RFR JDK-8075286: Additional tests for signature algorithm OIDs and transformation string

Valerie Peng valerie.peng at oracle.com
Fri Sep 11 23:50:51 UTC 2015


Mostly are fine, just a few comments:

1) the convention is to place the regression tests based on the provider 
which they are for, e.g.
SunJCE provider -> com/sun/crypto/provider
SUN provider -> sun/security/provider
SunEC provider -> sun/security/ec
Given that there is not a lot of dependency between these tests, can u 
place them into the sub-directories under the dedicated path?
The utility class TestSignatureOidHelper.java into can be placed under 
sun/security.

2) several tests has "...must be failed", probably should be changed to 
"...should fail"

3) the variable naming seems confusing, e.g. cipherAlgorithm and 
cipherOid both refer to Cipher objects while cipherText refers to 
encrypted text. For future development, u may want to name the cipher 
variables differently so it's obvious that they represent Cipher objects.

Thanks,
Valerie

On 8/13/2015 1:43 AM, Sha Jiang wrote:
> Hi Security developers,
> I have a security test bug 
> https://bugs.openjdk.java.net/browse/JDK-8075286, which adds more 
> cases for NSA Suite B algorithms in jdk repo.
> Please review this patch at 
> http://cr.openjdk.java.net/~fyuan/jjiang/8075286/webrev.00/
> Every comment is appreciated.
>
> Best Regards,
> John Jiang
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/security-dev/attachments/20150911/6fc3e938/attachment.html>


More information about the security-dev mailing list