Please review CR 8048356 Secure Random provider tests

raghu k.nair raghu.k.nair at oracle.com
Wed Aug 27 15:31:34 UTC 2014 

Hi Brad,
  Could you please review the updated webrev  : 
http://cr.openjdk.java.net/~tyan/raghu/8048356/webrev02/ 
<http://cr.openjdk.java.net/%7Etyan/raghu/8048356/webrev02/>
  Updates are based on   Bernd's comments.

Thanks,
Raghu Nair
On 8/27/2014 4:02 PM, raghu k.nair wrote:
> Hi Bernd,
>  Thanks for looking into it. my comments in-line.
> On 8/27/2014 2:57 PM, Bernd Eckenfels wrote:
>> Hello,
>>
>> Since the topic is interesting to me I took a look. Have some nits or 
>> points to discuss: The testProvider() function seems to be missnamed, 
>> it actually checks the default Implementation (for the right 
>> provider). Maybe testDefaultProvider()?
>>
> Yes you are right . I will rename the testname.
>> i would also remove the elses, especially as they print different 
>> Passed messages. Just one print line after the guards.
> Agree on this.
>>
>> BTW, i think it is very common for java code to request SHA1Prng 
>> unconditionally (with and without provider=sun) i would add that to 
>> all OS as a test.
> This is already covered by test  - 
> sun/security/provider/SeedGenerator/SeedGeneratorChoice.java
>>
>> I also wonder if this would be the right place to test the strong 
>> secure random getter as well?
>>
> Those tests are already covered Java Compatibility tests . That is the 
> reason it is omitted from this test.
>> what about testing the sorting logic (based on the egd url property) 
>> I think this is still implemented, even with the different seeding 
>> modes for Native.
>>
> This covered by some of the existing tests
> sun/security/provider/SecureRandom/StrongSeedReader.java ,
> test/closed/sun/security/provider/SecureRandom/SeederRace.java
> sun/security/provider/SeedGenerator/SeedGeneratorChoice.java
>
> Thanks,
> Raghu
>> Gruss
>> Bernd
>>
>> -- 
>> http://bernd.eckenfels.net
>> ------------------------------------------------------------------------
>> Von: raghu k.nair <mailto:raghu.k.nair at oracle.com>
>> Gesendet: ‎27.‎08.‎2014 11:00
>> An: Bradford Wetmore <mailto:bradford.wetmore at oracle.com>
>> Cc: security-dev at openjdk.java.net <mailto:security-dev at openjdk.java.net>
>> Betreff: Please review CR 8048356 Secure Random provider tests
>>
>> Hi Brad,
>>  Could you please help in reviewing the following test.
>>
>> webrev: http://cr.openjdk.java.net/~tyan/raghu/8048356/webrev01/ 
>> <http://cr.openjdk.java.net/%7Etyan/raghu/8048356/webrev01/>
>> Bug : JDK-8048356 <https://bugs.openjdk.java.net/browse/JDK-8048356>
>>
>> Thanks,
>> Raghu Nair
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20140827/a1e6366b/attachment.htm>

More information about the security-dev mailing list