Hi John,
This looks like a very useful test. I have not gone through all of the
code, but here are a few comments for now until I have more time:
- add tests for EC keys
- add tests for SHA-512 variants of the signature algorithms
- add tests for larger key sizes (ex: 2048 for DSA/RSA)
- you can use the diamond operator <> in various places
- might be more compact if jdkList() used Files.lines() to parse the
file into a stream then an array
- did you consider using the jarsigner API (jdk.security.jarsigner)
instead of the command-line? I think this would be better (if possible)
and it would give us some more tests of that API.
--Sean
On 6/5/17 6:31 AM, sha.ji...@oracle.com wrote:
Hi,
Please review this manual test for checking if a jar, which is signed
and timestamped by a JDK build, could be verified by other JDK builds.
It also can be used to check if the default timestamp digest algorithm
on signing is SHA-256.
For more details, please look through the test summary.
Issue: https://bugs.openjdk.java.net/browse/JDK-8179614
Webrev: http://cr.openjdk.java.net/~jjiang/8179614/webrev.00/
Best regards,
John Jiang
