[9] RFR: 8048624: Tests for SealedObject
Rajan Halade
rajan.halade at oracle.com
Mon Aug 10 20:44:37 UTC 2015
Hi Valerie,
I have updated the webrev after your comment and our discussion to only
retain TestSealedObjectNull test.
http://cr.openjdk.java.net/~rhalade/8048624/webrev.01/
Thanks,
Rajan
On 7/23/15 2:20 PM, Valerie Peng wrote:
>
> <TestSealedObject.java>
> - I think it's more universal to call getParameters() instead of
> getIV(). Otherwise, if the test is enhanced with GCM mode, it will not
> work.
> - Certain combination of mode and padding require certain input
> length. With SealedObject, the input to the Cipher object is the
> "serialized" bytes. Otherwise, IllegalBlockSizeException will be
> thrown. If the test coverage is about SealedObject code, we don't need
> these many different combinations. What is the aim for coverage here?
> - DES, DESede and Blowfish and no AES? Note that AES block size is 16
> bytes, so the current input will need to be adjusted. Currently, the
> serialized form is 24 bytes. You need to bump it up to at least 32
> bytes to avoid IllegalBlockSizeException.
>
> <TestSealedObjectNull.java>
> - This is not really testing NullCipher. If you replace NullCipher
> with any other cipher, this test would still pass.
> - Well, in reality, no one will ever use SealedObject with NullCipher,
> I can't think of a reason to. I wonder if anyone actually uses
> NullCipher. What is the purpose of this test?
>
> Thanks,
> Valerie
>
> On 7/17/2015 4:21 PM, Rajan Halade wrote:
>> May I request you to review two new tests added to check SealedObject
>> with different ciphers.
>>
>> Bug: https://bugs.openjdk.java.net/browse/JDK-8048624
>> Webrev: http://cr.openjdk.java.net/~rhalade/8048624/webrev/
>>
>> Thanks,
>> Rajan
More information about the security-dev
mailing list