On Wed, 3 Feb 2021 15:06:37 GMT, Weijun Wang <wei...@openjdk.org> wrote:
>> The following tests have been split based on lower/higher key sizes in order
>> to reduce individual execution time and run in parallel with jtreg
>> sun/security/provider/DSA/SupportedDSAParamGen.java
>> sun/security/provider/NSASuiteB/TestDSAGenParameterSpec.java
>> com/sun/crypto/provider/KeyAgreement/SupportedDHParamGens.java
>>
>> sun/security/rsa/SignatureTest.java is now using a fake generator since its
>> objective is to test signature not key generation itself. In addition, it
>> was generating and verifying the same key twice, with same modulus and
>> exponent. That redundancy is removed. This speeds up the execution from ~54s
>> to ~25s on average
>
> test/jdk/sun/security/rsa/SignatureTest.java line 137:
>
>> 135: return new Key[]{
>> 136: kf.generatePublic(kf.getKeySpec(key,
>> RSAPublicKeySpec.class)),
>> 137: kf.generatePublic(new
>> X509EncodedKeySpec(key.getEncoded()))
>
> Here, the test ensures keys created from a `RSAPublicKeySpec` are the same no
> matter if the `RSAPublicKeySpec` is retrieved from `KeyFactory::getKeySpec`
> or manually created. If you can prove the two `RSAPublicKeySpec` objects are
> effectively the same (or it has already been proven in other tests) then
> there's no need to generate the key again.
>
> On the other hand, we can actually add more keys into the array. The 1st is
> `key` itself, and the 2nd is one generated from `kf.getKeySpec(key,
> X509EncodedKeySpec.class)`.
That is right, PSSKeyCompatibility already explicitly proves they both are
equal and there are other tests that generates both manually and using
KeyFactory. In addition, this test focuses on signature verification rather
than key creation.
-------------
PR: https://git.openjdk.java.net/jdk/pull/2381
