RFR: 8349533: Refactor validator tests shell files to java
Weijun Wang
weijun at openjdk.org
Fri Feb 21 15:07:57 UTC 2025
On Fri, 21 Feb 2025 11:49:26 GMT, Mikhail Yankelevich <duke at openjdk.org> wrote:
> Changed shell files to be java tests:
> * ./validator/certreplace.sh
> * ./validator/samedn.sh
test/jdk/sun/security/validator/CertReplace.java line 117:
> 115: final String outputInt = SecurityTools.keytool(ktBaseParameters +
> 116: "-export -rfc -alias int").getOutput();
> 117: Files.write(certPath, outputInt.getBytes(), StandardOpenOption.APPEND);
There are several places that can be enhanced, mainly to reduce `keytool` calling:
1. There is no need to export certs for `user` and `int`. You already created them as `user.cert` and `int.cert`.
2. Since "certreplace.certs" starts with "user.cert", you can directly `keytool -gencert` into this file on line 103.
3. There is no need to import "user.cert" to alias user since we will delete the entry anyway.
4. Consider replacing `keytool -import` and `keytool -delete` calls using `KeyStore` API. You can enhance `KeyStoreUtils` in `/test/lib` if worth doing.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/23727#discussion_r1965643259
More information about the security-dev
mailing list