RFR 8169911: Enhanced tests for jarsigner -verbose -verify after JDK-8163304
Wang Weijun
weijun.wang at oracle.com
Sat Nov 19 07:37:26 UTC 2016
Hi Amanda
- There are many duplicates in signWithAlias() and sign(). I think it's better to make one based on the other. Maybe signWithAliasAndTsa() and sign().
- checkWeak2() is about combinations of weak/strong algs in a single signer. I'd rather it be an individual test case, and not as a step in multiple signers. The name is not meaningful enough. Maybe checkHalfWeak()?
- About multiple signers:
On lines 356 and 364, I suggest using different names for signed jar and original jar. This makes debugging easier when there is a failure.
IMO it's not worth writing different checkComb() and checkComb2(). As long as the output contains "weak" we know the weak algorithm is also printed out. What we need to cover are:
1) it's treated as verified if at least one is strong (you already covered it)
2) it has only 1 verified signer, this should be shown with both -verbose and -certs. You can see there is only one certificate shown. Or you can use JarFile API to open the jar file and check the length of JarEntry::getCodeSigner().
3) the history shows 2 signers, this can be provide by 2 "Signed by" lines.
I'd suggest checkComb() be renamed to checkMultiple().
Thanks
Max
> On Nov 19, 2016, at 8:38 AM, Amanda Jiang <amanda.jiang at oracle.com> wrote:
>
> HI All,
> Please help to review following code change:
> webrev: http://cr.openjdk.java.net/~amjiang/8169911/webrev.01/
> bug: https://bugs.openjdk.java.net/browse/JDK-8169911
>
> This change enhances test case for JDK-8163304 by covering following cases:
> - Multiple signers (signed by jarsigner twice using different aliases)
> - Combinations of weak/strong -digestalg, -tsadigestalg and -sigalg
> - Signing with DSA keys
>
> Thanks,
> Amanda
More information about the security-dev
mailing list