RFR [16] [JDK-8248745] Add jarsigner and keytool tests for restricted algorithms

Sean Mullan sean.mullan at oracle.com
Thu Aug 6 14:30:41 UTC 2020


You should also add a test for MD2 and MD5 for the jarsigner -digestalg 
option.

  125     private static void testJarsignerSiginig(String sigAlg, String 
alias)

typo: s/Siginig/Signing/

All else looks fine.

--Sean

On 8/4/20 11:13 PM, Hai-May Chao wrote:
> Hi Muneer,
> 
> Updated webrev looks good.
> 
> Thanks,
> Hai-May
> 
> 
>> On Aug 4, 2020, at 7:26 PM, abdul.kolarkunnu at oracle.com wrote:
>>
>> Thanks Hai-May for review.
>>
>> Updated the webrev with your comment -http://cr.openjdk.java.net/~akolarkunnu/8248745/webrev.01/
>>
>> -Muneer
>>
>> On 04/08/20 11:58 pm, Hai-May Chao wrote:
>>> Hi Muneer,
>>>
>>> Looks good with one minor comment.
>>>
>>> #58: suggest that the SECURITY_WARNING will also include “and is disabled” at the end to make it clear.
>>>
>>> Thanks,
>>> Hai-May
>>>
>>>> On Jul 27, 2020, at 9:15 AM, abdul.kolarkunnu at oracle.com wrote:
>>>>
>>>> Hi All,
>>>>
>>>> This is a new test int the area of jarsigner and keytool for the restricted/disabled algorithms.
>>>>
>>>> Bug Id - https://bugs.openjdk.java.net/browse/JDK-8248745
>>>>
>>>> Webrev - http://cr.openjdk.java.net/~akolarkunnu/8248745/webrev.00/
>>>>
>>>> Description:
>>>>
>>>> Adding a test for key generation, jar signing and verification with all disabled algorithms and key sizes which are in the property jdk.jar.disabledAlgorithms.
>>>> Covered the scenario of with and without these disabled entries in jdk.jar.disabledAlgorithms.
>>>>
>>>> Whenever the entries are in the property jdk.jar.disabledAlgorithms, corresponding warning or error message should shown, otherwise everything should work fine without any related error or warning.
>>>>
>>>> This test covers all entries listed in "jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, DSA keySize < 1024, include jdk.disabled.namedCurves". In case of disabled curves, this test covers only one curve secp112r1.
>>>>
>>>> Tested in Linux, Windows and Mac Osx platforms and all are working fine.
>>>>
>>>> -Muneer
>>>>
> 


More information about the security-dev mailing list