RFR: 8300259: Add test coverage for processing of pending block files in signed JARs
Alan Bateman
alanb at openjdk.org
Tue Jan 17 18:18:08 UTC 2023
On Mon, 16 Jan 2023 11:44:36 GMT, Eirik Bjorsnos <duke at openjdk.org> wrote:
> This PR adds test coverage for pending block files in signed JAR files
>
> A signed JAR has pending block files if the block file [RSA, DSA, EC] comes before the corresponding signature file [SF] in the JAR.
>
> JarVerifier.processEntry supports processing of such pending block files, but this code path does not seem to be exercised by current test.
>
> The new test PendingBlocksJar checks that signed JARs with pending blocks are processed correctly, both for the valid and invalid cases.
test/jdk/java/util/jar/JarFile/PendingBlocksJar.java line 45:
> 43: import java.util.zip.ZipOutputStream;
> 44:
> 45: public class PendingBlocksJar {
Would it be possible to rename this to something like SignedJarPendingBlocks or something like that so that it's clear that this is a test for signed JARs? Or maybe we created a sub-directory and move the tests for signed JARs there.
-------------
PR: https://git.openjdk.org/jdk/pull/12009
More information about the security-dev
mailing list