RFR 8048357: PKCS basic tests

Bernd Eckenfels ecki at zusammenkunft.net
Fri Aug 21 00:32:05 UTC 2015

Hello Amanda,

out of curiosity I was looking at the tests, and have a few comments:

63        byte[] base64Bytes = new byte[pkcs7In.available()];
64                 if (pkcs7In.read(base64Bytes) < base64Bytes.length) {

There are two pet peeves of mine. available() to get the file length
and reading without a loop. Both (and more code) could be avoided with

(not sure what the DER contains. comment? but generally speaking):

94         AlgorithmId[] algIds = {new AlgorithmId(AlgorithmId.MD5_oid),
95             new AlgorithmId(AlgorithmId.SHA_oid)};
192             keyGen.initialize(512);

Would it be better to test with more modern algorithms (SHA2) and
larger (1024) key sizes. Especially since this will reduce problems
when weak 512bit keys some times in the future get blocked.


Am Thu, 20 Aug 2015 16:11:32 -0700
schrieb Amanda Jiang <amanda.jiang at oracle.com>:

> Hi All,
> Please be free to review new tests for conformance testing of PKCS.
> bug: https://bugs.openjdk.java.net/browse/JDK-8048357
> webrev: http://cr.openjdk.java.net/~amjiang/8048357/webrev.01/
> Thanks,
> Amanda

More information about the security-dev mailing list