RFR 8212867: Link to DRBG test vectors is redirected to a broken link
Sean Mullan
sean.mullan at oracle.com
Wed Oct 24 17:54:17 UTC 2018
IMHO, this is kind of an odd thing to include in the javadocs, the fact
that it passed a bunch of tests. I'd be more inclined to simply remove
this sentence and (maybe) instead include it in the JDK Providers Guide,
but even then I am not sure it is really necessary.
--Sean
On 10/23/18 10:27 PM, Weijun Wang wrote:
> I'd like to refine the patch a little to
>
> *diff --git
> a/src/java.base/share/classes/java/security/DrbgParameters.java
> b/src/java.base/share/classes/java/security/DrbgParameters.java*
> *--- a/src/java.base/share/classes/java/security/DrbgParameters.java*
> *+++ b/src/java.base/share/classes/java/security/DrbgParameters.java*
> @@ -1,5 +1,5 @@
> /*
> - * Copyright (c) 2016, 2017, Oracle and/or its affiliates. All rights
> reserved.
> + * Copyright (c) 2016, 2018, Oracle and/or its affiliates. All rights
> reserved.
> * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
> *
> * This code is free software; you can redistribute it and/or modify it
> @@ -226,9 +226,9 @@
> * Calling {@link SecureRandom#generateSeed(int)} will directly read
> * from this system default entropy source.
> * <p>
> - * This implementation has passed all tests included in the 20151104
> version of
> - * <a
> href="http://csrc.nist.gov/groups/STM/cavp/documents/drbg/drbgtestvectors.zip">
> - * The DRBG Test Vectors</a>.
> + * This implementation has passed the DRBG Test Vectors (published on
> 2015-11-04) in
> + * <a
> href="https://csrc.nist.gov/Projects/Cryptographic-Algorithm-Validation-Program/Random-Number-Generators">
> + * CAVP Testing: Random Number Generators</a>.
> *
> * @since 9
> */
>
> While "Cryptographic Algorithm Validation Program" is the main title
> shown on the page, it looks like the secondary header "CAVP Testing:
> Random Number Generators" is more precise and matches the URL. I also
> change the test vectors name to "DRBG Test Vectors" because the section
> could contain more links to other RNG test vectors.
>
> Sorry for the quick update.
>
> Thanks
> Max
>
>> On Oct 24, 2018, at 10:18 AM, Weijun Wang <weijun.wang at oracle.com
>> <mailto:weijun.wang at oracle.com>> wrote:
>>
>> Please take a review at the fix below:
>>
>> diff --git
>> a/src/java.base/share/classes/java/security/DrbgParameters.java b/src/java.base/share/classes/java/security/DrbgParameters.java
>> --- a/src/java.base/share/classes/java/security/DrbgParameters.java
>> +++ b/src/java.base/share/classes/java/security/DrbgParameters.java
>> @@ -1,5 +1,5 @@
>> /*
>> - * Copyright (c) 2016, 2017, Oracle and/or its affiliates. All rights
>> reserved.
>> + * Copyright (c) 2016, 2018, Oracle and/or its affiliates. All rights
>> reserved.
>> * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
>> *
>> * This code is free software; you can redistribute it and/or modify it
>> @@ -226,9 +226,9 @@
>> * Calling {@link SecureRandom#generateSeed(int)} will directly read
>> * from this system default entropy source.
>> * <p>
>> - * This implementation has passed all tests included in the 20151104
>> version of
>> - * <a
>> href="http://csrc.nist.gov/groups/STM/cavp/documents/drbg/drbgtestvectors.zip">
>> - * The DRBG Test Vectors</a>.
>> + * This implementation has passed the test vectors (published on
>> 2015-11-04) in
>> + * <a
>> href="https://csrc.nist.gov/Projects/Cryptographic-Algorithm-Validation-Program/Random-Number-Generators">
>> + * Cryptographic Algorithm Validation Program</a>.
>> *
>> * @since 9
>> */
>>
>> Note that the link does not point to a zip file now. It might be a
>> little rude to link to a 13MB zip file, and a description page is
>> better. The page is quite concise and has a section named "Test
>> Vectors" containing the link to the zip file. The zip file has
>> actually no version info but the content shows the data was generated
>> on 2015-11-04. I'd like to keep the date info in case the test vectors
>> are updated some day.
>>
>> BTW, the zip file itself is exactly the same as before so there is no
>> need to re-test.
>>
>> Thanks
>> Max
>>
>
More information about the security-dev
mailing list