[8] Request for review: 8005939: sun/security/x509/{X509CRLImpl, X509CertImpl}/Verify.java fail in confusing way when some providers not present
Sean Mullan
sean.mullan at oracle.com
Wed Jan 16 18:31:20 UTC 2013
Looks good, I will push it for you. Can you add the noreg-self label to
the bug since this is a fix to a regression test?
Thanks,
Sean
On 01/15/2013 02:41 PM, Jason Uh wrote:
> Updated to use SunJCE for verification:
> http://cr.openjdk.java.net/~juh/8005939/webrev.01/
>
> On 01/15/2013 10:26 AM, Sean Mullan wrote:
>> On 01/15/2013 01:25 PM, Jason Uh wrote:
>>> Thanks, Sean. For clarification, you're recommending SunJCE for
>>> verifying both the CRL and the Cert?
>>
>> Yes.
>>
>> --Sean
>>
>>>
>>> On 01/15/2013 07:56 AM, Sean Mullan wrote:
>>>> Hi Jason,nk
>>>>
>>>> This looks good. I also recommending changing this line:
>>>>
>>>> 98 verifyCRL(crlIssuerCertPubKey, "SunPCSC");
>>>>
>>>> to a provider that is always going to exist in one of the smaller
>>>> profiles, but also doesn't have a Signature implementation, for
>>>> example:
>>>>
>>>>
>>>> 98 verifyCRL(crlIssuerCertPubKey, "SunJCE");
>>>>
>>>> This would allow the test to pass on the compact1/2 profiles.
>>>>
>>>> --Sean
>>>>
>>>> On 01/14/2013 09:05 PM, Jason Uh wrote:
>>>>> (Resending with bug ID in the Subject.)
>>>>>
>>>>> This change allows the tests
>>>>> sun/security/x509/{X509CRLImpl,X509CertImpl}/Verify.java
>>>>> to fail with a more meaningful message when a provider is not found.
>>>>>
>>>>> Webrev: http://cr.openjdk.java.net/~juh/8005939/webrev.00/
>>>>> Bug: http://bugs.sun.com/view_bug.do?bug_id=8005939
>>>>>
>>>>> Thanks,
>>>>> Jason
>>>>
>>
More information about the security-dev
mailing list