[jdk8u-dev] RFR: 8278851: Correct signer logic for jars signed with multiple digest algorithms
Severin Gehwolf
sgehwolf at openjdk.org
Fri Mar 10 17:43:06 UTC 2023
Please review this backport which fixes a regression new in 8u362 due to [JDK-8269039](https://bugs.openjdk.org/browse/JDK-8269039). For some jars which are signed with an obsolete digest algorithm, after JDK-8269039, they're treated as unsigned even though one of the signatories used a valid (non-obsolete) digest algo.
The backport is not clean, mainly because of JDK-8275887 (which in 11u wasn't present when that bug was backported), copyright headers and different test infra in 8u. So the test looks a bit different so that it works on 8u. All of the changes are fairly trivial to resolve. Changes in `SecurityUtils.java` aren't needed as 8u-dev already has them.
Testing:
- [x] `jdk/test/sun/security/tools/jarsigner` tests pass.
- [x] new regression test. Fails prior product fix, passes after.
-------------
Commit messages:
- Backport cbe497394786ff76a09f9743040e3ba96ee8298f
Changes: https://git.openjdk.org/jdk8u-dev/pull/282/files
Webrev: https://webrevs.openjdk.org/?repo=jdk8u-dev&pr=282&range=00
Issue: https://bugs.openjdk.org/browse/JDK-8278851
Stats: 264 lines in 3 files changed: 215 ins; 19 del; 30 mod
Patch: https://git.openjdk.org/jdk8u-dev/pull/282.diff
Fetch: git fetch https://git.openjdk.org/jdk8u-dev pull/282/head:pull/282
PR: https://git.openjdk.org/jdk8u-dev/pull/282
More information about the jdk8u-dev
mailing list