RFR 8212867: Link to DRBG test vectors is redirected to a broken link

Sean Mullan sean.mullan at oracle.com
Wed Oct 24 17:54:17 UTC 2018


IMHO, this is kind of an odd thing to include in the javadocs, the fact 
that it passed a bunch of tests. I'd be more inclined to simply remove 
this sentence and (maybe) instead include it in the JDK Providers Guide, 
but even then I am not sure it is really necessary.

--Sean

On 10/23/18 10:27 PM, Weijun Wang wrote:
> I'd like to refine the patch a little to
> 
> *diff --git 
> a/src/java.base/share/classes/java/security/DrbgParameters.java 
> b/src/java.base/share/classes/java/security/DrbgParameters.java*
> *--- a/src/java.base/share/classes/java/security/DrbgParameters.java*
> *+++ b/src/java.base/share/classes/java/security/DrbgParameters.java*
> @@ -1,5 +1,5 @@
>   /*
> - * Copyright (c) 2016, 2017, Oracle and/or its affiliates. All rights 
> reserved.
> + * Copyright (c) 2016, 2018, Oracle and/or its affiliates. All rights 
> reserved.
>    * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
>    *
>    * This code is free software; you can redistribute it and/or modify it
> @@ -226,9 +226,9 @@
>    * Calling {@link SecureRandom#generateSeed(int)} will directly read
>    * from this system default entropy source.
>    * <p>
> - * This implementation has passed all tests included in the 20151104 
> version of
> - * <a 
> href="http://csrc.nist.gov/groups/STM/cavp/documents/drbg/drbgtestvectors.zip">
> - * The DRBG Test Vectors</a>.
> + * This implementation has passed the DRBG Test Vectors (published on 
> 2015-11-04) in
> + * <a 
> href="https://csrc.nist.gov/Projects/Cryptographic-Algorithm-Validation-Program/Random-Number-Generators">
> + * CAVP Testing: Random Number Generators</a>.
>    *
>    * @since 9
>    */
> 
> While "Cryptographic Algorithm Validation Program" is the main title 
> shown on the page, it looks like the secondary header "CAVP Testing: 
> Random Number Generators" is more precise and matches the URL. I also 
> change the test vectors name to "DRBG Test Vectors" because the section 
> could contain more links to other RNG test vectors.
> 
> Sorry for the quick update.
> 
> Thanks
> Max
> 
>> On Oct 24, 2018, at 10:18 AM, Weijun Wang <weijun.wang at oracle.com 
>> <mailto:weijun.wang at oracle.com>> wrote:
>>
>> Please take a review at the fix below:
>>
>> diff --git 
>> a/src/java.base/share/classes/java/security/DrbgParameters.java b/src/java.base/share/classes/java/security/DrbgParameters.java
>> --- a/src/java.base/share/classes/java/security/DrbgParameters.java
>> +++ b/src/java.base/share/classes/java/security/DrbgParameters.java
>> @@ -1,5 +1,5 @@
>>  /*
>> - * Copyright (c) 2016, 2017, Oracle and/or its affiliates. All rights 
>> reserved.
>> + * Copyright (c) 2016, 2018, Oracle and/or its affiliates. All rights 
>> reserved.
>>   * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
>>   *
>>   * This code is free software; you can redistribute it and/or modify it
>> @@ -226,9 +226,9 @@
>>   * Calling {@link SecureRandom#generateSeed(int)} will directly read
>>   * from this system default entropy source.
>>   * <p>
>> - * This implementation has passed all tests included in the 20151104 
>> version of
>> - * <a 
>> href="http://csrc.nist.gov/groups/STM/cavp/documents/drbg/drbgtestvectors.zip">
>> - * The DRBG Test Vectors</a>.
>> + * This implementation has passed the test vectors (published on 
>> 2015-11-04) in
>> + * <a 
>> href="https://csrc.nist.gov/Projects/Cryptographic-Algorithm-Validation-Program/Random-Number-Generators">
>> + * Cryptographic Algorithm Validation Program</a>.
>>   *
>>   * @since 9
>>   */
>>
>> Note that the link does not point to a zip file now. It might be a 
>> little rude to link to a 13MB zip file, and a description page is 
>> better. The page is quite concise and has a section named "Test 
>> Vectors" containing the link to the zip file. The zip file has 
>> actually no version info but the content shows the data was generated 
>> on 2015-11-04. I'd like to keep the date info in case the test vectors 
>> are updated some day.
>>
>> BTW, the zip file itself is exactly the same as before so there is no 
>> need to re-test.
>>
>> Thanks
>> Max
>>
> 



More information about the security-dev mailing list