RFR 8164881: Add more tests for JDK-8139565.

Mallikarjuna Avaluri mallikarjuna.avaluri at oracle.com
Mon Nov 28 06:54:27 UTC 2016 

Hi Artem Smotrakov,


I have included the changes mentioned, please review the same.

*Webrev: 
*http://cr.openjdk.java.net/~bgopularam/mavaluri/JDK-8164881/webrev.01/ 
<http://cr.openjdk.java.net/%7Ebgopularam/mavaluri/JDK-8164881/webrev.01/>*
*


Regards,
Mallikarjuna Avaluri

On 11/16/2016 4:11 AM, Artem Smotrakov wrote:
>
> Hi Mallikarjuna,
>
> I have a couple of comments.
>
> 1. I see you extract DSA key size from 
> "jdk.certpath.disabledAlgorithms" security property. I think I would 
> be better not to rely on it, but expect that keys less than 1024 bits 
> are not allowed by default. You can pass a boolean parameter to the 
> test which defines what should be expected.
>
> 2. We are trying not to use lines more than 80 symbols. Could you 
> please fix it?
>
> 3. Minor: DSAKeys.java line 342, you don't need to specify types for 
> HashMap
>
> 4. It is up to you, but it would be good to update the test to use 
> SSTest.java (see examples in jdk/tests) because we've been seeing 
> intermittent failures of JSSE tests like this one you are updating
>
> http://hg.openjdk.java.net/jdk9/dev/jdk/file/93fb16cbdf7f/test/javax/net/ssl/templates/SSLTest.java
>
> Artem
>
> On 11/13/2016 09:02 PM, Mallikarjuna Avaluri wrote:
>>
>> Hi all,
>>
>> Please review the fix for following issue.
>>
>> JDK-8164881: Add more tests for JDK-8139565
>> https://bugs.openjdk.java.net/browse/JDK-8164881
>>
>> *Summary:* Currently 
>> test/javax/net/ssl/TLSv12/DisabledShortDSAKeys.java checks only that 
>> DSA keys with size of 512 bits are disabled.
>> But we also need to check that DSA keys with sizes 1024 & 2048 are 
>> working fine.
>>
>>
>> *Fix: * Currently test/javax/net/ssl/TLSv12/DisabledShortDSAKeys.java 
>> checks only that DSA keys with size of 512 bits are disabled.
>> Added new tests with DSA keys with size of 960 bits disabled, 1024, 
>> 2048, 3072 bits enabled.
>>
>> *Webrev: * 
>> http://cr.openjdk.java.net/~bgopularam/mavaluri/JDK-8164881/webrev.00/ 
>> <http://cr.openjdk.java.net/%7Ebgopularam/mavaluri/JDK-8164881/webrev.00/>
>>
>>
>> Thanks,
>> Mallikarjuna Avaluri 
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20161128/b418788c/attachment.htm>

More information about the security-dev mailing list