On Tue, 17 Jan 2023 19:50:46 GMT, Eirik Bjorsnos <d...@openjdk.org> wrote:
>> test/jdk/jdk/security/jarsigner/JarWithOneNonDisabledDigestAlg.java line 67:
>>
>>> 65: public static void main(String[] args) throws Exception {
>>> 66:
>>> SecurityUtils.removeFromDisabledAlgs("jdk.jar.disabledAlgorithms",
>>> 67: List.of("SHA256"));
>>
>> There is no need to remove SHA256. It is not disabled by default.
>
> @wangweij
>
> I initially removed this code, then restored it because I thought the
> original author might have intended to future-proof the test. It also serves
> as a sort of documentation of the implicit assumtions the test makes about
> the permitted state of digest algorithms in the JVM.
>
> I have now instead added a method which explicitly asserts that MD5 is
> disabled and SHA256 is permitted in the very beginning of the test. This way
> the assumtions are made clear and the test will fail clear and loudly should
> these assumtions fail in the future.
>
> What do you think of this update?
That's OK, but believe me if one day SHA-256 is disabled we will update a lot
of tests anyway.
-------------
PR: https://git.openjdk.org/jdk/pull/11997
