On Sat, 16 Aug 2025 00:04:38 GMT, Artur Barashev <abaras...@openjdk.org> wrote:
>> Hmm, I looked at that test as well as the changes that it corresponds to. >> Given that this PR involves public JCA classes, e.g. the 4 services, having >> tests for those services and their `getInstance(...)` methods makes more >> sense as we need to ensure that the javadoc `@implNote` matches the actual >> behavior. Testing the `permit` call makes a lot sense for checking invalid >> values though. So, I will explore re-writing the >> `test/jdk/java/security/Security/SecurityPropFile/InvalidCryptoDisabledAlgos.java` >> to directly using the `CryptoAlgorithmConstraints.permit` method. > > Yes, having tests for those services and their `getInstance(...)` methods > makes sense of course, I'm not asking to change those tests. If you re-write > `InvalidCryptoDisabledAlgos.java` to directly use the > `CryptoAlgorithmConstraints.permit` method, then you can as well move it > under `test/jdk/sun/security/util/AlgorithmConstraints` directory. I think it > would be a better location for such test than > `test/jdk/java/security/Security/SecurityPropFile`. Yes, that's what I did after your comment. Initially was thinking about putting this test under the test directory for java.security file. I agree that directly use the CryptoAlgorithmConstraints.permit method makes sense. ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/26377#discussion_r2292227536
