[9] RFR: 8048624: Tests for SealedObject

Valerie Peng valerie.peng at oracle.com
Thu Jul 23 21:20:45 UTC 2015

- I think it's more universal to call getParameters() instead of 
getIV(). Otherwise, if the test is enhanced with GCM mode, it will not work.
- Certain combination of mode and padding require certain input length. 
With SealedObject, the input to the Cipher object is the "serialized" 
bytes. Otherwise, IllegalBlockSizeException will be thrown. If the test 
coverage is about SealedObject code, we don't need these many different 
combinations. What is the aim for coverage here?
- DES, DESede and Blowfish and no AES? Note that AES block size is 16 
bytes, so the current input will need to be adjusted. Currently, the 
serialized form is 24 bytes. You need to bump it up to at least 32 bytes 
to avoid IllegalBlockSizeException.

- This is not really testing NullCipher. If you replace NullCipher with 
any other cipher, this test would still pass.
- Well, in reality, no one will ever use SealedObject with NullCipher, I 
can't think of a reason to. I wonder if anyone actually uses NullCipher. 
What is the purpose of this test?


On 7/17/2015 4:21 PM, Rajan Halade wrote:
> May I request you to review two new tests added to check SealedObject 
> with different ciphers.
> Bug: https://bugs.openjdk.java.net/browse/JDK-8048624
> Webrev: http://cr.openjdk.java.net/~rhalade/8048624/webrev/
> Thanks,
> Rajan

More information about the security-dev mailing list