[icedtea-web][rfc] Update on Danesh's major rework of JarCertVerifier

Omair Majid omajid at redhat.com
Wed Oct 10 09:26:47 PDT 2012

On 09/25/2012 10:59 AM, Adam Domurad wrote:
> +     * @param bad
> +     *            3 booleans to show if the KeyUsage, ExtendedKeyUsage, NetscapeCertType has codeSigning flag turned on. If null, the class field badKeyUsage, badExtendedKeyUsage, badNetscapeCertType will be set.

Please consider line-wrapping this.

> +    public Map<String, Integer> getJarSignableEntries() {
> +        return jarSignableEntries;
> +    }

If untrusted code were able to invoke this method, would that compromise
the security of the system? Should we be returning a mutable data
structure here?

> +public class VerifyJarEntryCertsTest {

Could you rename this class to ${CLASS_IT_TESTS}Test? That would be
JarCertVerifierTest. Otherwise it will be harder to find this the next
time someone is updating JarCertVerifier.

> +        // This calls ReadPropertiesSigned with user.home, it is not easy to think of a pattern to match this
> +        // Instead we make sure _something_ was printed
> +        Assert.assertFalse("stdout should NOT be empty, but was", pr.stdout.isEmpty());
> +        Assert.assertFalse("stderr should NOT contains `" + accExcString + "`, but did", pr.stderr.contains(accExcString));
> +    }

Maybe you can you some other system property that's more predictable
(like, say "java.vm.specification.name") ?

Rest looks okay to me.


More information about the distro-pkg-dev mailing list