[jdk11u] RFR: 8275887: jarsigner prints invalid digest/signature algorithm warnings if keysize is weak/disabled
Goetz Lindenmaier
goetz at openjdk.org
Fri Sep 16 07:33:25 UTC 2022
I backport this change from 17u because I had to do adaptions for 17 that
are needed here, too. I needed further fixes, though:
src/java.base/share/classes/sun/security/pkcs/SignerInfo.java
Slight difference in context, change applies to code clean.
I had to change a record to a class to make the change compile
with Java 11.
src/jdk.jartool/share/classes/sun/security/tools/jarsigner/Main.java
Chunks don't apply because in 11 method JAR_DISABLED_CHECK
lacks the prefix JAR_.
checkWeakKey() and checkWeakAlg() are not implemented in 11. Hunk omitted.
test/jdk/sun/security/tools/jarsigner/TimestampCheck.java
Resolved adding bugID to @bug.
-------------
Commit messages:
- Backport 6bc6980a7d975dbe06b319bf6ac9625749663060
Changes: https://git.openjdk.org/jdk11u/pull/56/files
Webrev: https://webrevs.openjdk.org/?repo=jdk11u&pr=56&range=00
Issue: https://bugs.openjdk.org/browse/JDK-8275887
Stats: 126 lines in 9 files changed: 42 ins; 30 del; 54 mod
Patch: https://git.openjdk.org/jdk11u/pull/56.diff
Fetch: git fetch https://git.openjdk.org/jdk11u pull/56/head:pull/56
PR: https://git.openjdk.org/jdk11u/pull/56
More information about the jdk-updates-dev
mailing list