RFR: 8300272: Improve readability of the test JarWithOneNonDisabledDigestAlg

Eirik Bjorsnos duke at openjdk.org
Tue Jan 17 22:26:57 UTC 2023


On Tue, 17 Jan 2023 22:10:44 GMT, Weijun Wang <weijun at openjdk.org> wrote:

>> @wangweij 
>> 
>> I initially removed this code, then restored it because I thought the original author might have intended to future-proof the test. It also serves as a sort of documentation of the implicit assumtions the test makes about the permitted state of digest algorithms in the JVM.
>> 
>> I have now instead added a method which explicitly asserts that MD5 is disabled and SHA256 is permitted in the very beginning of the test. This way the assumtions are made clear and the test will fail clear and loudly should these assumtions fail in the future.
>> 
>> What do you think of this update?
>
> That's OK, but believe me if one day SHA-256 is disabled we will update a lot of tests anyway.

True, making assumptions clear is maybe more important than future-proofing here. 

(Although we do actually have at least one example of a signed jar test today where the jar is no longer treated as signed because the jar was signed with SHA-1 before 2019. See VerifySignedJar which seems to not actually test much)

-------------

PR: https://git.openjdk.org/jdk/pull/11997


More information about the security-dev mailing list