On Fri, 19 Feb 2021 22:36:24 GMT, Weijun Wang <[email protected]> wrote:
> All test changes are about re-enabling disabled algorithms. Do we have a test
> on ensuring disabled algorithms are indeed disabled? How about we set
> "org.jcp.xml.dsig.secureValidation" to false everywhere in the existing tests
> and add a new dedicated test to check for disabled algorithms/key sizes etc.
That is what test/jdk/javax/xml/crypto/dsig/SecureValidationPolicy.java does,
see this code block on lines 65-69:
for (String alg : restrictedAlgs) {
if (!Policy.restrictAlg(alg)) {
throw new Exception(alg + " alg not restricted");
}
}
-------------
PR: https://git.openjdk.java.net/jdk/pull/2463
