[jdk8u-dev] RFR: 8278851: Correct signer logic for jars signed with multiple digest algorithms

Severin Gehwolf sgehwolf at openjdk.org
Fri Apr 7 18:14:54 UTC 2023


On Fri, 10 Mar 2023 17:35:19 GMT, Severin Gehwolf <sgehwolf at openjdk.org> wrote:

> Please review this backport which fixes a regression new in 8u362 due to [JDK-8269039](https://bugs.openjdk.org/browse/JDK-8269039). For some jars which are signed with an obsolete digest algorithm, after JDK-8269039, they're treated as unsigned even though one of the signatories used a valid (non-obsolete) digest algo.
> 
> The backport is not clean, mainly because of JDK-8275887 (which in 11u wasn't present when that bug was backported), copyright headers and different test infra in 8u. So the test looks a bit different so that it works on 8u. All of the changes are fairly trivial to resolve. Changes in `SecurityUtils.java` aren't needed as 8u-dev already has them.
> 
> Testing:
>  - [x] `jdk/test/sun/security/tools/jarsigner` tests pass.
>  - [x] new regression test. Fails prior product fix, passes after.

Thanks!

-------------

PR Comment: https://git.openjdk.org/jdk8u-dev/pull/282#issuecomment-1500518869


More information about the jdk8u-dev mailing list