RFR [16] [JDK-8248745] Add jarsigner and keytool tests for restricted algorithms

Sean Mullan sean.mullan at oracle.com
Fri Aug 7 16:53:03 UTC 2020


Looks good.

--Sean

On 8/7/20 5:04 AM, abdul.kolarkunnu at oracle.com wrote:
> Thanks Sean for the review.
> 
> Addressed your comments on  new webrev - 
> http://cr.openjdk.java.net/~akolarkunnu/8248745/webrev.02/
> 
> -Muneer
> 
> On 06/08/20 8:00 pm, Sean Mullan wrote:
>> You should also add a test for MD2 and MD5 for the jarsigner 
>> -digestalg option.
>>
>>  125     private static void testJarsignerSiginig(String sigAlg, 
>> String alias)
>>
>> typo: s/Siginig/Signing/
>>
>> All else looks fine.
>>
>> --Sean
>>
>> On 8/4/20 11:13 PM, Hai-May Chao wrote:
>>> Hi Muneer,
>>>
>>> Updated webrev looks good.
>>>
>>> Thanks,
>>> Hai-May
>>>
>>>
>>>> On Aug 4, 2020, at 7:26 PM, abdul.kolarkunnu at oracle.com wrote:
>>>>
>>>> Thanks Hai-May for review.
>>>>
>>>> Updated the webrev with your comment 
>>>> -http://cr.openjdk.java.net/~akolarkunnu/8248745/webrev.01/
>>>>
>>>> -Muneer
>>>>
>>>> On 04/08/20 11:58 pm, Hai-May Chao wrote:
>>>>> Hi Muneer,
>>>>>
>>>>> Looks good with one minor comment.
>>>>>
>>>>> #58: suggest that the SECURITY_WARNING will also include “and is 
>>>>> disabled” at the end to make it clear.
>>>>>
>>>>> Thanks,
>>>>> Hai-May
>>>>>
>>>>>> On Jul 27, 2020, at 9:15 AM, abdul.kolarkunnu at oracle.com wrote:
>>>>>>
>>>>>> Hi All,
>>>>>>
>>>>>> This is a new test int the area of jarsigner and keytool for the 
>>>>>> restricted/disabled algorithms.
>>>>>>
>>>>>> Bug Id - https://bugs.openjdk.java.net/browse/JDK-8248745
>>>>>>
>>>>>> Webrev - http://cr.openjdk.java.net/~akolarkunnu/8248745/webrev.00/
>>>>>>
>>>>>> Description:
>>>>>>
>>>>>> Adding a test for key generation, jar signing and verification 
>>>>>> with all disabled algorithms and key sizes which are in the 
>>>>>> property jdk.jar.disabledAlgorithms.
>>>>>> Covered the scenario of with and without these disabled entries in 
>>>>>> jdk.jar.disabledAlgorithms.
>>>>>>
>>>>>> Whenever the entries are in the property 
>>>>>> jdk.jar.disabledAlgorithms, corresponding warning or error message 
>>>>>> should shown, otherwise everything should work fine without any 
>>>>>> related error or warning.
>>>>>>
>>>>>> This test covers all entries listed in 
>>>>>> "jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, DSA 
>>>>>> keySize < 1024, include jdk.disabled.namedCurves". In case of 
>>>>>> disabled curves, this test covers only one curve secp112r1.
>>>>>>
>>>>>> Tested in Linux, Windows and Mac Osx platforms and all are working 
>>>>>> fine.
>>>>>>
>>>>>> -Muneer
>>>>>>
>>>


More information about the security-dev mailing list