RFR: 8300272: Improve readability of the test JarWithOneNonDisabledDigestAlg

Eirik Bjorsnos duke at openjdk.org
Tue Jan 17 19:59:30 UTC 2023


This PR attempts to make JarWithOneNonDisabledDigestAlg a little easier to read. 

Some changes are made in the choice of algorithms and naming. The intent here is to reduce confusion and make the purpose of the test clearer:

- Updated the **enabled** digestAlgorithm in use from SHA1 to SHA256. The use of SHA1 here seems just a bit confusing, since it has been considered weak for a while 
- The two different signer aliases are now named SIGNER1, SIGNER2 instead of the somewhat confusing SHA1, SHA256
- Both signing keys are now generated with -sigalg SHA256withRSA since the sigalg of the keys does not seem to matter for this test

There are also some general code cleanups:

- Moved loading of the key store into the new method loadKeyStore
- Updated checkThatJarIsSigned to take a parameter Map<String, Integer> representing the expected signer counts for each path in the JAR. This provides a cleaner separation between expectiations and the enforcement of expectations.
- Introduced Path constants for various file names used throughout the test, reducing a number of redundant Path.of calls which seemed to clutter the code a bit
- Updated IO code to use new APIs, such as Files.newOutputStream, Files.newInputStream, InputStream.transferTo and OutputStream.nullOutputStream.
- Added/updated some comments where appropriate

-------------

Commit messages:
 - The test assumes that MD5 is disabled, SHA256 is enabled digest algorithms. Assert this assumption in the test.
 - Fix copyright years to 2022, 2023
 - An attempt to make JarWithOneNonDisabledDigestAlg a little easier to follow

Changes: https://git.openjdk.org/jdk/pull/11997/files
 Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=11997&range=00
  Issue: https://bugs.openjdk.org/browse/JDK-8300272
  Stats: 89 lines in 1 file changed: 37 ins; 8 del; 44 mod
  Patch: https://git.openjdk.org/jdk/pull/11997.diff
  Fetch: git fetch https://git.openjdk.org/jdk pull/11997/head:pull/11997

PR: https://git.openjdk.org/jdk/pull/11997



More information about the security-dev mailing list