[9] RFR: 8048601: Tests for JCE crypto ciphers
Valerie Peng
valerie.peng at oracle.com
Wed Aug 19 22:38:56 UTC 2015
Rajan,
TestCipher.java
1) this class is used as the base for many algorithm, modes, and
paddings. But then it hardcodes some values or parameter types which may
not work against some algorithms, e.g. IvParameterSpec with 8-byte
value, padding length being 8 bytes. PAD_LEN=8 vs PAD_BYTES=16, is this
difference intentional?
Seems to me that this TestCipher class only works against Ciphers w/
8-byte blocks and uses iv. I think it's clearer to have a constant named
BLKSIZE instead of just 8.
2) Also, u don't need to repeatedly generate random bytes for input
data, IV, etc. The input data can be generated once outside of loop. As
for the parameters, either u can just let the cipher object generates it
or grab the IV values from whatever data that u have already, e.g.
certain part of the input data.
2) input length is always 800. Would be nice to have a comment stating
the requirement, e.g. multiple of blocks in order to work against
ciphers w/ NoPadding
3) line 54, Would be nice to clarify that the range of tested key size
is from MINIMUM_KEY_SIZE to what returned by
Cipher.getMaxAllowedKeyLength(ALGORITHM) with the increment of KEYCUTTER.
4) line 66, keyStrength is better phrased as variousKeySize in my opinion.
5) MINIMUM_KEY_SIZE and KEYCUTTER should be algorithm specific. It'd be
clearer to explicitly list out the algorithms which works against the
the hardcoded values for the sake of maintenance.
6) It looks to me that String[] modes and String[] paddings could be
moved to runAll(). This seems more consistent with the signature of
runTest() where mode and padding are again specified here.
Will send u comments regarding the TestLength ones in a separate email.
Thanks,
Valerie
On 7/14/2015 1:27 PM, Rajan Halade wrote:
> May I request you to review new tests added to check Cipher operations
> with different algorithms and modes.
>
> Webrev: http://cr.openjdk.java.net/~rhalade/8048601/webrev.00/
> Bug: https://bugs.openjdk.java.net/browse/JDK-8048601
>
> Thanks,
> Rajan
More information about the security-dev
mailing list