[jdk8u] RFR: 8275887: jarsigner prints invalid digest/signature algorithm warnings if keysize is weak/disabled

Andrew John Hughes andrew at openjdk.org
Wed Nov 30 15:12:31 UTC 2022


On Tue, 29 Nov 2022 07:10:58 GMT, Alexey Bakhtin <abakhtin at openjdk.org> wrote:

> Backported as a follow-on issue for JDK-8269039
> 
> Based on the JDK11u patch
> I had to resolve some merge issues in a few places:
> 
> TimestampCheck.java - simple merge because of no JDK-8171319 in JDK8
> ManifestEntryVerifier.java - Manually updated because of different arguments of the permits() method
> DisabledAlgorithmConstraints.java - permits() method manually updated because of no JDK-8285398
> SignerInfo.java - use explicit type instead of var
> All corresponding tests passed

Backport looks good to me.

The text `"the value is a record"` is wrong, given the change from a record to `AlgorithmInfo`, but that mistake was also in the 11u version so this backport isn't the place to fix it. It's a internal class so I don't think it matters much anyway.

-------------

Marked as reviewed by andrew (Reviewer).

PR: https://git.openjdk.org/jdk8u/pull/24


More information about the jdk8u-dev mailing list