[13] RFR 8227595: keytool/fakegen/DefaultSignatureAlgorithm.java fails due to "exitValue = 6"
Weijun Wang
weijun.wang at oracle.com
Wed Jul 17 00:32:48 UTC 2019
JBS: https://bugs.openjdk.java.net/browse/JDK-8227595 <https://bugs.openjdk.java.net/browse/JDK-8227595>
The test cannot use the included fake keypair generator because on Solaris the SunPKCS11-Solaris is more preferred. Like what I have done [1] for the PSS.java test nearby, exclude the test from Solaris as well. I've also taken this chance to add a clarification on why the fake generator does not help here. Please review the patch below.
Thanks,
Max
diff --git a/test/jdk/sun/security/tools/keytool/fakegen/DefaultSignatureAlgorithm.java b/test/jdk/sun/security/tools/keytool/fakegen/DefaultSignatureAlgorithm.java
--- a/test/jdk/sun/security/tools/keytool/fakegen/DefaultSignatureAlgorithm.java
+++ b/test/jdk/sun/security/tools/keytool/fakegen/DefaultSignatureAlgorithm.java
@@ -23,16 +23,21 @@
/*
* @test
- * @bug 8138766 8227059
+ * @bug 8138766 8227059 8227595
* @summary New default -sigalg for keytool
* @library /test/lib
* @build java.base/sun.security.rsa.RSAKeyPairGenerator
* java.base/sun.security.provider.DSAKeyPairGenerator
* jdk.crypto.ec/sun.security.ec.ECKeyPairGenerator
+ * @requires os.family != "solaris"
* @run main DefaultSignatureAlgorithm
* @modules jdk.crypto.ec
*/
+// This test is excluded from Solaris because the RSA key pair generator
+// is extremely slow there with a big keysize. Please note the fake
+// KeyPairGenerator will not be used because of provider preferences.
+
import jdk.test.lib.Asserts;
import jdk.test.lib.SecurityTools;
import jdk.test.lib.process.OutputAnalyzer;
diff --git a/test/jdk/sun/security/tools/keytool/fakegen/PSS.java b/test/jdk/sun/security/tools/keytool/fakegen/PSS.java
--- a/test/jdk/sun/security/tools/keytool/fakegen/PSS.java
+++ b/test/jdk/sun/security/tools/keytool/fakegen/PSS.java
@@ -34,7 +34,8 @@
*/
// This test is excluded from Solaris because the 8192-bit RSA key pair
-// generator is extremely slow there.
+// generator is extremely slow there. Please note the fake
+// KeyPairGenerator will not be used because of provider preferences.
import jdk.test.lib.Asserts;
import jdk.test.lib.SecurityTools;
[1] http://hg.openjdk.java.net/jdk/jdk/rev/271ee240244c
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20190717/a65de01f/attachment.htm>
More information about the security-dev
mailing list