RFR: 8342181: Update tests to use stronger Key and Salt size [v7]
Fernando Guallini
fguallini at openjdk.org
Wed Oct 23 09:05:09 UTC 2024
> Several tests currently use weak key and salt sizes. Since the purpose of these tests is not to evaluate weak keys, they can be updated to use stronger keys length (2048-bits) and stronger Salt (16 bytes). This PR does not intend to update the tests to use stronger algorithms.
>
> There is no significant increase in tests run time, those still complete consistently fast (few seconds).
Fernando Guallini has updated the pull request with a new target base due to a merge or a rebase. The incremental webrev excludes the unrelated changes brought in by the merge/rebase. The pull request contains 11 additional commits since the last revision:
- minor changes in SecurityUtils comments and enum moved
- Merge branch 'master' into 8342181
- KeyToolTest.java will be updated in another PR
- Fix algo mistake in SignatureKeyInfo
- Updated tests that were already using 2048 to use securityUtils instead
- Convert bits to bytes when necessary
- Using SecurityUtils to define the keysize and salt size
- removed test 3072 from SupportedDSAParamGen.java
- iteration count 1000
- updated SecKeyFacSunJCEPrf.java and SupportedDSAParamGen.java
- ... and 1 more: https://git.openjdk.org/jdk/compare/da549368...ba076a63
-------------
Changes:
- all: https://git.openjdk.org/jdk/pull/21537/files
- new: https://git.openjdk.org/jdk/pull/21537/files/5e52c293..ba076a63
Webrevs:
- full: https://webrevs.openjdk.org/?repo=jdk&pr=21537&range=06
- incr: https://webrevs.openjdk.org/?repo=jdk&pr=21537&range=05-06
Stats: 110660 lines in 741 files changed: 105008 ins; 3173 del; 2479 mod
Patch: https://git.openjdk.org/jdk/pull/21537.diff
Fetch: git fetch https://git.openjdk.org/jdk.git pull/21537/head:pull/21537
PR: https://git.openjdk.org/jdk/pull/21537
More information about the security-dev
mailing list