RFR 8212867: Link to DRBG test vectors is redirected to a broken link

Weijun Wang weijun.wang at oracle.com
Wed Oct 24 02:18:49 UTC 2018


Please take a review at the fix below:

diff --git a/src/java.base/share/classes/java/security/DrbgParameters.java b/src/java.base/share/classes/java/security/DrbgParameters.java
--- a/src/java.base/share/classes/java/security/DrbgParameters.java
+++ b/src/java.base/share/classes/java/security/DrbgParameters.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2016, 2017, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2016, 2018, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -226,9 +226,9 @@
  * Calling {@link SecureRandom#generateSeed(int)} will directly read
  * from this system default entropy source.
  * <p>
- * This implementation has passed all tests included in the 20151104 version of
- * <a href="http://csrc.nist.gov/groups/STM/cavp/documents/drbg/drbgtestvectors.zip">
- * The DRBG Test Vectors</a>.
+ * This implementation has passed the test vectors (published on 2015-11-04) in
+ * <a href="https://csrc.nist.gov/Projects/Cryptographic-Algorithm-Validation-Program/Random-Number-Generators">
+ * Cryptographic Algorithm Validation Program</a>.
  *
  * @since 9
  */

Note that the link does not point to a zip file now. It might be a little rude to link to a 13MB zip file, and a description page is better. The page is quite concise and has a section named "Test Vectors" containing the link to the zip file. The zip file has actually no version info but the content shows the data was generated on 2015-11-04. I'd like to keep the date info in case the test vectors are updated some day.

BTW, the zip file itself is exactly the same as before so there is no need to re-test.

Thanks
Max

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20181024/511a5906/attachment.htm>


More information about the security-dev mailing list