RFR: 8260693: Provide the support for specifying a signer in keytool -genkeypair [v5]
Weijun Wang
weijun at openjdk.java.net
Thu Apr 8 02:03:19 UTC 2021
On Thu, 8 Apr 2021 01:42:16 GMT, Hai-May Chao <hchao at openjdk.org> wrote:
>> test/jdk/sun/security/tools/keytool/GenKeyPairSigner.java line 96:
>>
>>> 94:
>>> 95: Certificate[] certChain = kstore.getCertificateChain("e1");
>>> 96: if (certChain.length != 2) {
>>
>> Try using `Asserts` class in `/test/lib` to make code simpler. Also, why not throw an exception but call `System.exit(1)`? We usually do not call this method in a test because the test framework must take great care so that itself does not get terminated.
>
> Changed to throw the exception for errors. Meanwhile, the test is pretty straightforward/simple, and using if comparison should serve its testing need and it does not make the code complicated.
You can choose your style, but `Asserts.assertEquals(certChain.length, 2, "Generated cert chain is in error")` is definitely simpler and will give you more info when it fails.
-------------
PR: https://git.openjdk.java.net/jdk/pull/3281
More information about the security-dev
mailing list