[jdk11u-dev] RFR: 8339280: jarsigner -verify performs cross-checking between CEN and LOC [v2]
Francisco Ferrari Bihurriet
fferrari at openjdk.org
Fri Sep 19 18:43:32 UTC 2025
> Hi, this is a backport of openjdk/jdk17u-dev#3954. The backport is almost clean, except for:
>
> * Trivial context differences in `Main.java`, `Resources.java`, `Resources_ja.java`, and `Resources_zh_CN.java`
> * The English `jarsigner.1` manpages have a slightly different format (manually adjusted to match the 11u format)
> * Also, there are 3 identical files for it (_Linux_, _BSD_, _Solaris_)
> * There also exist a Japanese version of the `jarsigner.1` manpages, they were updated using an LLM translation (giving as context the translations from the resources files, where there is a similar sentence), if any Japanese speaker is reading this, please check it:
> > This jar contains internal inconsistencies detected during verification that may result in different contents when reading via JarFile and JarInputStream.
> > ⬇️
> > このjarには検証中に検出された内部的な不整合があるため、JarFileとJarInputStreamから読み取る場合にコンテンツが異なる可能性があります。
> * I updated `src/linux/doc/man/ja/jarsigner.1` and `src/solaris/doc/sun/man/man1/ja/jarsigner.1` (identical), and left `src/bsd/doc/man/ja/jarsigner.1` untouched (doesn't have any content besides the headers)
> * Tip: these files are encoded in `EUC-JP`, to open them in VIM use `vim -c "e ++enc=EUC-JP" .../ja/jarsigner.1`
>
> #### Related issues ("relates to" Jira issue links)
>
> [JDK-8353299](https://bugs.openjdk.org/browse/JDK-8353299 "VerifyJarEntryName.java test fails") (openjdk/jdk at acd4da49a01760599ec4c325ff6c56f53ba5cc9c) and [JDK-8367782](https://bugs.openjdk.org/browse/JDK-8367782 "VerifyJarEntryName.java: Fix modifyJarEntryName to operate on bytes and re-introduce verifySignatureEntryName") (openjdk/jdk at 1b9a11682d5f73885213822423bfce8dfc17febd) were also included as part of this backport. They are test-only changes that improve the reliability and coverage of `VerifyJarEntryName.java`.
>
> Since `test/hotspot/jtreg/runtime/appcds/SignedJar.java` is not failing after the backport, [JDK-8353330](https://bugs.openjdk.org/browse/JDK-8353330 "Test runtime/cds/appcds/SignedJar.java fails in CDSHeapVerifier") was not included.
>
> #### Testing
>
> * Besides the `tier1` run from the [GitHub actions](https://github.com/franferrax/jdk11u-dev/actions/runs/17843495340) (all passed), I ran a regression using the following categories and individual tests:
> * `test/hotspot/jtreg/runtime/appcds/SignedJar.java`
> * `test/jdk/java/security/SignedJar`
> * `test/jdk/java/util/jar`
> * `test/jdk/jdk/security/jarsigner`
> * `test/jdk/sun/security/pkcs/pkcs7`
> * `test/j...
Francisco Ferrari Bihurriet has updated the pull request incrementally with one additional commit since the last revision:
Remove internationalized messages
-------------
Changes:
- all: https://git.openjdk.org/jdk11u-dev/pull/3098/files
- new: https://git.openjdk.org/jdk11u-dev/pull/3098/files/4d0f781b..191d5cad
Webrevs:
- full: https://webrevs.openjdk.org/?repo=jdk11u-dev&pr=3098&range=01
- incr: https://webrevs.openjdk.org/?repo=jdk11u-dev&pr=3098&range=00-01
Stats: 66 lines in 4 files changed: 0 ins; 66 del; 0 mod
Patch: https://git.openjdk.org/jdk11u-dev/pull/3098.diff
Fetch: git fetch https://git.openjdk.org/jdk11u-dev.git pull/3098/head:pull/3098
PR: https://git.openjdk.org/jdk11u-dev/pull/3098
More information about the jdk-updates-dev
mailing list