Code Review Request:8019544: Need to run ProviderTest.java in othervm mode

Could you please review the small fix for 8019544: http://cr.openjdk.java.net/~juh/rajan/8019544/webrev.00/ <http://cr.openjdk.java.net/%7Ejuh/rajan/8019544/webrev.00/> This is a test only fix for test stabilization. -- <http://www.oracle.com> Rajan Halade, CISSP | Senior Member

Code Review Request: 8014266

May I request you to review this simple change. http://cr.openjdk.java.net/~xuelei/8014266/webrev/ This is to update the test comment to assist in timeout analysis. The test may timeout on heavy loaded system as it involves multiple tls transactions. -- <http://www.oracle.com> Rajan

Thoughts on possible options to JDK-8027598

I am working towards fixing JDK-8027598 , there are multiple options available here and would appreciate your thoughts on this. It was filed to address the issue at large reported inJDK-8027526 .

Re: Thoughts on possible options to JDK-8027598

Thanks for your comments. See inline - - Rajan On 11/20/2013 03:54, Chris Hegarty wrote: On 20/11/13 01:07, Xuelei Fan wrote: On 11/20/2013 8:19 AM, Rajan Halade wrote: I am working towards fixing JDK-8027598 <https://bugs.openjdk.java.net/browse/JDK-8027598>, there are multiple o

Re: Thoughts on possible options to JDK-8027598

On 11/22/2013 11:42, Sean Mullan wrote: On 11/21/2013 04:53 AM, Chris Hegarty wrote: If I am correct, JTREG has support provider cleanup already. But the question is even JTREG reset the providers, it still cannot ensure next test won't be impacted because in some circumstances JDK may need t

Code Review Request: 8021418

May I request you to review this simple change - http://cr.openjdk.java.net/~juh/rajan/8021418/ The test is modified to set SO_REUSEADDR on ServerSocket to false for stabilization. Thanks, Rajan

Re: Code Review Request: 8021418

On 11/26/2013 18:09, Xuelei Fan wrote: This change looks fine. thanks! JSSE regression tests use a lot of code as "new ServerSocket(0)", we may want a cleanup for test stabilization. I will look at regression tests and file separate bug for it. - Rajan Xuelei On 11/27/2013 9:13

Re: Code Review Request: 8021418

, since workaround suggested solved the issue. Thanks, Rajan brad On 11/26/2013 6:09 PM, Xuelei Fan wrote: This change looks fine. JSSE regression tests use a lot of code as "new ServerSocket(0)", we may want a cleanup for test stabilization. Xuelei On 11/27/2013 9:13 AM, Rajan Ha

Re: Thoughts on possible options to JDK-8027598

ding othervm and then back it out when the JTREG fix is made. I am discussing this with Jon and will soon update with summary of it. I am also working on adding /othervm to affected tests. - Rajan Brad On 11/25/2013 2:29 AM, Chris Hegarty wrote: On 22/11/13 21:11, Rajan Halade wrote: On

RFR 8033271: Manual security tests have @ignore rather than @run main/manual

Please review this fix: http://cr.openjdk.java.net/~wetmore/8033271/webrev.01/ I removed @ignore from all these tests and marked them with manual for now. These tests will be considered for automation as a separate effort and will be executed manually for now. Thanks, Rajan

Re: RFR 8033271: Manual security tests have @ignore rather than @run main/manual

hanks, Xuelei On 3/15/2014 4:07 AM, Rajan Halade wrote: Please review this fix: http://cr.openjdk.java.net/~wetmore/8033271/webrev.01/ I removed @ignore from all these tests and marked them with manual for now. These tests will be considered for automation as a separate effort and will be executed man

Re: RFR 8033271: Manual security tests have @ignore rather than @run main/manual

Thanks again! Updated review with corrections - http://cr.openjdk.java.net/~wetmore/8033271/webrev.03/ - Rajan On 3/14/2014 18:36, Xuelei Fan wrote: Minimal comments: test/sun/security/smartcardio/TestAll.java == Looks like there is no actual update.

RFR 8037258: AIOB while parsing CRL for revoked certificate

Please review this small fix - http://cr.openjdk.java.net/~mullan/webrevs/8037258/webrev.02/ I have also updated the source to remove unused variables and updated javadoc information. Thanks, Rajan

[JDK 9] RFR: 8041781: Need new regression tests for PBE keys

May I request you to review these 3 new tests to be added for PBE keys. New tests are added to address following: - seal/unseal works correctly with PBE algorithms - key wrapper works correctly with PBEKey - SecretKeyFactory.translateKey() method works JDK Issue: https://bugs.openjdk.java.net/b

Re: [JDK 9] RFR: 8041781: Need new regression tests for PBE keys

Ping...can someone help review this please. Thanks, Rajan On 6/18/14, 3:36 PM, Rajan Halade wrote: May I request you to review these 3 new tests to be added for PBE keys. New tests are added to address following: - seal/unseal works correctly with PBE algorithms - key wrapper works correctly

[JDK-9] RFR: 8041787: Need new regressions tests for buffer handling for PBE algorithms

May I request you to review these 4 new tests to be added for PBE keys. New tests are added to address following: - same buffer can be used for encrypt and decrypt with PBE - Mac update works correctly with different size of ByteBuffer - doFinal and update operation result in same PBMac - for PB

RFR: 8060103: CheckBlacklistedCerts.java thinks its openjdk build

May I request you to review small fix to CheckBlacklistedCerts test to correctly determine if OpenJDK build is used. Webrev: http://cr.openjdk.java.net/~rhalade/8060103/webrev.00/ Bug: https://bugs.openjdk.java.net/browse/JDK-8060103 Thanks, Rajan

[9] RFR: 8048601: Tests for JCE crypto ciphers

May I request you to review new tests added to check Cipher operations with different algorithms and modes. Webrev: http://cr.openjdk.java.net/~rhalade/8048601/webrev.00/ Bug: https://bugs.openjdk.java.net/browse/JDK-8048601 Thanks, Rajan

[9] RFR: 8049237: Need new tests for X509V3 certificates

May I request you to review two new tests added. V1toV3Cert tries to covert a existing V1 certificate to V3 and V3Certificate test tries to generate V3 certificate with different extensions. Webrev: http://cr.openjdk.java.net/~rhalade/8049237/webrev.00/ Bug: https://bugs.openjdk.java.net/browse

[9] RFR: 8048624: Tests for SealedObject

May I request you to review two new tests added to check SealedObject with different ciphers. Bug: https://bugs.openjdk.java.net/browse/JDK-8048624 Webrev: http://cr.openjdk.java.net/~rhalade/8048624/webrev/ Thanks, Rajan

[9] RFR: 8130031: Remove the intermittent keyword for this test

Please help me with your review for this one line fix to remove intermittent keyword. The test is pretty stable now. Bug: https://bugs.openjdk.java.net/browse/JDK-8130031 Webrev: http://cr.openjdk.java.net/~rhalade/8130031/webrev.00/ Thanks, Rajan

Re: [9] RFR: 8048624: Tests for SealedObject

t think of a reason to. I wonder if anyone actually uses NullCipher. What is the purpose of this test? Thanks, Valerie On 7/17/2015 4:21 PM, Rajan Halade wrote: May I request you to review two new tests added to check SealedObject with different ciphers. Bug: https://bugs.openjdk.java.net/browse

Re: [9] RFR: 8049237: Need new tests for X509V3 certificates

test as it seems like a obscure case not supported by any of our tools/APIs. This test tries to convert V1 to V3 certificate. Ok, I removed this test case. http://cr.openjdk.java.net/~rhalade/8049237/webrev.01/ Thanks, Rajan --Sean Thanks, Xuelei On 7/15/2015 9:37 AM, Rajan Halade wrote:

Re: [9] RFR: 8048601: Tests for JCE crypto ciphers

h me. Thanks, Rajan Will send u comments regarding the TestLength ones in a separate email. Thanks, Valerie On 7/14/2015 1:27 PM, Rajan Halade wrote: May I request you to review new tests added to check Cipher operations with different algorithms and modes. Webrev: http://cr.openjdk.ja

Re: [9] RFR: 8049237: Need new tests for X509V3 certificates

other enhancements later. For now, I have updated test to reset jdk.tls.disabledAlgorithms to remove constraints. http://cr.openjdk.java.net/~rhalade/8049237/webrev.02 Thanks, Rajan --Sean On 08/25/2015 02:30 PM, Rajan Halade wrote: On 8/25/15 10:09 AM, Sean Mullan wrote: On 08/18/2015 09:01 PM, X

Re: [9] RFR: 8049237: Need new tests for X509V3 certificates

On 8/27/15 4:43 AM, Sean Mullan wrote: I don't think the different signature variants buy you much, since what you are mainly testing here is the ability to parse the created certificate without errors. I would simplify the test by just having a single test for each key type. --Sean Test up

[9] RFR: 8048356: SecureRandom default provider tests

Please help with your review of this new test to check default provider used with SecureRandom. Bug: https://bugs.openjdk.java.net/browse/JDK-8048356 Webrev: http://cr.openjdk.java.net/~rhalade/8048356/webrev.00/ Thanks, Rajan

Re: security/infra/java/security/cert/CertPathValidator/certification/QuoVadisCA.java fails in jdk

would like to run it again. Best regards, Goetz. -Original Message- From: security-dev On Behalf Of Rajan Halade Sent: Mittwoch, 11. Juli 2018 17:42 To: Baesken, Matthias ; security- d...@openjdk.java.net Subject: Re: security/infra/java/security/cert/CertPathValidator/certification

Re: RFR [12]: 8195793: Remove GTE CyberTrust Global Root

Looks good to me! Thanks, Rajan On 10/18/18 8:04 AM, Sean Mullan wrote: Please review this change to remove the GTE CyberTrust Global Root from the cacerts keystore. This root is expired and all certificates that chain back to this root have expired. Note that retaining roots past their expi

RFR: 8207059: Update test certificates in QuoVadisCA.java test

Please review this fix to update test certificates used in QuoVadis CA tests. Webrev: http://cr.openjdk.java.net/~rhalade/8207059/webrev.00/ Thanks, Rajan

Re: jdk11u and jdk/jdk : jtreg test error in security/infra/java/security/cert/CertPathValidator/certification/ActalisCA.java

I will address these after this winter break or during if I get time. Thanks, Rajan On 12/19/18 2:28 AM, Lindenmaier, Goetz wrote: Hi, the amount of tests failing is increasing: security/infra/java/security/cert/CertPathValidator/certification/ActalisCA.java security/infra/java/securit

Re: RFR 8180573: Refactor sun/security/tools shell tests to plain java tests

Review took longer than I planned. Your fix looks good. In addition to conversion to java, fix has good enhancements needed to tests. For instance - changing non-default digest algorithm to SHA-1 from SHA-256 for AlgOptions.sh. Thanks for these changes. Thanks, Rajan On 3/25/19 8:20 PM, Weij

Re: RFR [backport to jdk and 11u]: 8216577: Add GlobalSign's R6 Root certificate

ev/ Bug: https://bugs.openjdk.java.net/browse/JDK-8216577 <https://bugs.openjdk.java.net/browse/JDK-8216577> Please review. @Rajan Halade <mailto:rajan.hal...@oracle.com>: please let me know whether I shall push it to jdk/jdk or feel free to do it yourself. Thanks & Bes

RFR: 8222137: Remove T-Systems root CA certificate

Please review this fix for removal of T-Systems Deutsche Telekom Root CA 2 certificate. Webrev: http://cr.openjdk.java.net/~rhalade/8222137/webrev.00/ Release note is at - https://bugs.openjdk.java.net/browse/JDK-8223161 Thanks, Rajan

Re: RFR: 8222137: Remove T-Systems root CA certificate

both releases, if you want. Best regards Christoph *From:*security-dev *On Behalf Of *Rajan Halade *Sent:* Dienstag, 30. April 2019 20:39 *To:* Sean Mullan ; security-dev *Subject:* RFR: 8222137: Remove T-Systems root CA certificate Please review this fix for removal of T-Systems Deutsche

RFR: 8222136: Remove two Comodo root CA certificates that are expiring

Please review this fix for removal of two Comodo root CAcertificates. Webrev: http://cr.openjdk.java.net/~rhalade/8222136/webrev.00/ Release note is at - https://bugs.openjdk.java.net/browse/JDK-8223976 Thanks, Rajan

RFR: 8223499: Remove two DocuSign root certificates that are expiring

Please review this fix for removal of two DocuSign root CAcertificates. Webrev: http://cr.openjdk.java.net/~rhalade/8223499/webrev.00/ Release note is at - https://bugs.openjdk.java.net/browse/JDK-8224004 Thanks, Rajan

RFR: 8202651: Test ActalisCA.java and ComodoCA fails

Please review this fix to update test certificates used in Actalis and Comodo CA interop tests. The bug also mentioned QuoVadisCA test but I am not able to reproduce the failure. For Actalis CA, I couldn't get revoked test certificate but the test is updated for valid certificate and will pass

Re: RFR: 8202651: Test ActalisCA.java and ComodoCA fails

On 5/22/19 8:39 AM, Sean Mullan wrote: On 5/21/19 5:31 PM, Rajan Halade wrote: Please review this fix to update test certificates used in Actalis and Comodo CA interop tests. The bug also mentioned QuoVadisCA test but I am not able to reproduce the failure. For Actalis CA, I couldn'

Re: RFR: 8202651: Test ActalisCA.java and ComodoCA fails

On 5/22/19 9:34 AM, Sean Mullan wrote: On 5/22/19 12:04 PM, Rajan Halade wrote: On 5/22/19 8:39 AM, Sean Mullan wrote: On 5/21/19 5:31 PM, Rajan Halade wrote: Please review this fix to update test certificates used in Actalis and Comodo CA interop tests. The bug also mentioned QuoVadisCA test

Re: RFR(S): 8224727: Problem list 2 tests in security/infra/java/security/cert/CertPathValidator/certification

I have pushed fix for ComodoCA with JDK-8202651 and have filed JDK-8224768 to address ActalisCA issue. You can problem list ActalisCA for now with JDK-8224727. Thanks, Rajan On 5/24/19 6:43 AM, Sean Mullan wrote: On 5/24/19 4:00 AM, Langer, Christoph wrote: Hi, please review the problem lis

Re: RFR(S): 8224727: Problem list 2 tests in security/infra/java/security/cert/CertPathValidator/certification

Looks good, thanks! - Rajan On 5/24/19 10:50 PM, Langer, Christoph wrote: Hi Rajan, thanks for this. Problem list update would be then: http://cr.openjdk.java.net/~clanger/webrevs/8224727.1/ Please review. Thanks Christoph -Original Message- From: Rajan Halade Sent: Freitag, 24

RFR: 8228337: problemList failing/ignored manual tests in security-libs

Please review this problemList update to add earlier ignored manual regression tests. These tests require special setup/hardware and few have outdated JDK and need update. webrev: http://cr.openjdk.java.net/~rhalade/8228337/webrev.00/ Th

RFR: 8228755: ProblemList sun/security/tools/jarsigner/Warning.java

Please review this patch to problem list Warning.java. I am not able to reproduce the failure and will require more time to find root cause and fix. diff -r f459f98aa30d test/jdk/ProblemList.txt --- a/test/jdk/ProblemList.txt Mon Jul 29 20:18:43 2019 + +++ b/test/jdk/ProblemList.txt Mon Jul

RFR: 8231887: ComodoCA.java fails because certificate was revoked

Please review this fix in ComodoCA.java test to update test certificates used. CA revoked earlier test artifacts so we need to update those. Webrev: http://cr.openjdk.java.net/~rhalade/8231887/webrev.00/ Thanks, Rajan

RFR: 8232019: Add LuxTrust certificate updates to the existing root program

May I request you to review this root certificate update to add “LuxTrust Global Root 2” CA to cacerts. Webrev: http://cr.openjdk.java.net/~rhalade/8232019/webrev.00/ Thanks, Rajan

RFR: 8233223: Add Amazon Root CA certificates

May I request you to review this fix to add 4 new Amazon root certificates to cacerts. Webrev: http://cr.openjdk.java.net/~rhalade/8233223/webrev.00/ Thanks, Rajan

RFR: 8190492: Remove SSLv2Hello and SSLv3 from default enabled TLS protocols

May I request you to review following fix which removes SSLv2Hello and SSLv3 from default enabled protocols. SSLv3 has been deprecated with RFC 7568. We have already disabled it by default in 2015 by adding it to the jdk.tls.disabledAlgorithms property. This fix removes it from default enabled

Re: RFR: 8190492: Remove SSLv2Hello and SSLv3 from default enabled TLS protocols

lo are not longer available > as supported, and that you can't turn them back on? > > Brad > > > On 12/4/2019 1:19 PM, Rajan Halade wrote: >> May I request you to review following fix which removes SSLv2Hello and SSLv3 >> from default enabled protocols. >>

RFR: 8225128: Add exception for expiring DocuSign root to VerifyCACerts test

May I request you to review this small update to add keynectisrootca to expiry check exempt list. JDK-8225068 will remove this certificate after expiry. diff -r af8e77a59bd8 test/jdk/sun/security/lib/cacerts/VerifyCACerts.java --- a/test/jdk/sun/security/lib/cacerts/VerifyCACerts.java Fri Fe

Re: [JDK 15] RFR 8239979: sun/security/tools/keytool/ExtOptionCamelCase.java is not run

Thanks Amy for the fix! Any reason for using othervm to run this test? Otherwise your fix looks good to me. Thanks, Rajan > On Feb 25, 2020, at 6:48 PM, Amy Lu wrote: > > sun/security/tools/keytool/ExtOptionCamelCase.java > > This is not a compile-only test, but due to the missed @run tag,

Re: [JDK 15] RFR 8239979: sun/security/tools/keytool/ExtOptionCamelCase.java is not run

Thanks! looks good. Thanks, Rajan > On Feb 25, 2020, at 10:24 PM, Amy Lu wrote: > > Removed othervm: > http://cr.openjdk.java.net/~amlu/8239979/webrev.01/index.html > <http://cr.openjdk.java.net/~amlu/8239979/webrev.01/index.html> > > Thanks, > Amy > &g

RFR: 8225130: Add exception for expiring Comodo roots to VerifyCACerts test

May I request you to review this fix to test VerifyCACerts. diff -r 4a5a7dc9d05c test/jdk/sun/security/lib/cacerts/VerifyCACerts.java --- a/test/jdk/sun/security/lib/cacerts/VerifyCACerts.java Sun Mar 01 17:36:03 2020 -0800 +++ b/test/jdk/sun/security/lib/cacerts/VerifyCACerts.java Sun

RFR: 8240686: 70 security tests are failing on Windows due to "Fetch artifact failed"

The fetch artifact issue is fixed within infra so these tests can be removed from ProblemList now. Please review this changeset: diff -r 7af6364e1792 test/jdk/ProblemList.txt --- a/test/jdk/ProblemList.txt Fri Mar 06 18:03:09 2020 -0800 +++ b/test/jdk/ProblemList.txt Fri Mar 06 19:56:26 2020 -0

Re: security/infra/java/security/cert/CertPathValidator/certification/GlobalSignR6CA.java jtreg test errors

Hi Matthias, I tried several runs of this test but am not able to reproduce the issue. May be requests from my tests are routed to different OCSP instance. OCSP responder instance can return internalError for inconsistent internal state. How frequent is the failure for you if you are still seei

Re: RFR[15] JDK-8237977: Further update javax/net/ssl/compatibility/Compatibility.java

Hi John, Thanks for taking care of this fix. Your changes look good me. I have couple of suggestions: - consider changing header for last column from “Why negative case” to “Reason” - for a failed test case (a testcase that succeeds when expected to fail or a testcase that fails when expected

Re: RFR[15] JDK-8237977: Further update javax/net/ssl/compatibility/Compatibility.java

openjdk.java.net/~jjiang/8237977/webrev.01/> > On 2020/3/25 11:08, Rajan Halade wrote: >> Hi John, >> >> Thanks for taking care of this fix. Your changes look good me. >> >> I have couple of suggestions: >> >> - consider changing header for last column

RFR: 8225068: Remove DocuSign root certificate that is expiring in May 2020

Please review this patch to remove Keynectis CA certificate from cacerts store. Webrev: http://cr.openjdk.java.net/~rhalade/8225068/webrev.00/ Thanks, Rajan

RFR: 8225069: Remove Comodo root certificate that is expiring in May 2020

Please review this fix to remove expiring Comodo root CA “AddTrust Class 1 CA Root”. Other two, AddTrust Qualified CA Root and AddTrust External CA Root, will remain since there are code signing certificates issued from those. Webrev: http://cr.openjdk.java.net/~rhalade/8225069/webrev.00/

Re: RFR:8246330:Add TLS Tests for Legacy ECDSA curves

One minor comment - Can you please put try-catch around "(new DisabledCurve()).run();” instead of over for loop? Otherwise test looks good. Thanks, Rajan > On Jun 4, 2020, at 8:41 PM, shivangi.g.gu...@oracle.com wrote: > > Corrected the links. > > On 04/06/20 10:59 pm, shivangi.g.gu...@oracl

Re: RFR:8246330:Add TLS Tests for Legacy ECDSA curves

tp://cr.openjdk.java.net/~sshivang/reviews/8246330/webrev.01/> > > Thanks > > Shivangi > > > > On 06/06/20 7:37 am, Rajan Halade wrote: >> One minor comment - >> >> Can you please put try-catch around "(new DisabledCurve()).run();” instead >

RFR: 8243321: Add Entrust root CA - G4 to Oracle Root CA program

Please review this patch to add “Entrust Root Certification Authority - G4” root certificate to cacerts store. Webrev: http://cr.openjdk.java.net/~rhalade/8243321/webrev.00/ Release note: https://bugs.openjdk.java.net/browse/JDK-8250756 <

RFR: 8243320: Add SSL root certificates to Oracle Root CA program

Please review this patch to add SSL Corporation issued root CA certificates to cacerts. Webrev: http://cr.openjdk.java.net/~rhalade/8243320/webrev.00/ Release Note: https://bugs.openjdk.java.net/browse/JDK-8250860

RFR: 8251859: sun/security/validator/PKIXValAndRevCheckTests.java fails

Please review this patch to perform backdated certpath check as test certificate has expired. diff -r cb8450f00ee9 test/jdk/sun/security/validator/PKIXValAndRevCheckTests.java --- a/test/jdk/sun/security/validator/PKIXValAndRevCheckTests.java Tue Aug 18 01:08:18 2020 +0200 +++ b/test/jdk/s

RFR: 8238157: Remove intermittent key from AmazonCA.java

Please review this update to remove key intermittent from AmazonCA test. This test no longer fails intermittently. @@ -24,7 +24,6 @@ /* * @test * @bug 8233223 - * @key intermittent * @summary Interoperability tests with Amazon's CA1, CA2, CA3, and CA4 * @build ValidatePathWithParams *

RFR: 8249176: Update GlobalSignR6CA test certificates

Please review this change to update test artifacts used for GlobalSign R6 Root CA. Webrev: http://cr.openjdk.java.net/~rhalade/8249176/webrev.00/ Thanks, Rajan

RFR: 8239105: Add exception for expiring Digicert root certificates to Ver…

8239105: Add exception for expiring Digicert root certificates to Ver… - Commit messages: - 8239105: Add exception for expiring Digicert root certificates to VerifyCACerts test Changes: https://git.openjdk.java.net/jdk/pull/484/files Webrev: https://webrevs.openjdk.java.net/?repo=

Re: RFR: 8239105 : Add exception for expiring Digicert root certificates to VerifyCACerts test

On Fri, 2 Oct 2020 17:09:37 GMT, Sean Mullan wrote: > Looks good. Shouldn't we be seeing mach5 test failures from this though? I > didn't see any failures. We are still not beyond 90 days. It will start failing over the weekend. - PR: https://git.openjdk.java.net/jdk/pull/484

Integrated: 8239105 : Add exception for expiring Digicert root certificates to VerifyCACerts test

On Fri, 2 Oct 2020 16:21:47 GMT, Rajan Halade wrote: > 8239105 : Add exception for expiring Digicert root certificates to > VerifyCACerts test This pull request has now been integrated. Changeset: 123e786d Author: Rajan Halade URL: https://git.openjdk.java.net/jdk/commit/12

RFR: 8254081: java/security/cert/PolicyNode/GetPolicyQualifiers.java fails due to an expired certificate

8254081: java/security/cert/PolicyNode/GetPolicyQualifiers.java fails due to an expired certificate - Commit messages: - 8254081: java/security/cert/PolicyNode/GetPolicyQualifiers.java fails due to an expired certificate Changes: https://git.openjdk.java.net/jdk/pull/528/files We

Re: RFR: 8254081: java/security/cert/PolicyNode/GetPolicyQualifiers.java fails due to an expired certificate [v2]

> 8254081: java/security/cert/PolicyNode/GetPolicyQualifiers.java fails due to > an expired certificate Rajan Halade has updated the pull request incrementally with one additional commit since the last revision: 8254081: Use DateFormat instead of Date - Changes: - all:

Re: RFR: 8254081: java/security/cert/PolicyNode/GetPolicyQualifiers.java fails due to an expired certificate [v2]

On Tue, 6 Oct 2020 16:21:34 GMT, Xue-Lei Andrew Fan wrote: >> Rajan Halade has updated the pull request incrementally with one additional >> commit since the last revision: >> >> 8254081: Use DateFormat instead of Date > > test/jdk/java/security/cert/PolicyNode

Integrated: 8254081: java/security/cert/PolicyNode/GetPolicyQualifiers.java fails due to an expired certificate

On Tue, 6 Oct 2020 16:00:12 GMT, Rajan Halade wrote: > 8254081: java/security/cert/PolicyNode/GetPolicyQualifiers.java fails due to > an expired certificate This pull request has now been integrated. Changeset: 54b340b4 Author: Rajan Halade URL: https://git.openjdk.java.n

Re: [9] RFR: 8048356: SecureRandom default provider tests

this API and provide sufficient coverage. Thanks, Rajan On 11/9/15 1:54 PM, Bradford Wetmore wrote: On 9/4/2015 1:43 PM, Rajan Halade wrote: Please help with your review of this new test to check default provider used with SecureRandom. Bug: https://bugs.openjdk.java.net/browse/JDK-8048356

Re: RFR 8143377: Test PKCS8Test.java fails

Hi Amanda, If you want skip test on solaris, please use - @requires (os.family != "solaris") http://openjdk.java.net/jtreg/tag-spec.html#requires_names Note: I am not a official OpenJDK reviewer. Thanks, Rajan On 11/24/15 2:05 PM, Amanda Jiang wrote: Hi Max, Could you please review the fix

Re: RFR 8143377: Test PKCS8Test.java fails

This test was added to ProblemList.txt, please update it to remove the test. - sun/security/pkcs/pkcs8/PKCS8Test.java solaris-all Thanks, Rajan On 11/24/15 3:13 PM, Rajan Halade wrote: Hi Amanda, If you want skip test on solaris, please use - @requires (os.family != "solaris&qu

Re: RFR 8143377: Test PKCS8Test.java fails

, Amanda On 15/11/24 下午3:26, Rajan Halade wrote: This test was added to ProblemList.txt, please update it to remove the test. - sun/security/pkcs/pkcs8/PKCS8Test.java solaris-all Thanks, Rajan On 11/24/15 3:13 PM, Rajan Halade wrote: Hi Amanda, If you want skip test on solaris, please use

RFR: [9]: 8055351: sun/security/provider/DSA/TestAlgParameterGenerator.java failed with interrupted! (timed out?)

Please help with your review of following patch to TestAlgParameterGenerator test. It allows test more time to run, not run in othervm, and few more trivial updates. Bug: https://bugs.openjdk.java.net/browse/JDK-8055351 Webrev: http://cr.openjdk.java.net/~rhalade/8055351/webrev.00/ Thanks, Raj

Re: RFR: [9]: 8055351: sun/security/provider/DSA/TestAlgParameterGenerator.java failed with interrupted! (timed out?)

timeout value here. Thanks, Rajan Rest looks fine. Thanks, Valerie On 4/8/2016 2:27 PM, Rajan Halade wrote: Please help with your review of following patch to TestAlgParameterGenerator test. It allows test more time to run, not run in othervm, and few more trivial updates. Bug: https

RFR: [9]: 8153829: javax/net/ssl/Stapling/HttpsUrlConnClient.java fails intermittently with NullPointerException

Please help with your review of following patch to OCSP stapling tests. HttpsUrlConnClient test failed intermittently with NPE because OCSP server was not ready. With this patch, SimpleOCSPServer indicates server ready to accept connections. Similar fix is applied to other tests in this area.

Re: RFR: [9]: 8153829: javax/net/ssl/Stapling/HttpsUrlConnClient.java fails intermittently with NullPointerException

equency of intermittent failure. I would like to use 5 second wait and update the implementation (line 305-307). Similar to other test cases. Thanks, Xuelei On 4/12/2016 7:44 AM, Rajan Halade wrote: Please help with your review of following patch to OCSP stapling tests. HttpsUrlConnClient t

RFR: [9]: 8154196: Mark javax/net/ssl/DTLS/CipherSuite.java as intermittently failing

The test javax/net/ssl/DTLS/CipherSuite.java has been seen to fail intermittently, see bug 8132320, 8130460. The test should be marked accordingly. diff -r 32bb1700f683 test/javax/net/ssl/DTLS/CipherSuite.java --- a/test/javax/net/ssl/DTLS/CipherSuite.javaTue Apr 05 21:18:01 2016 +0100 +++

RFR: [9]: 8151834: Test SmallPrimeExponentP.java times out intermittently

Hi Max, Please review this patch to fix SmallPrimeExponentP test. It now uses fixed seed value to generate keypair. I did several rounds of testing on different machines to make sure that primes 63/65 are generated in fixed number of iterations. Other updates to test are done to include detail

Re: RFR: [9]: 8151834: Test SmallPrimeExponentP.java times out intermittently

:44，Rajan Halade 写道： Hi Max, Please review this patch to fix SmallPrimeExponentP test. It now uses fixed seed value to generate keypair. I did several rounds of testing on different machines to make sure that primes 63/65 are generated in fixed number of iterations. Other updates to test are

RFR: [9]: 8137231: sun/security/rsa/SpecTest.java timeout with Agent error: java.lang.Exception

Please provide your review of following patch to SpecTest.java test. This test purpose shouldn't require generating extra key pair with different public exponent value. Bug: https://bugs.openjdk.java.net/browse/JDK-8137231 Webrev: http://cr.openjdk.java.net/~rhalade/8137231/webrev.00/ Thanks,

RFR: [9]: 8154382: Remove intermittent keyword from SupportedDSAParamGen.java

Please review following patch to remove intermittent keyword from this test. Test has never seen to fail intermittently. diff -r 8606d027b2c2 test/sun/security/provider/DSA/SupportedDSAParamGen.java --- a/test/sun/security/provider/DSA/SupportedDSAParamGen.java Fri Apr 15 16:19:15 2016 +0100 +

RFR: [9]: 8129329: sun/security/ssl/SSLContextImpl/MD2InTrustAnchor.java failed intermittently

Please provide your review of following patch to this test to start server in a separate thread, have additional logging and few other nits. Old test didn't have enough logging at the time of failure so it is not clear why client didn't connect which resulted in timeout on server accept. Bug:

Re: RFR: [9]: 8129329: sun/security/ssl/SSLContextImpl/MD2InTrustAnchor.java failed intermittently

. although it is a test, most of the methods and fields can be private. 2. would you mind use try-with-resource for sslServerSocket, too. These are addressed in new webrev. Thanks, Rajan Thanks, Xuelei On 4/21/2016 5:55 AM, Rajan Halade wrote: Please provide your review of following patch to this

RFR: 9: 8156671: Refactor sun/security/rsa/SignatureTest.java

Please provide your review of patch to refactor SignatureTest. This test now runs all signature algorithms with key generated once resulting in saving 75% of execution time. Bug: https://bugs.openjdk.java.net/browse/JDK-8156671 Webrev: http://cr.openjdk.java.net/~rhalade/8156671/webrev.00/ Tha

RFR: 9: 8155049: New tests from 8144566 fail with "No expected Server Name Indication"

Please provide your review of this one line fix. These tests fail on machine where non-FQDN hostname is returned. As per RFC for SNI extension, hostname needs to be fully qualified DNS hostname and same is asserted in JDK when it adds hostname to SNI extension. This fix skips test execution if

RFR: 9: 8156035: Remove intermittent key from sun/security/rsa/SpecTest.java

Please review this small change to remove intermittent key from this test. JDK-8137231 addressed intermittent failure and we haven't seen test failure for a long time and with frequent runs. Bug: https://bugs.openjdk.java.net/browse/JDK-8156035 diff -r 3675fb8573d4 test/sun/security/rsa/SpecTe

Re: RFR 8156059: Update/Develop new tests for JEP 287: SHA-3 Hash Algorithms

Hi Amanda, I have following comments: - UnsupportedProvider.java line 55: this assumes that it is okay to have NoSuchAlgorithmException for all providers. - Update MessageDigest tests to use RandomFactory from http://hg.openjdk.java.net/jdk9/jdk9/jdk/file/f8a3c1510f95/test/lib/testlibrary/jdk/t

RFR: 9: 8157469: DefaultProviderList.java fails with no provider class apple.security.AppleProvider found

Please review following fix. AppleProvider is in java.base module so will not be loaded by ServiceLoader. 8157489 is filed to fix java.base/macosx/classes/module-info.java.extra. Bug: https://bugs.openjdk.java.net/browse/JDK-8157469 Webrev: http://cr.openjdk.java.net/~rhalade/8157469/webrev.0

Re: RFR 8156059: Update/Develop new tests for JEP 287: SHA-3 Hash Algorithms

algos are covered, it's up to you to make the enhancements that Rajan suggested. Thanks, Valerie On 5/19/2016 3:18 PM, Rajan Halade wrote: Hi Amanda, I have following comments: - UnsupportedProvider.java line 55: this assumes that it is okay to have NoSuchAlgorithmException for all providers

Re: RFR 8156059: Update/Develop new tests for JEP 287: SHA-3 Hash Algorithms

, Amanda On 16/5/25 下午12:31, Rajan Halade wrote: Hi Amanda, Thanks for the update. Few more comments after review: - TestSameLength.java: line 93-103, check here should use provider used with test instance of MessageDigest, call md.getProvider(). You will need to reorganize test code for this

Re: [9] RFR: 8157896: TestDSAGenParameterSpec.java test fails with timeout

Thanks for the patch, Siba! This fix looks confusing to me. TestDSAGenParameterSpec has timeout specified for 2048 but not for 3072/224 and 4096 case. Why would these run faster than smaller lengths? May be there is some other reason, area experts can help here. Thanks, Rajan On 5/31/2016 0

RFR: 9: 8158569: ImpactOnSNI.java test failed with timeout

Please help with your review of this patch. I was not able to reproduce the timeout but thread dump indicates that test timed out on waiting for server thread to join. Server thread is kept waiting on accept if client doesn't connect. This patch allows test to throw exception, if any, on clien

Re: RFR: 9: 8158569: ImpactOnSNI.java test failed with timeout

i On 6/9/2016 6:19 AM, Rajan Halade wrote: Please help with your review of this patch. I was not able to reproduce the timeout but thread dump indicates that test timed out on waiting for server thread to join. Server thread is kept waiting on accept if client doesn't connect. This patch a

Re: [9] RFR:8160337 Remove intermittent key from sun/security/pkcs11/rsa/TestKeyPairGenerator.java

Hi Tim, Thanks for taking care of this one. Since the test is still using random data key "randomness" should be retained. Thanks, Rajan On 7/6/16 1:04 AM, Tim Du wrote: Hi All, Would you help to review the path for "8160337:Remove intermittent key from sun/security/pkcs11/rsa/TestKeyPairG

Re: [9] RFR: JDK-7052815 Change tests that remove or add providers to run in othervm mode

Hi Tim, Please also update the copyright year to 2016 wherever applicable. Thanks, Rajan On 7/7/16 2:11 AM, Tim Du wrote: Hi Sean: Thank you for reviewing the codes. I updated the title for this bug and added othervm for the tests that add but not remove their own provider. Also corrected th

  1   2   3   >