RFR: JDK-8230629: jpackage signing on macOS does not work as expected

Andy Herrick andy.herrick at oracle.com
Thu Sep 12 22:27:59 UTC 2019


looks good.

/Andy

On 9/12/2019 5:44 PM, Alexander Matveev wrote:
> Hi Alexey,
>
> http://cr.openjdk.java.net/~almatvee/8230629/webrev.01
> I simplified isFileSigned() as you suggested.
>
> Thanks,
> Alexander
>
> On 9/12/2019 4:13 AM, Alexey Semenyuk wrote:
>> Looks good, though
>> ---
>> List<String> args = new ArrayList<>();
>>  940         args.addAll(Arrays.asList("codesign",
>>  941                 "--verify",
>>  942                 file.toString()));
>>  943
>>  944         ProcessBuilder pb
>>  945                 = new ProcessBuilder(args.toArray(new 
>> String[args.size()]));
>> ---
>>
>> can be as simple as:
>> ---
>> ProcessBuilder pb = new ProcessBuilder("codesign", "--verify", 
>> file.toString());
>> ---
>>
>> - Alexey
>>
>> On 9/11/2019 11:53 PM, Alexander Matveev wrote:
>>> Please review the jpackage fix for bug [1] at [2].
>>>
>>> This is a fix for the JDK-8200758-branch branch of the open sandbox 
>>> repository (jpackage).
>>>
>>> - Binaries in runtime and Frameworks will not be signed directly 
>>> using user provided certificate.
>>> - libapplauncher.dylib will be signed with user provided certificate 
>>> only if it is unsigned.
>>> - When signing is enabled app and pkg will be signed, but not dmg. 
>>> App inside pkg and dmg will be signed as well.
>>>
>>> [1] https://bugs.openjdk.java.net/browse/JDK-8230629
>>>
>>> [2] http://cr.openjdk.java.net/~almatvee/8230629/webrev.00/
>>>
>>> Thanks,
>>> Alexander
>>
>


More information about the core-libs-dev mailing list