object[]>();
+                SslProvider.isTlsv13Supported(SslProvider.OPENSSL));
-        for (BufferType type: BufferType.values()) {
+    }
            params.add(new Object[] { type, ProtocolCipherCombo.tlsv12(), false, false });
            params.add(new Object[] { type, ProtocolCipherCombo.tlsv12(), false, true });
-            params.add(new Object[] { type, ProtocolCipherCombo.tlsv12(), true, false });
+    @Override
-            params.add(new Object[] { type, ProtocolCipherCombo.tlsv12(), true, true });
+    protected List<SSLEngineTestParam> newTestParams() {
-
+        List<SSLEngineTestParam> params = super.newTestParams();
-            if (SslProvider.isTlsv13Supported(SslProvider.JDK) && SslProvider.isTlsv13Supported(SslProvider.OPENSSL)) {
+        List<SSLEngineTestParam> testParams = new ArrayList<SSLEngineTestParam>();
-                params.add(new Object[] { type, ProtocolCipherCombo.tlsv13(), false, false });
+        for (SSLEngineTestParam param: params) {
-                params.add(new Object[] { type, ProtocolCipherCombo.tlsv13(), false, true });
+            testParams.add(new OpenSslEngineTestParam(true, param));
-
+            testParams.add(new OpenSslEngineTestParam(false, param));
                params.add(new Object[] { type, ProtocolCipherCombo.tlsv13(), true, false });
                params.add(new Object[] { type, ProtocolCipherCombo.tlsv13(), true, true });
            }
        }
-        return params;
+        return testParams;
    }
-    private final boolean useTasks;
+    @BeforeAll
    public JdkOpenSslEngineInteroptTest(BufferType type, ProtocolCipherCombo protocolCipherCombo,
                                        boolean delegate, boolean useTasks) {
        super(type, protocolCipherCombo, delegate);
        this.useTasks = useTasks;
    }
    @BeforeClass
    public static void checkOpenSsl() {
        OpenSsl.ensureAvailability();
    }
@ -78,59 +60,55 @@ public class JdkOpenSslEngineInteroptTest extends SSLEngineTest {
    }
    @Override
-    @Test
+    @Disabled("Disable until figured out why this sometimes fail on the CI")
-    @Ignore("Disable until figured out why this sometimes fail on the CI")
+    public void testMutualAuthSameCerts(SSLEngineTestParam param) throws Throwable {
-    public void testMutualAuthSameCerts() throws Throwable {
+        super.testMutualAuthSameCerts(param);
-        super.testMutualAuthSameCerts();
+    }
    public void testMutualAuthInvalidIntermediateCASucceedWithOptionalClientAuth(SSLEngineTestParam param)
            throws Exception {
        checkShouldUseKeyManagerFactory();
        super.testMutualAuthInvalidIntermediateCASucceedWithOptionalClientAuth(param);
    }
    @Override
-    @Test
+    public void testMutualAuthInvalidIntermediateCAFailWithOptionalClientAuth(SSLEngineTestParam param)
-    public void testMutualAuthInvalidIntermediateCASucceedWithOptionalClientAuth() throws Exception {
+            throws Exception {
        checkShouldUseKeyManagerFactory();
-        super.testMutualAuthInvalidIntermediateCASucceedWithOptionalClientAuth();
+        super.testMutualAuthInvalidIntermediateCAFailWithOptionalClientAuth(param);
    }
    @Override
-    @Test
+    public void testMutualAuthInvalidIntermediateCAFailWithRequiredClientAuth(SSLEngineTestParam param)
-    public void testMutualAuthInvalidIntermediateCAFailWithOptionalClientAuth() throws Exception {
+            throws Exception {
        checkShouldUseKeyManagerFactory();
-        super.testMutualAuthInvalidIntermediateCAFailWithOptionalClientAuth();
+        super.testMutualAuthInvalidIntermediateCAFailWithRequiredClientAuth(param);
    }
    @Override
-    @Test
+    public void testMutualAuthValidClientCertChainTooLongFailOptionalClientAuth(SSLEngineTestParam param)
-    public void testMutualAuthInvalidIntermediateCAFailWithRequiredClientAuth() throws Exception {
+            throws Exception {
        checkShouldUseKeyManagerFactory();
-        super.testMutualAuthInvalidIntermediateCAFailWithRequiredClientAuth();
+        super.testMutualAuthValidClientCertChainTooLongFailOptionalClientAuth(param);
    }
    @Override
-    @Test
+    public void testMutualAuthValidClientCertChainTooLongFailRequireClientAuth(SSLEngineTestParam param)
-    public void testMutualAuthValidClientCertChainTooLongFailOptionalClientAuth() throws Exception {
+            throws Exception {
        checkShouldUseKeyManagerFactory();
-        super.testMutualAuthValidClientCertChainTooLongFailOptionalClientAuth();
+        super.testMutualAuthValidClientCertChainTooLongFailRequireClientAuth(param);
    }
    @Override
-    @Test
+    public void testSessionAfterHandshakeKeyManagerFactoryMutualAuth(SSLEngineTestParam param) throws Exception {
    public void testMutualAuthValidClientCertChainTooLongFailRequireClientAuth() throws Exception {
        checkShouldUseKeyManagerFactory();
-        super.testMutualAuthValidClientCertChainTooLongFailRequireClientAuth();
+        super.testSessionAfterHandshakeKeyManagerFactoryMutualAuth(param);
    }
    @Override
-    @Test
+    public void testSessionAfterHandshakeKeyManagerFactory(SSLEngineTestParam param) throws Exception {
    public void testSessionAfterHandshakeKeyManagerFactoryMutualAuth() throws Exception {
        checkShouldUseKeyManagerFactory();
-        super.testSessionAfterHandshakeKeyManagerFactoryMutualAuth();
+        super.testSessionAfterHandshakeKeyManagerFactory(param);
    }
    @Override
    @Test
    public void testSessionAfterHandshakeKeyManagerFactory() throws Exception {
        checkShouldUseKeyManagerFactory();
        super.testSessionAfterHandshakeKeyManagerFactory();
    }
    @Override
@ -146,52 +124,47 @@ public class JdkOpenSslEngineInteroptTest extends SSLEngineTest {
    }
    @Override
-    public void testHandshakeSession() throws Exception {
+    public void testHandshakeSession(SSLEngineTestParam param) throws Exception {
        checkShouldUseKeyManagerFactory();
-        super.testHandshakeSession();
+        super.testHandshakeSession(param);
    }
    @Override
-    @Test
+    public void testSupportedSignatureAlgorithms(SSLEngineTestParam param) throws Exception {
    public void testSupportedSignatureAlgorithms() throws Exception {
        checkShouldUseKeyManagerFactory();
-        super.testSupportedSignatureAlgorithms();
+        super.testSupportedSignatureAlgorithms(param);
    }
    @Override
-    @Test
+    public void testSessionLocalWhenNonMutualWithKeyManager(SSLEngineTestParam param) throws Exception {
    public void testSessionLocalWhenNonMutualWithKeyManager() throws Exception {
        checkShouldUseKeyManagerFactory();
-        super.testSessionLocalWhenNonMutualWithKeyManager();
+        super.testSessionLocalWhenNonMutualWithKeyManager(param);
    }
    @Override
-    public void testSessionLocalWhenNonMutualWithoutKeyManager() throws Exception {
+    public void testSessionLocalWhenNonMutualWithoutKeyManager(SSLEngineTestParam param) throws Exception {
        // This only really works when the KeyManagerFactory is supported as otherwise we not really know when
        // we need to provide a cert.
        assumeTrue(OpenSsl.supportsKeyManagerFactory());
-        super.testSessionLocalWhenNonMutualWithoutKeyManager();
+        super.testSessionLocalWhenNonMutualWithoutKeyManager(param);
    }
    @Override
-    @Test
+    public void testSessionCache(SSLEngineTestParam param) throws Exception {
    public void testSessionCache() throws Exception {
        assumeTrue(OpenSsl.isSessionCacheSupported());
-        super.testSessionCache();
+        super.testSessionCache(param);
    }
    @Override
-    @Test
+    public void testSessionCacheTimeout(SSLEngineTestParam param) throws Exception {
    public void testSessionCacheTimeout() throws Exception {
        assumeTrue(OpenSsl.isSessionCacheSupported());
-        super.testSessionCacheTimeout();
+        super.testSessionCacheTimeout(param);
    }
    @Override
-    @Test
+    public void testSessionCacheSize(SSLEngineTestParam param) throws Exception {
    public void testSessionCacheSize() throws Exception {
        assumeTrue(OpenSsl.isSessionCacheSupported());
-        super.testSessionCacheSize();
+        super.testSessionCacheSize(param);
    }
    @Override
@ -201,9 +174,9 @@ public class JdkOpenSslEngineInteroptTest extends SSLEngineTest {
    @SuppressWarnings("deprecation")
    @Override
-    protected SslContext wrapContext(SslContext context) {
+    protected SslContext wrapContext(SSLEngineTestParam param, SslContext context) {
-        if (context instanceof OpenSslContext) {
+        if (context instanceof OpenSslContext && param instanceof OpenSslEngineTestParam) {
-            ((OpenSslContext) context).setUseTasks(useTasks);
+            ((OpenSslContext) context).setUseTasks(((OpenSslEngineTestParam) param).useTasks);
            // Explicit enable the session cache as its disabled by default on the client side.
            ((OpenSslContext) context).sessionContext().setSessionCacheEnabled(true);
        }
--- a/handler/src/test/java/io/netty/handler/ssl/JdkSslEngineTest.java
+++ b/handler/src/test/java/io/netty/handler/ssl/JdkSslEngineTest.java
@ -23,26 +23,23 @@ import io.netty.handler.ssl.JdkApplicationProtocolNegotiator.ProtocolSelectorFac
 import io.netty.handler.ssl.util.InsecureTrustManagerFactory;
 import io.netty.handler.ssl.util.SelfSignedCertificate;
 import java.security.Provider;
 import java.util.ArrayList;
 import java.util.Collection;
 import io.netty.util.internal.EmptyArrays;
-import org.junit.Ignore;
+import org.junit.AssumptionViolatedException;
-import org.junit.Test;
+import org.junit.jupiter.api.Disabled;
-import org.junit.runner.RunWith;
+import org.junit.jupiter.params.ParameterizedTest;
-import org.junit.runners.Parameterized;
+import org.junit.jupiter.params.provider.MethodSource;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Set;
 import java.util.concurrent.TimeUnit;
 import javax.net.ssl.SSLEngine;
 import javax.net.ssl.SSLHandshakeException;
-import static org.junit.Assert.assertNull;
+import static org.junit.jupiter.api.Assertions.assertNull;
-import static org.junit.Assert.assertTrue;
+import static org.junit.jupiter.api.Assertions.assertTrue;
 import static org.junit.Assume.assumeNoException;
@RunWith(Parameterized.class)
 public class JdkSslEngineTest extends SSLEngineTest {
    public enum ProviderType {
        NPN_JETTY {
@ -141,75 +138,88 @@ public class JdkSslEngineTest extends SSLEngineTest {
    private static final String FALLBACK_APPLICATION_LEVEL_PROTOCOL = "my-protocol-http1_1";
    private static final String APPLICATION_LEVEL_PROTOCOL_NOT_COMPATIBLE = "my-protocol-FOO";
    @Parameterized.Parameters(name = "{index}: providerType = {0}, bufferType = {1}, combo = {2}, delegate = {3}")
    public static Collection<Object[]> data() {
        List<Object[]> params = new ArrayList<Object[]>();
        for (ProviderType providerType : ProviderType.values()) {
            for (BufferType bufferType : BufferType.values()) {
                params.add(new Object[]{ providerType, bufferType, ProtocolCipherCombo.tlsv12(), true });
                params.add(new Object[]{ providerType, bufferType, ProtocolCipherCombo.tlsv12(), false });
                if (SslProvider.isTlsv13Supported(SslProvider.JDK)) {
                    params.add(new Object[] { providerType, bufferType, ProtocolCipherCombo.tlsv13(), true });
                    params.add(new Object[] { providerType, bufferType, ProtocolCipherCombo.tlsv13(), false });
                }
            }
        }
        return params;
    }
    private final ProviderType providerType;
    private Provider provider;
-    public JdkSslEngineTest(ProviderType providerType, BufferType bufferType,
+    public JdkSslEngineTest() {
-                            ProtocolCipherCombo protocolCipherCombo, boolean delegate) {
+        super(SslProvider.isTlsv13Supported(SslProvider.JDK));
        super(bufferType, protocolCipherCombo, delegate);
        this.providerType = providerType;
    }
-    @Test
+    List<JdkSSLEngineTestParam> newJdkParams() {
-    public void testTlsExtension() throws Exception {
+        List<SSLEngineTestParam> params = newTestParams();
        List<JdkSSLEngineTestParam> jdkParams = new ArrayList<JdkSSLEngineTestParam>();
        for (ProviderType providerType: ProviderType.values()) {
            for (SSLEngineTestParam param: params) {
                jdkParams.add(new JdkSSLEngineTestParam(providerType, param));
            }
        }
        return jdkParams;
    }
    private static final class JdkSSLEngineTestParam extends SSLEngineTestParam {
        final ProviderType providerType;
        JdkSSLEngineTestParam(ProviderType providerType, SSLEngineTestParam param) {
            super(param.type(), param.combo(), param.delegate());
            this.providerType = providerType;
        }
        @Override
        public String toString() {
            return "JdkSSLEngineTestParam{" +
                    "type=" + type() +
                    ", protocolCipherCombo=" + combo() +
                    ", delegate=" + delegate() +
                    ", providerType=" + providerType +
                    '}';
        }
    }
    @MethodSource("newJdkParams")
    @ParameterizedTest
    public void testTlsExtension(JdkSSLEngineTestParam param) throws Exception {
        try {
-            providerType.activate(this);
+            param.providerType.activate(this);
-            ApplicationProtocolConfig apn = failingNegotiator(providerType.protocol(),
+            ApplicationProtocolConfig apn = failingNegotiator(param.providerType.protocol(),
                PREFERRED_APPLICATION_LEVEL_PROTOCOL);
-            setupHandlers(apn);
+            setupHandlers(param, apn);
            runTest();
        } catch (SkipTestException e) {
            // ALPN availability is dependent on the java version. If ALPN is not available because of
            // java version incompatibility don't fail the test, but instead just skip the test
-            assumeNoException(e);
+            throw new AssumptionViolatedException("Not expected", e);
        }
    }
-    @Test
+    @MethodSource("newJdkParams")
-    public void testTlsExtensionNoCompatibleProtocolsNoHandshakeFailure() throws Exception {
+    @ParameterizedTest
    public void testTlsExtensionNoCompatibleProtocolsNoHandshakeFailure(JdkSSLEngineTestParam param) throws Exception {
        try {
-            providerType.activate(this);
+            param.providerType.activate(this);
-            ApplicationProtocolConfig clientApn = acceptingNegotiator(providerType.protocol(),
+            ApplicationProtocolConfig clientApn = acceptingNegotiator(param.providerType.protocol(),
                PREFERRED_APPLICATION_LEVEL_PROTOCOL);
-            ApplicationProtocolConfig serverApn = acceptingNegotiator(providerType.protocol(),
+            ApplicationProtocolConfig serverApn = acceptingNegotiator(param.providerType.protocol(),
                APPLICATION_LEVEL_PROTOCOL_NOT_COMPATIBLE);
-            setupHandlers(serverApn, clientApn);
+            setupHandlers(param, serverApn, clientApn);
            runTest(null);
        } catch (SkipTestException e) {
            // ALPN availability is dependent on the java version. If ALPN is not available because of
            // java version incompatibility don't fail the test, but instead just skip the test
-            assumeNoException(e);
+            throw new AssumptionViolatedException("Not expected", e);
        }
    }
-    @Test
+    @MethodSource("newJdkParams")
-    public void testTlsExtensionNoCompatibleProtocolsClientHandshakeFailure() throws Exception {
+    @ParameterizedTest
    public void testTlsExtensionNoCompatibleProtocolsClientHandshakeFailure(JdkSSLEngineTestParam param)
            throws Exception {
        try {
-            providerType.activate(this);
+            param.providerType.activate(this);
-            if (providerType == ProviderType.NPN_JETTY) {
+            if (param.providerType == ProviderType.NPN_JETTY) {
-                ApplicationProtocolConfig clientApn = failingNegotiator(providerType.protocol(),
+                ApplicationProtocolConfig clientApn = failingNegotiator(param.providerType.protocol(),
                    PREFERRED_APPLICATION_LEVEL_PROTOCOL);
-                ApplicationProtocolConfig serverApn = acceptingNegotiator(providerType.protocol(),
+                ApplicationProtocolConfig serverApn = acceptingNegotiator(param.providerType.protocol(),
                    APPLICATION_LEVEL_PROTOCOL_NOT_COMPATIBLE);
-                setupHandlers(serverApn, clientApn);
+                setupHandlers(param, serverApn, clientApn);
                assertTrue(clientLatch.await(2, TimeUnit.SECONDS));
                assertTrue(clientException instanceof SSLHandshakeException);
            } else {
@ -235,14 +245,15 @@ public class JdkSslEngineTest extends SSLEngineTest {
                    }, JdkBaseApplicationProtocolNegotiator.FAIL_SELECTION_LISTENER_FACTORY,
                    APPLICATION_LEVEL_PROTOCOL_NOT_COMPATIBLE);
-                SslContext serverSslCtx = new JdkSslServerContext(providerType.provider(),
+                SslContext serverSslCtx = new JdkSslServerContext(param.providerType.provider(),
                    ssc.certificate(), ssc.privateKey(), null, null,
                    IdentityCipherSuiteFilter.INSTANCE, serverApn, 0, 0, null);
-                SslContext clientSslCtx = new JdkSslClientContext(providerType.provider(), null,
+                SslContext clientSslCtx = new JdkSslClientContext(param.providerType.provider(), null,
                    InsecureTrustManagerFactory.INSTANCE, null,
                    IdentityCipherSuiteFilter.INSTANCE, clientApn, 0, 0);
-                setupHandlers(new TestDelegatingSslContext(serverSslCtx), new TestDelegatingSslContext(clientSslCtx));
+                setupHandlers(param.type(), param.delegate(), new TestDelegatingSslContext(param, serverSslCtx),
                        new TestDelegatingSslContext(param, clientSslCtx));
                assertTrue(clientLatch.await(2, TimeUnit.SECONDS));
                // When using TLSv1.3 the handshake is NOT sent in an extra round trip which means there will be
                // no exception reported in this case but just the channel will be closed.
@ -251,35 +262,38 @@ public class JdkSslEngineTest extends SSLEngineTest {
        } catch (SkipTestException e) {
            // ALPN availability is dependent on the java version. If ALPN is not available because of
            // java version incompatibility don't fail the test, but instead just skip the test
-            assumeNoException(e);
+            throw new AssumptionViolatedException("Not expected", e);
        }
    }
-    @Test
+    @MethodSource("newJdkParams")
-    public void testTlsExtensionNoCompatibleProtocolsServerHandshakeFailure() throws Exception {
+    @ParameterizedTest
    public void testTlsExtensionNoCompatibleProtocolsServerHandshakeFailure(JdkSSLEngineTestParam param)
            throws Exception {
        try {
-            providerType.activate(this);
+            param.providerType.activate(this);
-            ApplicationProtocolConfig clientApn = acceptingNegotiator(providerType.protocol(),
+            ApplicationProtocolConfig clientApn = acceptingNegotiator(param.providerType.protocol(),
                PREFERRED_APPLICATION_LEVEL_PROTOCOL);
-            ApplicationProtocolConfig serverApn = failingNegotiator(providerType.protocol(),
+            ApplicationProtocolConfig serverApn = failingNegotiator(param.providerType.protocol(),
                APPLICATION_LEVEL_PROTOCOL_NOT_COMPATIBLE);
-            setupHandlers(serverApn, clientApn);
+            setupHandlers(param, serverApn, clientApn);
            assertTrue(serverLatch.await(2, TimeUnit.SECONDS));
            assertTrue(serverException instanceof SSLHandshakeException);
        } catch (SkipTestException e) {
            // ALPN availability is dependent on the java version. If ALPN is not available because of
            // java version incompatibility don't fail the test, but instead just skip the test
-            assumeNoException(e);
+            throw new AssumptionViolatedException("Not expected", e);
        }
    }
-    @Test
+    @MethodSource("newJdkParams")
-    public void testAlpnCompatibleProtocolsDifferentClientOrder() throws Exception {
+    @ParameterizedTest
    public void testAlpnCompatibleProtocolsDifferentClientOrder(JdkSSLEngineTestParam param) throws Exception {
        try {
-            providerType.activate(this);
+            param.providerType.activate(this);
-            if (providerType == ProviderType.NPN_JETTY) {
+            if (param.providerType == ProviderType.NPN_JETTY) {
                // This test only applies to ALPN.
-                throw tlsExtensionNotFound(providerType.protocol());
+                throw tlsExtensionNotFound(param.providerType.protocol());
            }
            // Even the preferred application protocol appears second in the client's list, it will be picked
            // because it's the first one on server's list.
@ -287,29 +301,32 @@ public class JdkSslEngineTest extends SSLEngineTest {
                FALLBACK_APPLICATION_LEVEL_PROTOCOL, PREFERRED_APPLICATION_LEVEL_PROTOCOL);
            ApplicationProtocolConfig serverApn = failingNegotiator(Protocol.ALPN,
                PREFERRED_APPLICATION_LEVEL_PROTOCOL, FALLBACK_APPLICATION_LEVEL_PROTOCOL);
-            setupHandlers(serverApn, clientApn);
+            setupHandlers(param, serverApn, clientApn);
            assertNull(serverException);
            runTest(PREFERRED_APPLICATION_LEVEL_PROTOCOL);
        } catch (SkipTestException e) {
            // ALPN availability is dependent on the java version. If ALPN is not available because of
            // java version incompatibility don't fail the test, but instead just skip the test
-            assumeNoException(e);
+            throw new AssumptionViolatedException("Not expected", e);
        }
    }
-    @Test
+    @MethodSource("newTestParams")
-    public void testEnablingAnAlreadyDisabledSslProtocol() throws Exception {
+    @ParameterizedTest
-        testEnablingAnAlreadyDisabledSslProtocol(new String[]{}, new String[]{ SslProtocols.TLS_v1_2 });
+    public void testEnablingAnAlreadyDisabledSslProtocol(SSLEngineTestParam param) throws Exception {
        testEnablingAnAlreadyDisabledSslProtocol(param, new String[]{}, new String[]{ SslProtocols.TLS_v1_2 });
    }
-    @Ignore /* Does the JDK support a "max certificate chain length"? */
+    @Disabled /* Does the JDK support a "max certificate chain length"? */
    @Override
-    public void testMutualAuthValidClientCertChainTooLongFailOptionalClientAuth() throws Exception {
+    public void testMutualAuthValidClientCertChainTooLongFailOptionalClientAuth(SSLEngineTestParam param)
            throws Exception {
    }
-    @Ignore /* Does the JDK support a "max certificate chain length"? */
+    @Disabled /* Does the JDK support a "max certificate chain length"? */
    @Override
-    public void testMutualAuthValidClientCertChainTooLongFailRequireClientAuth() throws Exception {
+    public void testMutualAuthValidClientCertChainTooLongFailRequireClientAuth(SSLEngineTestParam param)
            throws Exception {
    }
    @Override
@ -368,15 +385,18 @@ public class JdkSslEngineTest extends SSLEngineTest {
        }
    }
-    private final class TestDelegatingSslContext extends DelegatingSslContext {
+    private static final class TestDelegatingSslContext extends DelegatingSslContext {
-        TestDelegatingSslContext(SslContext ctx) {
+        private final SSLEngineTestParam param;
        TestDelegatingSslContext(SSLEngineTestParam param, SslContext ctx) {
            super(ctx);
            this.param = param;
        }
        @Override
        protected void initEngine(SSLEngine engine) {
-            engine.setEnabledProtocols(protocols());
+            engine.setEnabledProtocols(param.protocols().toArray(EmptyArrays.EMPTY_STRINGS));
-            engine.setEnabledCipherSuites(ciphers().toArray(EmptyArrays.EMPTY_STRINGS));
+            engine.setEnabledCipherSuites(param.ciphers().toArray(EmptyArrays.EMPTY_STRINGS));
        }
    }
 }
--- a/handler/src/test/java/io/netty/handler/ssl/OpenSslClientContextTest.java
+++ b/handler/src/test/java/io/netty/handler/ssl/OpenSslClientContextTest.java
@ -16,14 +16,14 @@
 package io.netty.handler.ssl;
 import io.netty.handler.ssl.util.InsecureTrustManagerFactory;
-import org.junit.BeforeClass;
+import org.junit.jupiter.api.BeforeAll;
 import javax.net.ssl.SSLException;
 import java.io.File;
 public class OpenSslClientContextTest extends SslContextTest  {
-    @BeforeClass
+    @BeforeAll
    public static void checkOpenSsl() {
        OpenSsl.ensureAvailability();
    }
--- a/handler/src/test/java/io/netty/handler/ssl/OpenSslConscryptSslEngineInteropTest.java
+++ b/handler/src/test/java/io/netty/handler/ssl/OpenSslConscryptSslEngineInteropTest.java
@ -15,47 +15,33 @@
 */
 package io.netty.handler.ssl;
-import org.junit.BeforeClass;
+import org.junit.jupiter.api.BeforeAll;
-import org.junit.Ignore;
+import org.junit.jupiter.api.Disabled;
-import org.junit.Test;
+import org.junit.jupiter.api.condition.DisabledIf;
 import org.junit.runner.RunWith;
 import org.junit.runners.Parameterized;
 import javax.net.ssl.SSLEngine;
 import javax.net.ssl.SSLSessionContext;
 import java.security.Provider;
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.List;
 import static io.netty.handler.ssl.OpenSslTestUtils.checkShouldUseKeyManagerFactory;
-import static org.junit.Assume.assumeTrue;
+import static org.junit.jupiter.api.Assumptions.assumeTrue;
-@RunWith(Parameterized.class)
+@DisabledIf("checkConscryptDisabled")
 public class OpenSslConscryptSslEngineInteropTest extends ConscryptSslEngineTest {
-
+    @Override
-    @Parameterized.Parameters(name = "{index}: bufferType = {0}, combo = {1}, delegate = {2}, useTasks = {3}")
+    protected List<SSLEngineTestParam> newTestParams() {
-    public static Collection<Object[]> data() {
+        List<SSLEngineTestParam> params = super.newTestParams();
-        List<Object[]> params = new ArrayList<Object[]>();
+        List<SSLEngineTestParam> testParams = new ArrayList<SSLEngineTestParam>();
-        for (BufferType type: BufferType.values()) {
+        for (SSLEngineTestParam param: params) {
-            params.add(new Object[] { type, ProtocolCipherCombo.tlsv12(), false, false });
+            testParams.add(new OpenSslEngineTestParam(true, param));
-            params.add(new Object[] { type, ProtocolCipherCombo.tlsv12(), false, true });
+            testParams.add(new OpenSslEngineTestParam(false, param));
            params.add(new Object[] { type, ProtocolCipherCombo.tlsv12(), true, false });
            params.add(new Object[] { type, ProtocolCipherCombo.tlsv12(), true, true });
        }
-        return params;
+        return testParams;
    }
-    private final boolean useTasks;
+    @BeforeAll
    public OpenSslConscryptSslEngineInteropTest(BufferType type, ProtocolCipherCombo combo,
                                                boolean delegate, boolean useTasks) {
        super(type, combo, delegate);
        this.useTasks = useTasks;
    }
    @BeforeClass
    public static void checkOpenssl() {
        OpenSsl.ensureAvailability();
    }
@ -76,17 +62,15 @@ public class OpenSslConscryptSslEngineInteropTest extends ConscryptSslEngineTest
    }
    @Override
-    @Test
+    @Disabled("TODO: Make this work with Conscrypt")
-    @Ignore("TODO: Make this work with Conscrypt")
+    public void testMutualAuthValidClientCertChainTooLongFailOptionalClientAuth(SSLEngineTestParam param) {
-    public void testMutualAuthValidClientCertChainTooLongFailOptionalClientAuth() {
+        super.testMutualAuthValidClientCertChainTooLongFailOptionalClientAuth(param);
        super.testMutualAuthValidClientCertChainTooLongFailOptionalClientAuth();
    }
    @Override
-    @Test
+    @Disabled("TODO: Make this work with Conscrypt")
-    @Ignore("TODO: Make this work with Conscrypt")
+    public void testMutualAuthValidClientCertChainTooLongFailRequireClientAuth(SSLEngineTestParam param) {
-    public void testMutualAuthValidClientCertChainTooLongFailRequireClientAuth() {
+        super.testMutualAuthValidClientCertChainTooLongFailRequireClientAuth(param);
        super.testMutualAuthValidClientCertChainTooLongFailRequireClientAuth();
    }
    @Override
@ -96,38 +80,36 @@ public class OpenSslConscryptSslEngineInteropTest extends ConscryptSslEngineTest
    }
    @Override
-    @Test
+    public void testMutualAuthInvalidIntermediateCASucceedWithOptionalClientAuth(SSLEngineTestParam param)
-    public void testMutualAuthInvalidIntermediateCASucceedWithOptionalClientAuth() throws Exception {
+            throws Exception {
        checkShouldUseKeyManagerFactory();
-        super.testMutualAuthInvalidIntermediateCASucceedWithOptionalClientAuth();
+        super.testMutualAuthInvalidIntermediateCASucceedWithOptionalClientAuth(param);
    }
    @Override
-    @Test
+    public void testMutualAuthInvalidIntermediateCAFailWithOptionalClientAuth(SSLEngineTestParam param)
-    public void testMutualAuthInvalidIntermediateCAFailWithOptionalClientAuth() throws Exception {
+            throws Exception {
        checkShouldUseKeyManagerFactory();
-        super.testMutualAuthInvalidIntermediateCAFailWithOptionalClientAuth();
+        super.testMutualAuthInvalidIntermediateCAFailWithOptionalClientAuth(param);
    }
    @Override
-    @Test
+    public void testMutualAuthInvalidIntermediateCAFailWithRequiredClientAuth(SSLEngineTestParam param)
-    public void testMutualAuthInvalidIntermediateCAFailWithRequiredClientAuth() throws Exception {
+            throws Exception {
        checkShouldUseKeyManagerFactory();
-        super.testMutualAuthInvalidIntermediateCAFailWithRequiredClientAuth();
+        super.testMutualAuthInvalidIntermediateCAFailWithRequiredClientAuth(param);
    }
    @Override
-    @Test
+    public void testSessionAfterHandshakeKeyManagerFactoryMutualAuth(SSLEngineTestParam param) throws Exception {
    public void testSessionAfterHandshakeKeyManagerFactoryMutualAuth() throws Exception {
        checkShouldUseKeyManagerFactory();
-        super.testSessionAfterHandshakeKeyManagerFactoryMutualAuth();
+        super.testSessionAfterHandshakeKeyManagerFactoryMutualAuth(param);
    }
    @Override
-    @Test
+    public void testSupportedSignatureAlgorithms(SSLEngineTestParam param) throws Exception {
    public void testSupportedSignatureAlgorithms() throws Exception {
        checkShouldUseKeyManagerFactory();
-        super.testSupportedSignatureAlgorithms();
+        super.testSupportedSignatureAlgorithms(param);
    }
    @Override
@ -137,31 +119,27 @@ public class OpenSslConscryptSslEngineInteropTest extends ConscryptSslEngineTest
    }
    @Override
-    @Test
+    public void testSessionLocalWhenNonMutualWithKeyManager(SSLEngineTestParam param) throws Exception {
    public void testSessionLocalWhenNonMutualWithKeyManager() throws Exception {
        checkShouldUseKeyManagerFactory();
-        super.testSessionLocalWhenNonMutualWithKeyManager();
+        super.testSessionLocalWhenNonMutualWithKeyManager(param);
    }
    @Override
-    @Test
+    public void testSessionCache(SSLEngineTestParam param) throws Exception {
    public void testSessionCache() throws Exception {
        assumeTrue(OpenSsl.isSessionCacheSupported());
-        super.testSessionCache();
+        super.testSessionCache(param);
    }
    @Override
-    @Test
+    public void testSessionCacheTimeout(SSLEngineTestParam param) throws Exception {
    public void testSessionCacheTimeout() throws Exception {
        assumeTrue(OpenSsl.isSessionCacheSupported());
-        super.testSessionCacheTimeout();
+        super.testSessionCacheTimeout(param);
    }
    @Override
-    @Test
+    public void testSessionCacheSize(SSLEngineTestParam param) throws Exception {
    public void testSessionCacheSize() throws Exception {
        assumeTrue(OpenSsl.isSessionCacheSupported());
-        super.testSessionCacheSize();
+        super.testSessionCacheSize(param);
    }
    @Override
@ -176,9 +154,11 @@ public class OpenSslConscryptSslEngineInteropTest extends ConscryptSslEngineTest
    @SuppressWarnings("deprecation")
    @Override
-    protected SslContext wrapContext(SslContext context) {
+    protected SslContext wrapContext(SSLEngineTestParam param, SslContext context) {
        if (context instanceof OpenSslContext) {
-            ((OpenSslContext) context).setUseTasks(useTasks);
+            if (param instanceof OpenSslEngineTestParam) {
                ((OpenSslContext) context).setUseTasks(((OpenSslEngineTestParam) param).useTasks);
            }
            // Explicit enable the session cache as its disabled by default on the client side.
            ((OpenSslContext) context).sessionContext().setSessionCacheEnabled(true);
        }
--- a/handler/src/test/java/io/netty/handler/ssl/OpenSslEngineTest.java
+++ b/handler/src/test/java/io/netty/handler/ssl/OpenSslEngineTest.java
--- a/handler/src/test/java/io/netty/handler/ssl/OpenSslEngineTestParam.java
+++ b/handler/src/test/java/io/netty/handler/ssl/OpenSslEngineTestParam.java
@ -0,0 +1,34 @@
 /*
 * Copyright 2021 The Netty Project
 *
 * The Netty Project licenses this file to you under the Apache License,
 * version 2.0 (the "License"); you may not use this file except in compliance
 * with the License. You may obtain a copy of the License at:
 *
 *   https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
 * License for the specific language governing permissions and limitations
 * under the License.
 */
 package io.netty.handler.ssl;
 final class OpenSslEngineTestParam extends SSLEngineTest.SSLEngineTestParam {
    final boolean useTasks;
    OpenSslEngineTestParam(boolean useTasks, SSLEngineTest.SSLEngineTestParam param) {
        super(param.type(), param.combo(), param.delegate());
        this.useTasks = useTasks;
    }
    @Override
    public String toString() {
        return "OpenSslEngineTestParam{" +
                "type=" + type() +
                ", protocolCipherCombo=" + combo() +
                ", delegate=" + delegate() +
                ", useTasks=" + useTasks +
                '}';
    }
 }
--- a/handler/src/test/java/io/netty/handler/ssl/OpenSslErrorStackAssertSSLEngine.java
+++ b/handler/src/test/java/io/netty/handler/ssl/OpenSslErrorStackAssertSSLEngine.java
@ -18,7 +18,6 @@ package io.netty.handler.ssl;
 import io.netty.internal.tcnative.SSL;
 import io.netty.util.ReferenceCounted;
 import io.netty.util.internal.PlatformDependent;
 import org.junit.Assert;
 import javax.net.ssl.SSLEngine;
 import javax.net.ssl.SSLEngineResult;
@ -29,6 +28,8 @@ import java.nio.ByteBuffer;
 import java.util.List;
 import java.util.function.BiFunction;
 import static org.junit.jupiter.api.Assertions.assertEquals;
 /**
 * Special {@link SSLEngine} which allows to wrap a {@link ReferenceCountedOpenSslEngine} and verify that that
 * Error stack is empty after each method call.
@ -436,6 +437,6 @@ final class OpenSslErrorStackAssertSSLEngine extends JdkSslEngine implements Ref
    private static void assertErrorStackEmpty() {
        long error = SSL.getLastErrorNumber();
-        Assert.assertEquals("SSL error stack non-empty: " + SSL.getErrorString(error), 0, error);
+        assertEquals(0, error, "SSL error stack non-empty: " + SSL.getErrorString(error));
    }
 }
--- a/handler/src/test/java/io/netty/handler/ssl/OpenSslJdkSslEngineInteroptTest.java
+++ b/handler/src/test/java/io/netty/handler/ssl/OpenSslJdkSslEngineInteroptTest.java
@ -15,57 +15,38 @@
 */
 package io.netty.handler.ssl;
-import org.junit.BeforeClass;
+import org.junit.jupiter.api.BeforeAll;
-import org.junit.Ignore;
+import org.junit.jupiter.api.Disabled;
 import org.junit.Test;
 import javax.net.ssl.SSLEngine;
 import org.junit.runner.RunWith;
 import org.junit.runners.Parameterized;
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.List;
 import static io.netty.handler.ssl.OpenSslTestUtils.checkShouldUseKeyManagerFactory;
-import static org.junit.Assume.assumeTrue;
+import static org.junit.jupiter.api.Assumptions.assumeTrue;
@RunWith(Parameterized.class)
 public class OpenSslJdkSslEngineInteroptTest extends SSLEngineTest {
-    @Parameterized.Parameters(name = "{index}: bufferType = {0}, combo = {1}, delegate = {2}, useTasks = {3}")
+    public OpenSslJdkSslEngineInteroptTest() {
-    public static Collection<Object[]> data() {
+        super(SslProvider.isTlsv13Supported(SslProvider.JDK) &&
-        List<Object[]> params = new ArrayList<Object[]>();
+                SslProvider.isTlsv13Supported(SslProvider.OPENSSL));
-        for (BufferType type: BufferType.values()) {
+    }
            params.add(new Object[] { type, ProtocolCipherCombo.tlsv12(), false, false });
            params.add(new Object[] { type, ProtocolCipherCombo.tlsv12(), false, true });
-            params.add(new Object[] { type, ProtocolCipherCombo.tlsv12(), true, false});
+    @Override
-            params.add(new Object[] { type, ProtocolCipherCombo.tlsv12(), true, true });
+    protected List<SSLEngineTestParam> newTestParams() {
-
+        List<SSLEngineTestParam> params = super.newTestParams();
-            if (SslProvider.isTlsv13Supported(SslProvider.JDK) && SslProvider.isTlsv13Supported(SslProvider.OPENSSL)) {
+        List<SSLEngineTestParam> testParams = new ArrayList<SSLEngineTestParam>();
-                params.add(new Object[] { type, ProtocolCipherCombo.tlsv13(), false, false });
+        for (SSLEngineTestParam param: params) {
-                params.add(new Object[] { type, ProtocolCipherCombo.tlsv13(), false, true });
+            testParams.add(new OpenSslEngineTestParam(true, param));
-
+            testParams.add(new OpenSslEngineTestParam(false, param));
                params.add(new Object[] { type, ProtocolCipherCombo.tlsv13(), true, false });
                params.add(new Object[] { type, ProtocolCipherCombo.tlsv13(), true, true });
            }
        }
-        return params;
+        return testParams;
    }
-    private final boolean useTasks;
+    @BeforeAll
    public OpenSslJdkSslEngineInteroptTest(BufferType type, ProtocolCipherCombo combo,
                                           boolean delegate, boolean useTasks) {
        super(type, combo, delegate);
        this.useTasks = useTasks;
    }
    @BeforeClass
    public static void checkOpenSsl() {
-        assumeTrue(OpenSsl.isAvailable());
+        OpenSsl.ensureAvailability();
    }
    @Override
@ -78,42 +59,43 @@ public class OpenSslJdkSslEngineInteroptTest extends SSLEngineTest {
        return SslProvider.JDK;
    }
-    @Ignore /* Does the JDK support a "max certificate chain length"? */
+    @Disabled /* Does the JDK support a "max certificate chain length"? */
    @Override
-    public void testMutualAuthValidClientCertChainTooLongFailOptionalClientAuth() throws Exception {
+    public void testMutualAuthValidClientCertChainTooLongFailOptionalClientAuth(SSLEngineTestParam param)
            throws Exception {
    }
-    @Ignore /* Does the JDK support a "max certificate chain length"? */
+    @Disabled /* Does the JDK support a "max certificate chain length"? */
    @Override
-    public void testMutualAuthValidClientCertChainTooLongFailRequireClientAuth() throws Exception {
+    public void testMutualAuthValidClientCertChainTooLongFailRequireClientAuth(SSLEngineTestParam param)
            throws Exception {
    }
    @Override
-    @Test
+    public void testMutualAuthInvalidIntermediateCASucceedWithOptionalClientAuth(SSLEngineTestParam param)
-    public void testMutualAuthInvalidIntermediateCASucceedWithOptionalClientAuth() throws Exception {
+            throws Exception {
        checkShouldUseKeyManagerFactory();
-        super.testMutualAuthInvalidIntermediateCASucceedWithOptionalClientAuth();
+        super.testMutualAuthInvalidIntermediateCASucceedWithOptionalClientAuth(param);
    }
    @Override
-    @Test
+    public void testMutualAuthInvalidIntermediateCAFailWithOptionalClientAuth(SSLEngineTestParam param)
-    public void testMutualAuthInvalidIntermediateCAFailWithOptionalClientAuth() throws Exception {
+            throws Exception {
        checkShouldUseKeyManagerFactory();
-        super.testMutualAuthInvalidIntermediateCAFailWithOptionalClientAuth();
+        super.testMutualAuthInvalidIntermediateCAFailWithOptionalClientAuth(param);
    }
    @Override
-    @Test
+    public void testMutualAuthInvalidIntermediateCAFailWithRequiredClientAuth(SSLEngineTestParam param)
-    public void testMutualAuthInvalidIntermediateCAFailWithRequiredClientAuth() throws Exception {
+            throws Exception {
        checkShouldUseKeyManagerFactory();
-        super.testMutualAuthInvalidIntermediateCAFailWithRequiredClientAuth();
+        super.testMutualAuthInvalidIntermediateCAFailWithRequiredClientAuth(param);
    }
    @Override
-    @Test
+    public void testSessionAfterHandshakeKeyManagerFactoryMutualAuth(SSLEngineTestParam param) throws Exception {
    public void testSessionAfterHandshakeKeyManagerFactoryMutualAuth() throws Exception {
        checkShouldUseKeyManagerFactory();
-        super.testSessionAfterHandshakeKeyManagerFactoryMutualAuth();
+        super.testSessionAfterHandshakeKeyManagerFactoryMutualAuth(param);
    }
    @Override
@ -123,52 +105,47 @@ public class OpenSslJdkSslEngineInteroptTest extends SSLEngineTest {
    }
    @Override
-    public void testHandshakeSession() throws Exception {
+    public void testHandshakeSession(SSLEngineTestParam param) throws Exception {
        checkShouldUseKeyManagerFactory();
-        super.testHandshakeSession();
+        super.testHandshakeSession(param);
    }
    @Override
-    @Test
+    public void testSupportedSignatureAlgorithms(SSLEngineTestParam param) throws Exception {
    public void testSupportedSignatureAlgorithms() throws Exception {
        checkShouldUseKeyManagerFactory();
-        super.testSupportedSignatureAlgorithms();
+        super.testSupportedSignatureAlgorithms(param);
    }
    @Override
-    @Test
+    public void testSessionLocalWhenNonMutualWithKeyManager(SSLEngineTestParam param) throws Exception {
    public void testSessionLocalWhenNonMutualWithKeyManager() throws Exception {
        checkShouldUseKeyManagerFactory();
-        super.testSessionLocalWhenNonMutualWithKeyManager();
+        super.testSessionLocalWhenNonMutualWithKeyManager(param);
    }
    @Override
-    public void testSessionLocalWhenNonMutualWithoutKeyManager() throws Exception {
+    public void testSessionLocalWhenNonMutualWithoutKeyManager(SSLEngineTestParam param) throws Exception {
        // This only really works when the KeyManagerFactory is supported as otherwise we not really know when
        // we need to provide a cert.
        assumeTrue(OpenSsl.supportsKeyManagerFactory());
-        super.testSessionLocalWhenNonMutualWithoutKeyManager();
+        super.testSessionLocalWhenNonMutualWithoutKeyManager(param);
    }
    @Override
-    @Test
+    public void testSessionCache(SSLEngineTestParam param) throws Exception {
    public void testSessionCache() throws Exception {
        assumeTrue(OpenSsl.isSessionCacheSupported());
-        super.testSessionCache();
+        super.testSessionCache(param);
    }
    @Override
-    @Test
+    public void testSessionCacheTimeout(SSLEngineTestParam param) throws Exception {
    public void testSessionCacheTimeout() throws Exception {
        assumeTrue(OpenSsl.isSessionCacheSupported());
-        super.testSessionCacheTimeout();
+        super.testSessionCacheTimeout(param);
    }
    @Override
-    @Test
+    public void testSessionCacheSize(SSLEngineTestParam param) throws Exception {
    public void testSessionCacheSize() throws Exception {
        assumeTrue(OpenSsl.isSessionCacheSupported());
-        super.testSessionCacheSize();
+        super.testSessionCacheSize(param);
    }
    @Override
@ -178,9 +155,9 @@ public class OpenSslJdkSslEngineInteroptTest extends SSLEngineTest {
    @SuppressWarnings("deprecation")
    @Override
-    protected SslContext wrapContext(SslContext context) {
+    protected SslContext wrapContext(SSLEngineTestParam param, SslContext context) {
-        if (context instanceof OpenSslContext) {
+        if (context instanceof OpenSslContext && param instanceof OpenSslEngineTestParam) {
-            ((OpenSslContext) context).setUseTasks(useTasks);
+            ((OpenSslContext) context).setUseTasks(((OpenSslEngineTestParam) param).useTasks);
            // Explicit enable the session cache as its disabled by default on the client side.
            ((OpenSslContext) context).sessionContext().setSessionCacheEnabled(true);
        }
--- a/handler/src/test/java/io/netty/handler/ssl/OpenSslRenegotiateTest.java
+++ b/handler/src/test/java/io/netty/handler/ssl/OpenSslRenegotiateTest.java
@ -15,7 +15,7 @@
 */
 package io.netty.handler.ssl;
-import org.junit.BeforeClass;
+import org.junit.jupiter.api.BeforeAll;
 import java.util.concurrent.atomic.AtomicReference;
@ -24,11 +24,10 @@ import javax.net.ssl.SSLException;
 import static org.hamcrest.MatcherAssert.assertThat;
 import static org.hamcrest.Matchers.instanceOf;
 import static org.hamcrest.Matchers.is;
 import static org.junit.Assume.assumeTrue;
 public class OpenSslRenegotiateTest extends RenegotiateTest {
-    @BeforeClass
+    @BeforeAll
    public static void checkOpenSsl() {
        OpenSsl.ensureAvailability();
    }
--- a/handler/src/test/java/io/netty/handler/ssl/OpenSslServerContextTest.java
+++ b/handler/src/test/java/io/netty/handler/ssl/OpenSslServerContextTest.java
@ -15,14 +15,14 @@
 */
 package io.netty.handler.ssl;
-import org.junit.BeforeClass;
+import org.junit.jupiter.api.BeforeAll;
 import javax.net.ssl.SSLException;
 import java.io.File;
 public class OpenSslServerContextTest extends SslContextTest {
-    @BeforeClass
+    @BeforeAll
    public static void checkOpenSsl() {
        OpenSsl.ensureAvailability();
    }
--- a/handler/src/test/java/io/netty/handler/ssl/ReferenceCountedOpenSslEngineTest.java
+++ b/handler/src/test/java/io/netty/handler/ssl/ReferenceCountedOpenSslEngineTest.java
@ -18,19 +18,17 @@ package io.netty.handler.ssl;
 import io.netty.buffer.UnpooledByteBufAllocator;
 import io.netty.handler.ssl.util.InsecureTrustManagerFactory;
 import io.netty.util.ReferenceCountUtil;
-import org.junit.Test;
+import org.junit.jupiter.api.function.Executable;
 import org.junit.jupiter.params.ParameterizedTest;
 import org.junit.jupiter.params.provider.MethodSource;
 import javax.net.ssl.SSLEngine;
-import static junit.framework.TestCase.*;
+import static org.junit.jupiter.api.Assertions.assertEquals;
 import static org.junit.jupiter.api.Assertions.assertThrows;
 public class ReferenceCountedOpenSslEngineTest extends OpenSslEngineTest {
    public ReferenceCountedOpenSslEngineTest(BufferType type, ProtocolCipherCombo combo, boolean delegate,
                                             boolean useTasks) {
        super(type, combo, delegate, useTasks);
    }
    @Override
    protected SslProvider sslClientProvider() {
        return SslProvider.OPENSSL_REFCNT;
@ -61,37 +59,46 @@ public class ReferenceCountedOpenSslEngineTest extends OpenSslEngineTest {
        ReferenceCountUtil.release(unwrapEngine(engine));
    }
-    @Test(expected = NullPointerException.class)
+    @MethodSource("newTestParams")
-    public void testNotLeakOnException() throws Exception {
+    @ParameterizedTest
-        clientSslCtx = wrapContext(SslContextBuilder.forClient()
+    public void testNotLeakOnException(SSLEngineTestParam param) throws Exception {
        clientSslCtx = wrapContext(param, SslContextBuilder.forClient()
                                        .trustManager(InsecureTrustManagerFactory.INSTANCE)
                                        .sslProvider(sslClientProvider())
-                                        .protocols(protocols())
+                                        .protocols(param.protocols())
-                                        .ciphers(ciphers())
+                                        .ciphers(param.ciphers())
                                        .build());
-        clientSslCtx.newEngine(null);
+        assertThrows(NullPointerException.class, new Executable() {
            @Override
            public void execute() throws Throwable {
                clientSslCtx.newEngine(null);
            }
        });
    }
    @SuppressWarnings("deprecation")
    @Override
-    protected SslContext wrapContext(SslContext context) {
+    protected SslContext wrapContext(SSLEngineTestParam param, SslContext context) {
        if (context instanceof ReferenceCountedOpenSslContext) {
-            ((ReferenceCountedOpenSslContext) context).setUseTasks(useTasks);
+            if (param instanceof OpenSslEngineTestParam) {
                ((ReferenceCountedOpenSslContext) context).setUseTasks(((OpenSslEngineTestParam) param).useTasks);
            }
            // Explicit enable the session cache as its disabled by default on the client side.
            ((ReferenceCountedOpenSslContext) context).sessionContext().setSessionCacheEnabled(true);
        }
        return context;
    }
-    @Test
+    @MethodSource("newTestParams")
-    public void parentContextIsRetainedByChildEngines() throws Exception {
+    @ParameterizedTest
-        SslContext clientSslCtx = SslContextBuilder.forClient()
+    public void parentContextIsRetainedByChildEngines(SSLEngineTestParam param) throws Exception {
        SslContext clientSslCtx = wrapContext(param, SslContextBuilder.forClient()
            .trustManager(InsecureTrustManagerFactory.INSTANCE)
            .sslProvider(sslClientProvider())
-            .protocols(protocols())
+            .protocols(param.protocols())
-            .ciphers(ciphers())
+            .ciphers(param.ciphers())
-            .build();
+            .build());
        SSLEngine engine = clientSslCtx.newEngine(UnpooledByteBufAllocator.DEFAULT);
        assertEquals(ReferenceCountUtil.refCnt(clientSslCtx), 2);
--- a/handler/src/test/java/io/netty/handler/ssl/SSLEngineTest.java
+++ b/handler/src/test/java/io/netty/handler/ssl/SSLEngineTest.java
--- a/handler/src/test/java/io/netty/handler/ssl/SniClientJava8TestUtil.java
+++ b/handler/src/test/java/io/netty/handler/ssl/SniClientJava8TestUtil.java
@ -34,7 +34,6 @@ import io.netty.util.ReferenceCountUtil;
 import io.netty.util.concurrent.Promise;
 import io.netty.util.internal.EmptyArrays;
 import io.netty.util.internal.ThrowableUtil;
 import org.junit.Assert;
 import javax.net.ssl.ExtendedSSLSession;
 import javax.net.ssl.KeyManager;
@ -67,6 +66,11 @@ import java.util.ArrayList;
 import java.util.Collections;
 import java.util.List;
 import static org.junit.jupiter.api.Assertions.assertEquals;
 import static org.junit.jupiter.api.Assertions.assertNotNull;
 import static org.junit.jupiter.api.Assertions.assertTrue;
 import static org.junit.jupiter.api.Assertions.fail;
 /**
 * In extra class to be able to run tests with java7 without trying to load classes that not exists in java7.
 */
@ -171,17 +175,17 @@ final class SniClientJava8TestUtil {
    }
    private static void assertSSLSession(boolean clientSide, SSLSession session, SNIServerName name) {
-        Assert.assertNotNull(session);
+        assertNotNull(session);
        if (session instanceof ExtendedSSLSession) {
            ExtendedSSLSession extendedSSLSession = (ExtendedSSLSession) session;
            List<SNIServerName> names = extendedSSLSession.getRequestedServerNames();
-            Assert.assertEquals(1, names.size());
+            assertEquals(1, names.size());
-            Assert.assertEquals(name, names.get(0));
+            assertEquals(name, names.get(0));
-            Assert.assertTrue(extendedSSLSession.getLocalSupportedSignatureAlgorithms().length > 0);
+            assertTrue(extendedSSLSession.getLocalSupportedSignatureAlgorithms().length > 0);
            if (clientSide) {
-                Assert.assertEquals(0, extendedSSLSession.getPeerSupportedSignatureAlgorithms().length);
+                assertEquals(0, extendedSSLSession.getPeerSupportedSignatureAlgorithms().length);
            } else {
-                Assert.assertTrue(extendedSSLSession.getPeerSupportedSignatureAlgorithms().length >= 0);
+                assertTrue(extendedSSLSession.getPeerSupportedSignatureAlgorithms().length >= 0);
            }
        }
    }
@ -214,19 +218,19 @@ final class SniClientJava8TestUtil {
                @Override
                public void checkClientTrusted(X509Certificate[] x509Certificates, String s, Socket socket)
                        throws CertificateException {
-                    Assert.fail();
+                    fail();
                }
                @Override
                public void checkServerTrusted(X509Certificate[] x509Certificates, String s, Socket socket)
                        throws CertificateException {
-                    Assert.fail();
+                    fail();
                }
                @Override
                public void checkClientTrusted(X509Certificate[] x509Certificates, String s, SSLEngine sslEngine)
                        throws CertificateException {
-                    Assert.fail();
+                    fail();
                }
                @Override
@ -238,13 +242,13 @@ final class SniClientJava8TestUtil {
                @Override
                public void checkClientTrusted(X509Certificate[] x509Certificates, String s)
                        throws CertificateException {
-                    Assert.fail();
+                    fail();
                }
                @Override
                public void checkServerTrusted(X509Certificate[] x509Certificates, String s)
                        throws CertificateException {
-                    Assert.fail();
+                    fail();
                }
                @Override
--- a/handler/src/test/java/io/netty/handler/ssl/SniHandlerTest.java
+++ b/handler/src/test/java/io/netty/handler/ssl/SniHandlerTest.java
@ -72,7 +72,7 @@ import static org.hamcrest.CoreMatchers.is;
 import static org.hamcrest.CoreMatchers.nullValue;
 import static org.hamcrest.MatcherAssert.assertThat;
-import static org.junit.Assume.assumeTrue;
+import static org.junit.jupiter.api.Assumptions.assumeTrue;
 import static org.junit.jupiter.api.Assertions.assertEquals;
 import static org.junit.jupiter.api.Assertions.assertFalse;
 import static org.junit.jupiter.api.Assertions.assertNotNull;
--- a/handler/src/test/java/io/netty/handler/ssl/SslContextTest.java
+++ b/handler/src/test/java/io/netty/handler/ssl/SslContextTest.java
@ -31,7 +31,7 @@ import javax.net.ssl.SSLContext;
 import javax.net.ssl.SSLEngine;
 import javax.net.ssl.SSLException;
-import static org.junit.Assume.assumeNotNull;
+import static org.junit.jupiter.api.Assumptions.assumeTrue;
 import static org.junit.jupiter.api.Assertions.assertFalse;
 import static org.junit.jupiter.api.Assertions.assertNotNull;
 import static org.junit.jupiter.api.Assertions.assertThrows;
@ -124,7 +124,7 @@ public abstract class SslContextTest {
        } catch (IllegalArgumentException e) {
            exception = e;
        }
-        assumeNotNull(exception);
+        assumeTrue(exception != null);
        File keyFile = ResourcesUtil.getFile(getClass(), "test_unencrypted.pem");
        File crtFile = ResourcesUtil.getFile(getClass(), "test.crt");
--- a/handler/src/test/java/io/netty/handler/ssl/SslHandlerTest.java
+++ b/handler/src/test/java/io/netty/handler/ssl/SslHandlerTest.java
@ -103,7 +103,6 @@ import static org.junit.jupiter.api.Assertions.assertNull;
 import static org.junit.jupiter.api.Assertions.assertSame;
 import static org.junit.jupiter.api.Assertions.assertThrows;
 import static org.junit.jupiter.api.Assertions.assertTrue;
 import static org.junit.jupiter.api.Assertions.fail;
 import static org.junit.jupiter.api.Assumptions.assumeFalse;
 import static org.junit.jupiter.api.Assumptions.assumeTrue;