RFR: 8300272: Improve readability of the test JarWithOneNonDisabledDigestAlg

Weijun Wang weijun at openjdk.org
Tue Jan 17 19:59:35 UTC 2023 

On Fri, 13 Jan 2023 20:12:56 GMT, Eirik Bjorsnos <duke at openjdk.org> wrote:

> This PR attempts to make JarWithOneNonDisabledDigestAlg a little easier to read. 
> 
> Some changes are made in the choice of algorithms and naming. The intent here is to reduce confusion and make the purpose of the test clearer:
> 
> - Updated the **enabled** digestAlgorithm in use from SHA1 to SHA256. The use of SHA1 here seems just a bit confusing, since it has been considered weak for a while 
> - The two different signer aliases are now named SIGNER1, SIGNER2 instead of the somewhat confusing SHA1, SHA256
> - Both signing keys are now generated with -sigalg SHA256withRSA since the sigalg of the keys does not seem to matter for this test
> 
> There are also some general code cleanups:
> 
> - Moved loading of the key store into the new method loadKeyStore
> - Updated checkThatJarIsSigned to take a parameter Map<String, Integer> representing the expected signer counts for each path in the JAR. This provides a cleaner separation between expectiations and the enforcement of expectations.
> - Introduced Path constants for various file names used throughout the test, reducing a number of redundant Path.of calls which seemed to clutter the code a bit
> - Updated IO code to use new APIs, such as Files.newOutputStream, Files.newInputStream, InputStream.transferTo and OutputStream.nullOutputStream.
> - Added/updated some comments where appropriate

https://bugs.openjdk.org/browse/JDK-8300272 filed.

test/jdk/jdk/security/jarsigner/JarWithOneNonDisabledDigestAlg.java line 2:

> 1: /*
> 2:  * Copyright (c) 2023, Oracle and/or its affiliates. All rights reserved.

Should be `Copyright (c) 2022, 2023,`.

test/jdk/jdk/security/jarsigner/JarWithOneNonDisabledDigestAlg.java line 67:

> 65:     public static void main(String[] args) throws Exception {
> 66:         SecurityUtils.removeFromDisabledAlgs("jdk.jar.disabledAlgorithms",
> 67:                 List.of("SHA256"));

There is no need to remove SHA256. It is not disabled by default.

-------------

PR: https://git.openjdk.org/jdk/pull/11997

More information about the security-dev mailing list