RFR [16] [JDK-8248745] Add jarsigner and keytool tests for restricted algorithms

abdul.kolarkunnu at oracle.com abdul.kolarkunnu at oracle.com
Fri Aug 7 09:04:01 UTC 2020


Thanks Sean for the review.

Addressed your comments on  new webrev - 
http://cr.openjdk.java.net/~akolarkunnu/8248745/webrev.02/

-Muneer

On 06/08/20 8:00 pm, Sean Mullan wrote:
> You should also add a test for MD2 and MD5 for the jarsigner 
> -digestalg option.
>
>  125     private static void testJarsignerSiginig(String sigAlg, 
> String alias)
>
> typo: s/Siginig/Signing/
>
> All else looks fine.
>
> --Sean
>
> On 8/4/20 11:13 PM, Hai-May Chao wrote:
>> Hi Muneer,
>>
>> Updated webrev looks good.
>>
>> Thanks,
>> Hai-May
>>
>>
>>> On Aug 4, 2020, at 7:26 PM, abdul.kolarkunnu at oracle.com wrote:
>>>
>>> Thanks Hai-May for review.
>>>
>>> Updated the webrev with your comment 
>>> -http://cr.openjdk.java.net/~akolarkunnu/8248745/webrev.01/
>>>
>>> -Muneer
>>>
>>> On 04/08/20 11:58 pm, Hai-May Chao wrote:
>>>> Hi Muneer,
>>>>
>>>> Looks good with one minor comment.
>>>>
>>>> #58: suggest that the SECURITY_WARNING will also include “and is 
>>>> disabled” at the end to make it clear.
>>>>
>>>> Thanks,
>>>> Hai-May
>>>>
>>>>> On Jul 27, 2020, at 9:15 AM, abdul.kolarkunnu at oracle.com wrote:
>>>>>
>>>>> Hi All,
>>>>>
>>>>> This is a new test int the area of jarsigner and keytool for the 
>>>>> restricted/disabled algorithms.
>>>>>
>>>>> Bug Id - https://bugs.openjdk.java.net/browse/JDK-8248745
>>>>>
>>>>> Webrev - http://cr.openjdk.java.net/~akolarkunnu/8248745/webrev.00/
>>>>>
>>>>> Description:
>>>>>
>>>>> Adding a test for key generation, jar signing and verification 
>>>>> with all disabled algorithms and key sizes which are in the 
>>>>> property jdk.jar.disabledAlgorithms.
>>>>> Covered the scenario of with and without these disabled entries in 
>>>>> jdk.jar.disabledAlgorithms.
>>>>>
>>>>> Whenever the entries are in the property 
>>>>> jdk.jar.disabledAlgorithms, corresponding warning or error message 
>>>>> should shown, otherwise everything should work fine without any 
>>>>> related error or warning.
>>>>>
>>>>> This test covers all entries listed in 
>>>>> "jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, DSA 
>>>>> keySize < 1024, include jdk.disabled.namedCurves". In case of 
>>>>> disabled curves, this test covers only one curve secp112r1.
>>>>>
>>>>> Tested in Linux, Windows and Mac Osx platforms and all are working 
>>>>> fine.
>>>>>
>>>>> -Muneer
>>>>>
>>


More information about the security-dev mailing list