Well, I have not looked at the complete webrev.
But it looks to me that if the tests are generalized to cover more
providers, then they should be moved to somewhere else instead of
"com/oracle/security/ucrypto" directory which implies the regression
tests for OracleUcrypto provider. Maybe somewhere under the
/javax/crypto/ would be a better fit.
One more concern that I have is that some functionalities tested in the
tests may be *optional*. When the tests are developed for a specific
provider such as OracleUcrypto provider, we know what it supports and
doesn't support. However, when the tests are generalized to apply to all
security providers, it gets a bit fragile. Even it works w/ current list
of providers, once a new provider is added, the tests may very likely
fail. The tests may have to be relaxed when it comes to these optional
functionalities, e.g. digest cloning, key wrapping, etc.
Personally, I feel this is a bit more than "regression tests"...
Valerie
On 03/29/12 07:43, Andrew Hughes wrote:
Hi all,
As discussed in:
http://mail.openjdk.java.net/pipermail/security-dev/2012-March/004615.html
this webrev:
http://cr.openjdk.java.net/~andrew/enc_tests/webrev.01/
updates the tests as follows:
1. Tests all available providers, not just ucrypto which is unavailable on
OpenJDK.
2. No longer fails the whole test due to a single failure, but provides a
cumulative result instead.
3. All output goes to System.err so that stack traces correspond to other
output for debugging.
The tests pass on all providers, with the exception of PKCS11 which has issues
on AES that we're still looking onto.
There were issues with Digest too, but this should be resolved by the fix
described in
http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6414899
changeset: 4908:cdc128128044
parent: 4888:0194fe5ca404
user: valeriep
date: Thu Jan 05 18:18:04 2012 -0800
summary: 6414899: P11Digest should support cloning
Does this look ok? If so, can I have a bug ID to commit it and which tree
should it go to?
Thanks,
