RFR: 8293462: [macos] app image signature invalid when creating DMG or PKG from post processed signed image

Alexey Semenyuk asemenyuk at openjdk.org
Mon Sep 19 18:53:52 UTC 2022


On Fri, 16 Sep 2022 22:55:52 GMT, Alexander Matveev <almatvee at openjdk.org> wrote:

> Problem is that [JDK-8286850](https://bugs.openjdk.org/browse/JDK-8286850) never set correct value in .jpackage.xml to mark image as signed. [JDK-8289030](https://bugs.openjdk.org/browse/JDK-8289030) reads this value to check if we can add per-user and system wide configuration to packaged app. Fixed by setting correct value in .jpackage.xml when we signing predefine application image.
> 
> Added tests to cover this case and added check for values inside .jpackage.xml to validate signed and Mac App Store values.

Changes requested by asemenyuk (Reviewer).

src/jdk.jpackage/share/classes/jdk/jpackage/internal/AppImageFile.java line 67:

> 65:     private final String mainClass;
> 66:     private final List<LauncherInfo> addLauncherInfos;
> 67:     private final boolean signed;

This change defeats the idea of keeping `AppImageFile` immutable. I'd rather add `AppImageFile.copyAsSigned()` method that will return the same `AppImageFile` instance if `signed` is `true`, or a copy with `signed` set to `true` otherwise.

I'd add `public AppImageFile.save(Path appImageDir)` member function to serialize `AppImageFile` instance and keep the signature of existing static `AppImageFile.save` unchanged. I'd make them call static `private AppImageFile.save(Path appImageDir, Map<String, Object> params, AppImageFile appImage)` that you have right now in the review. `AppImageFile.save(Path appImageDir, Map<String, Object> params, AppImageFile appImage)` is implementation details and should not be a part of class public interface.

-------------

PR: https://git.openjdk.org/jdk/pull/10316


More information about the core-libs-dev mailing list