On Wed, 3 Feb 2021 18:24:05 GMT, Fernando Guallini <fguall...@openjdk.org>
wrote:
>> test/jdk/sun/security/rsa/SignatureTest.java line 137:
>>
>>> 135: return new Key[]{
>>> 136: kf.generatePublic(kf.getKeySpec(key,
>>> RSAPublicKeySpec.class)),
>>> 137: kf.generatePublic(new
>>> X509EncodedKeySpec(key.getEncoded()))
>>
>> Here, the test ensures keys created from a `RSAPublicKeySpec` are the same
>> no matter if the `RSAPublicKeySpec` is retrieved from
>> `KeyFactory::getKeySpec` or manually created. If you can prove the two
>> `RSAPublicKeySpec` objects are effectively the same (or it has already been
>> proven in other tests) then there's no need to generate the key again.
>>
>> On the other hand, we can actually add more keys into the array. The 1st is
>> `key` itself, and the 2nd is one generated from `kf.getKeySpec(key,
>> X509EncodedKeySpec.class)`.
>
> That is right, PSSKeyCompatibility already explicitly proves they both are
> equal and there are other tests that generates both manually and using
> KeyFactory. In addition, this test focuses on signature verification rather
> than key creation.
Not only does a key have encoded form and an algorithm, it might contain other
internal info that could affect its usage (here, it's signing and verifying).
That's why there are multiple keys there.
A Spec type is different, it only has public data and is easy to prove equality.
-------------
PR: https://git.openjdk.java.net/jdk/pull/2381
