Code Review Request: Generalise com.oracle.security.ucrypto tests
Valerie (Yu-Ching) Peng
valerie.peng at oracle.com
Thu Mar 29 18:14:54 UTC 2012
Well, I have not looked at the complete webrev.
But it looks to me that if the tests are generalized to cover more
providers, then they should be moved to somewhere else instead of
"com/oracle/security/ucrypto" directory which implies the regression
tests for OracleUcrypto provider. Maybe somewhere under the
/javax/crypto/ would be a better fit.
One more concern that I have is that some functionalities tested in the
tests may be *optional*. When the tests are developed for a specific
provider such as OracleUcrypto provider, we know what it supports and
doesn't support. However, when the tests are generalized to apply to all
security providers, it gets a bit fragile. Even it works w/ current list
of providers, once a new provider is added, the tests may very likely
fail. The tests may have to be relaxed when it comes to these optional
functionalities, e.g. digest cloning, key wrapping, etc.
Personally, I feel this is a bit more than "regression tests"...
Valerie
On 03/29/12 07:43, Andrew Hughes wrote:
> Hi all,
>
> As discussed in:
>
> http://mail.openjdk.java.net/pipermail/security-dev/2012-March/004615.html
>
> this webrev:
>
> http://cr.openjdk.java.net/~andrew/enc_tests/webrev.01/
>
> updates the tests as follows:
>
> 1. Tests all available providers, not just ucrypto which is unavailable on OpenJDK.
> 2. No longer fails the whole test due to a single failure, but provides a cumulative result instead.
> 3. All output goes to System.err so that stack traces correspond to other output for debugging.
>
> The tests pass on all providers, with the exception of PKCS11 which has issues on AES that we're still looking onto.
> There were issues with Digest too, but this should be resolved by the fix described in
> http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6414899
>
> changeset: 4908:cdc128128044
> parent: 4888:0194fe5ca404
> user: valeriep
> date: Thu Jan 05 18:18:04 2012 -0800
> summary: 6414899: P11Digest should support cloning
>
> Does this look ok? If so, can I have a bug ID to commit it and which tree should it go to?
>
> Thanks,
More information about the security-dev
mailing list