Hi Adam, this looks good. For your test it seems perfectly reasonable
to make a mock SecureRandom that lets you control the bits since you're
trying to run a known-answer test for a function that would normally be
non-deterministic. Just one really tiny nit, update the copyright on ec.c.
--Jamil
On 3/4/19 11:40 AM, Adam Petcher wrote:
webrev: https://cr.openjdk.java.net/~apetcher/8147502/webrev.00/
JBS: https://bugs.openjdk.java.net/browse/JDK-8147502
Please review this fix to a bug that causes ECDSA signatures to be
incorrect in some cases. The fix is simple, but testing this issue is
difficult because the API doesn't give access to the raw signing
operation so we can check it using known answer tests. I got around
this difficulty in the regression test by using a modified
SecureRandom that supplies specific bits in order to produce the
correct nonce. The test is a bit complicated and brittle, so if anyone
has any other suggestions on how to do this, please share.
