On Thu, 16 Jul 2026 13:20:30 GMT, Andreas Chmielewski
<[email protected]> wrote:
>> test/jdk/javax/net/ssl/ciphersuites/BulkCipherDisabledAlgorithms.java line
>> 113:
>>
>>> 111: for (CipherSuite suite : suites) {
>>> 112: String suiteName = suite.name();
>>> 113: String bulkCipher = extractBulkCipher(suiteName);
>>
>> We can further reduce the number of VMs by grouping the suites by
>> `bulkCipher`, i.e. make `tests` a map with `bulkCipher` as a key and a list
>> of suites as a value. Then change the rest of the code accordingly. We
>> really need only a single VM per a bulk cipher.
>
> Yes, that's certainly possible. However, I would prefer not to take that
> approach.
> I see this test primarily as a black-box test that iterates over all enabled
> cipher suites and verifies that disabling their corresponding bulk cipher
> algorithm has the expected effect. The test intentionally does not depend on
> the details of the bulk cipher decomposition logic.
> Grouping cipher suites by bulk cipher would introduce additional logic and
> assumptions into the test itself. It would also make the test more complex,
> fragile and potentially reduce coverage in the future. At that point, I think
> we would be optimizing the test beyond what is necessary.
Hm.. we can do exactly the same with a single VM per a bulk cipher rather than
spawning multiple VMs per bulk cipher. I don't see any difference, just run
`testHandshake(suite, true);` in a loop from `main` for all suites for a given
bulk cipher.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/31812#discussion_r3595933374