JDK-8163498 : Many long-running security libs tests
  • Type: Bug
  • Component: security-libs
  • Sub-Component: java.security
  • Affected Version: 8,9
  • Priority: P3
  • Status: Resolved
  • Resolution: Fixed
  • Submitted: 2016-08-09
  • Updated: 2022-05-18
  • Resolved: 2021-02-05
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 11 JDK 17
11.0.16Fixed 17 b09Fixed
Related Reports
Relates :  
JDK-8175120 - Remove old tests on kdc timeout policy
Relates :  
JDK-8186765 - Speed up test sun/net/www/protocol/https/HttpsClient/ProxyAuthTest.java
Relates :  
JDK-8156671 - Refactor sun/security/rsa/SignatureTest.java
Description
Among the long-running libraries tests, the security libs tests have a strong representation on one or more platforms including:

sun/security/provider/DSA/SupportedDSAParamGen.java
sun/security/provider/NSASuiteB/TestDSAGenParameterSpec.java
sun/security/rsa/SignatureTest.java
com/sun/crypto/provider/KeyAgreement/SupportedDHParamGens.java

Speeding up these tests may allow the full test run to be sped up as well.
Comments
Fix request [11u] I backport this test-only change for parity with 11.0.17-oracle. No risk, only a test change. Clean backport. Tests pass. SAP nighlty testing passed.
18-05-2022
A pull request was submitted for review. URL: https://git.openjdk.java.net/jdk11u-dev/pull/1090 Date: 2022-05-16 12:11:35 +0000
16-05-2022
Changeset: d2bd4992 Author: Fernando Guallini <fguallini@openjdk.org> Committer: Rajan Halade <rhalade@openjdk.org> Date: 2021-02-05 05:22:51 +0000 URL: https://git.openjdk.java.net/jdk/commit/d2bd4992
05-02-2021
As suggested, sun/security/rsa/SignatureTest.java can make use of a fake generator since its objective is to test signature. That speeds up test by ~20%. Another issue in SignatureTest is that it generates multiple private and pub keys and then verify a signature for each keypair, for each type and for each algorithm. But two of those generated keys are equivalent statements: kf.generatePublic(kf.getKeySpec(key, RSAPublicKeySpec.class)), kf.generatePublic(new RSAPublicKeySpec(((RSAPublicKey) key).getModulus(), ((RSAPublicKey) key).getPublicExponent())) and kf.generatePrivate(kf.getKeySpec(key, RSAPrivateKeySpec.class)), kf.generatePrivate(new RSAPrivateKeySpec(((RSAPrivateKey) key).getModulus(), ((RSAPrivateKey) key).getPrivateExponent())) Both statements generate an instance of RSAPublickeyImpl and RSAPrivatekeyImpl respectively, with same modulus and exponent. One of them can be removed since it does not add value in terms of testing signature. Other test classes in description can be split in multiple classes so they can complete faster and be run in parallel
27-01-2021
If sun/security/rsa/SignatureTest.java is testing on signature and not key generation itself, you can consider using the fake generator in sun/security/tools/keytool/fakegen to speed it up.
22-08-2019
All the tests left in this list usually finish within 30 seconds or less and occasionally spike to minutes on solaris sparc and windows platforms. These tests try to generate larger key pairs and depend on entropy being available.
21-08-2019
I have removed two krb tests from this list: sun/security/krb5/auto/MaxRetries.java sun/security/krb5/auto/BadKdc4.java
21-08-2019
JDK-8175120 removes several krb5 tests (2 mentioned here). JPRT shows jdk_security4 now spends 7-12 minutes, compared to 17-27 minutes before the change.
17-02-2017