<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
Hello,<br>
<br>
Please review this patch for SecureRandom tests which may fail with
timeout because SeedGenerator.
<meta http-equiv="content-type" content="text/html; charset=utf-8">
generateSeed() may block on /dev/random.<br>
<br>
The tests now use /dev/urandom instead. They also run in othervm
mode since "java.security.egd" system property seems to be read once
while initialization of security providers, see
sun/security/provider/SunEntries.java for details.<br>
<br>
I was not able to reproduce
sun/security/provider/SecureRandom/StrongSecureRandom.java failure.
This test sets "securerandom.source" to "/dev/urandom", but
"java.security.egd" system property may override it (see comments in
java.security file). I just updated the test to reset
"java.security.egd" system property.<br>
<br>
The patch also fixes
<a class="moz-txt-link-freetext" href="https://bugs.openjdk.java.net/browse/JDK-8156606">https://bugs.openjdk.java.net/browse/JDK-8156606</a><br>
<br>
Most of other SecureRandom tests modify security properties (for
example "securerandom.drbg.config"), and then restore them. It seems
to be fine if some properties can be updated at runtime. But it
still may affect other tests which run in the same JVM if the
original value was not restored properly. For example, see
java/security/SecureRandom/GetInstanceTest.java:<br>
<br>
<meta http-equiv="content-type" content="text/html; charset=utf-8">
<a class="moz-txt-link-freetext" href="http://hg.openjdk.java.net/jdk9/dev/jdk/file/f0c1d4d90df6/test/java/security/SecureRandom/GetInstanceTest.java#l80">http://hg.openjdk.java.net/jdk9/dev/jdk/file/f0c1d4d90df6/test/java/security/SecureRandom/GetInstanceTest.java#l80</a>
<br>
<br>
... <br>
Security.setProperty(STRONG_ALG_SEC_PROP, "DRBG:SUN"); <br>
sr = matchExc(() -> SecureRandom.getInstanceStrong(), <br>
PASS, NoSuchAlgorithmException.class, <br>
"PASS - Undefined security Property " <br>
+ "'securerandom.strongAlgorithms'"); <br>
checkAttributes(sr, "DRBG"); <br>
Security.setProperty(STRONG_ALG_SEC_PROP, origDRBGConfig); <br>
... <br>
<br>
It doesn't use try-finally block to restore the security property.
So the risk that it may affect other tests is higher. It may be
better to run all tests which modify system/security properties to
run in othervm mode to avoid potential issues. Although it would
slow down test execution.<br>
<br>
Bugs:<br>
<a class="moz-txt-link-freetext" href="https://bugs.openjdk.java.net/browse/JDK-8157344">https://bugs.openjdk.java.net/browse/JDK-8157344</a><br>
<a class="moz-txt-link-freetext" href="https://bugs.openjdk.java.net/browse/JDK-8156606">https://bugs.openjdk.java.net/browse/JDK-8156606</a><br>
<br>
Webrev: <a class="moz-txt-link-freetext" href="http://cr.openjdk.java.net/~asmotrak/8157344/webrev.00/">http://cr.openjdk.java.net/~asmotrak/8157344/webrev.00/</a><br>
<br>
Artem<br>
</body>
</html>