RFR: 8163498: Many long-running security libs tests

Weijun Wang weijun at openjdk.java.net
Wed Feb 3 15:09:42 UTC 2021

On Wed, 3 Feb 2021 13:29:54 GMT, Fernando Guallini <fguallini at openjdk.org> wrote:

> The following tests have been split based on lower/higher key sizes in order to reduce individual execution time and run in parallel with jtreg
> sun/security/provider/DSA/SupportedDSAParamGen.java
> sun/security/provider/NSASuiteB/TestDSAGenParameterSpec.java
> com/sun/crypto/provider/KeyAgreement/SupportedDHParamGens.java
> sun/security/rsa/SignatureTest.java is now using a fake generator since its objective is to test signature not key generation itself. In addition, it was generating and verifying the same key twice, with same modulus and exponent. That redundancy is removed. This speeds up the execution from ~54s to ~25s on average

test/jdk/sun/security/rsa/SignatureTest.java line 137:

> 135:                 return new Key[]{
> 136:                     kf.generatePublic(kf.getKeySpec(key, RSAPublicKeySpec.class)),
> 137:                     kf.generatePublic(new X509EncodedKeySpec(key.getEncoded()))

Here, the test ensures keys created from a `RSAPublicKeySpec` are the same no matter if the `RSAPublicKeySpec` is retrieved from `KeyFactory::getKeySpec` or manually created. If you can prove the two `RSAPublicKeySpec` objects are effectively the same (or it has already been proven in other tests) then there's no need to generate the key again.

On the other hand, we can actually add more keys into the array. The 1st is `key` itself, and the 2nd is one generated from `kf.getKeySpec(key, X509EncodedKeySpec.class)`.


PR: https://git.openjdk.java.net/jdk/pull/2381

More information about the security-dev mailing list