[jdk11u] Integrated: 8275887: jarsigner prints invalid digest/signature algorithm warnings if keysize is weak/disabled
Goetz Lindenmaier
goetz at openjdk.org
Mon Sep 19 13:19:37 UTC 2022
On Fri, 16 Sep 2022 07:27:22 GMT, Goetz Lindenmaier <goetz at openjdk.org> wrote:
> I backport this change from 17u because I had to do adaptions for 17 that
> are needed here, too. I needed further fixes, though:
>
> src/java.base/share/classes/sun/security/pkcs/SignerInfo.java
> Slight difference in context, change applies to code clean.
> I had to change a record to a class to make the change compile
> with Java 11.
>
> src/jdk.jartool/share/classes/sun/security/tools/jarsigner/Main.java
> Chunks don't apply because in 11 method JAR_DISABLED_CHECK
> lacks the prefix JAR_.
> checkWeakKey() and checkWeakAlg() are not implemented in 11. Hunk omitted.
>
> test/jdk/sun/security/tools/jarsigner/TimestampCheck.java
> Resolved adding bugID to @bug.
This pull request has now been integrated.
Changeset: e9ba9159
Author: Goetz Lindenmaier <goetz at openjdk.org>
URL: https://git.openjdk.org/jdk11u/commit/e9ba915905afa1535e288802765f59b52538f73c
Stats: 125 lines in 9 files changed: 42 ins; 30 del; 53 mod
8275887: jarsigner prints invalid digest/signature algorithm warnings if keysize is weak/disabled
Reviewed-by: mdoerr
Backport-of: 6bc6980a7d975dbe06b319bf6ac9625749663060
-------------
PR: https://git.openjdk.org/jdk11u/pull/56
More information about the jdk-updates-dev
mailing list