Support for timestamped signed modules
Mandy Chung
mandy.chung at oracle.com
Tue Apr 12 13:09:36 PDT 2011
On 04/12/11 12:58, Sean Mullan wrote:
> New webrev:
> http://cr.openjdk.java.net/~mullan/jigsaw/webrevs/timestamp/webrev.01/
>
ModuleFileFormat.java L796 - this commented line can be deleted. Other
than that, looks okay to me.
> I've made all of your suggested changes, except:
>
> > Both timestamp-test.sh and TimestampTest.java hardcodes the name of
> the module
> > library, module name, and location. Would it be better to pass these
> hardcoded
> > names from the shell test to TimestampTest as system properties or
> input
> > arguments? These values might unlikely be changed but I would rather
> avoid
> > having a hardcoded name in multiple files for the single test.
>
> These two tests are tightly coupled. The script is used to create the
> keystore and other binaries (to avoid the "no binaries under source
> control" rule) used by the Java program. I could change them all to
> command-line arguments (there would be many) but it seems more
> sensible for me to spend the time to eliminate the script entirely.
> But that's a bit more work and I'll tackle that as an overall test
> cleanup task a bit later.
>
Sounds good.
> > sun/security/pkcs/SignerInfo.java
> > L470: maybe assert tsa.length == 1, or it is guaranteed to be true??
>
> An assertion seems incorrect here, since this is verifying data sent
> over the network by the server. I've added a check and it now throws
> an exception if there is not exactly one signer.
>
Thanks
Mandy
More information about the jigsaw-dev
mailing list