On Tue, 17 Jan 2023 23:08:10 GMT, Eirik Bjorsnos <[email protected]> wrote:
>> This PR attempts to make JarWithOneNonDisabledDigestAlg a little easier to
>> read.
>>
>> Some changes are made in the choice of algorithms and naming. The intent
>> here is to reduce confusion and make the purpose of the test clearer:
>>
>> - Updated the **enabled** digestAlgorithm in use from SHA1 to SHA256. The
>> use of SHA1 here seems just a bit confusing, since it has been considered
>> weak for a while
>> - The two different signer aliases are now named SIGNER1, SIGNER2 instead of
>> the somewhat confusing SHA1, SHA256
>> - Both signing keys are now generated with -sigalg SHA256withRSA since the
>> sigalg of the keys does not seem to matter for this test
>>
>> There are also some general code cleanups:
>>
>> - Moved loading of the key store into the new method loadKeyStore
>> - Updated checkThatJarIsSigned to take a parameter Map<String, Integer>
>> representing the expected signer counts for each path in the JAR. This
>> provides a cleaner separation between expectiations and the enforcement of
>> expectations.
>> - Introduced Path constants for various file names used throughout the test,
>> reducing a number of redundant Path.of calls which seemed to clutter the
>> code a bit
>> - Updated IO code to use new APIs, such as Files.newOutputStream,
>> Files.newInputStream, InputStream.transferTo and
>> OutputStream.nullOutputStream.
>> - Added/updated some comments where appropriate
>
> Eirik Bjorsnos has updated the pull request incrementally with one additional
> commit since the last revision:
>
> Replace wildcard imports with single-class imports
test/jdk/jdk/security/jarsigner/JarWithOneNonDisabledDigestAlg.java line 168:
> 166: continue;
> 167: }
> 168: try(InputStream is = jf.getInputStream(entry)) {
Suggestion:
try (InputStream is = jf.getInputStream(entry)) {
-------------
PR: https://git.openjdk.org/jdk/pull/11997
