[13] RFR 8228341: SignTwice.java fails intermittently on Windows

Philipp Kunz philipp.kunz at paratix.ch
Sun Jul 28 14:23:13 UTC 2019


Hi Max,
Glad to see SignTwice being taken from ProblemList. Is it working now
with the timeout added or does it still fail on windows?
> I just ran a test job: SignTwice.java failed on Windows with `failed
to clean up files after test`. Most likely a file is not closed.
For the key algs, "-DkeyAlgs=EC;" or "-DkeyAlgs=EC" might be shorter
for the same effect, but "-DkeyAlgs=EC;0" is all right as well.
However, "-DdigestAlgs=SHA-256" will (far as I remember) not result in
a digest that exceeds the maximum manifest line width in its encoded
form as a base64 string and makes a difference. I strongly suggest to
keep "-DdigestAlgs=SHA-512" or any other digest algorithm that tests
line breaking of digests in signed jar file manifests.
Regards,Philipp





On Tue, 2019-07-23 at 14:28 +0800, Weijun Wang wrote:
> Please review the patch below. This test signs the same jar multiple
> times. It's mainly about making sure the manifest and signature file
> can be updated correctly. There is no need to try different key
> algorithms. We can also use a faster digest algorithm.
> Thanks,
> Max
> 
> diff --git a/test/jdk/ProblemList.txt b/test/jdk/ProblemList.txt
> --- a/test/jdk/ProblemList.txt
> +++ b/test/jdk/ProblemList.txt
> @@ -661,7 +661,6 @@
>  sun/security/tools/keytool/KeyToolTest.java                    
> 8224644 solaris-all
>  sun/security/tools/keytool/WeakAlg.java                        
> 8224644 solaris-all
>  
> -sun/security/tools/jarsigner/compatibility/SignTwice.java      
> 8228341 windows-all
>  sun/security/tools/jarsigner/warnings/BadKeyUsageTest.java     
> 8026393 generic-all
>  
>  javax/net/ssl/ServerName/SSLEngineExplorerMatchedSNI.java      
> 8212096 generic-all
> diff --git
> a/test/jdk/sun/security/tools/jarsigner/compatibility/SignTwice.java
> b/test/jdk/sun/security/tools/jarsigner/compatibility/SignTwice.java
> ---
> a/test/jdk/sun/security/tools/jarsigner/compatibility/SignTwice.java
> +++
> b/test/jdk/sun/security/tools/jarsigner/compatibility/SignTwice.java
> @@ -36,7 +36,7 @@
>   * @test
>   * @library /test/lib ../warnings
>   * @compile Compatibility.java
> - * @run main/othervm
> + * @run main/othervm/timeout=600
>   *  -Djava.security.properties=./java.security
>   *  -Duser.language=en
>   *  -Duser.country=US
> @@ -46,8 +46,8 @@
>   *  -DtestComprehensiveJarContents=true
>   *  -DtestJarUpdate=true
>   *  -Dstrict=true
> - *  -DkeyAlgs=EC;#RSA;#DSA;
> - *  -DdigestAlgs=SHA-512
> + *  -DkeyAlgs=EC;0
> + *  -DdigestAlgs=SHA-256
>   *  SignTwice
>   */
>  public class SignTwice {
> 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.java.net/pipermail/security-dev/attachments/20190728/dc022c8e/attachment.html>


More information about the security-dev mailing list