Hi Sean,

On 07/06/2017 04:27, Sean Mullan wrote:
Hi John,

This looks like a very useful test. I have not gone through all of the code, but here are a few comments for now until I have more time:

- add tests for EC keys
- add tests for SHA-512 variants of the signature algorithms
- add tests for larger key sizes (ex: 2048 for DSA/RSA)
- you can use the diamond operator <> in various places
- might be more compact if jdkList() used Files.lines() to parse the file into a stream then an array
I did consider about the above two points. Because the test will be backported to JDK 6, so I only used the features those supported by JDK 6.
I supposed that would make the backport easier. Does it make sense?

Best regards,
John Jiang
- did you consider using the jarsigner API (jdk.security.jarsigner) instead of the command-line? I think this would be better (if possible) and it would give us some more tests of that API.

--Sean

On 6/5/17 6:31 AM, sha.ji...@oracle.com wrote:
Hi,
Please review this manual test for checking if a jar, which is signed and timestamped by a JDK build, could be verified by other JDK builds. It also can be used to check if the default timestamp digest algorithm on signing is SHA-256.
For more details, please look through the test summary.

Issue: https://bugs.openjdk.java.net/browse/JDK-8179614
Webrev: http://cr.openjdk.java.net/~jjiang/8179614/webrev.00/

Best regards,
John Jiang



Reply via email to