jpkg enhancements to create signed modules

Wang Weijun Weijun.Wang at Sun.COM
Tue May 11 04:30:03 PDT 2010


What's critical inside the module header? The version numbers might be used 
for conpatibility check. Can usize be altered to exhaust precious memory?

Maybe the header can be divided into 2 parts?

Thanks
Max

------- Original message -------
> From: Sean Mullan <sean.mullan at oracle.com>
> To: jigsaw-dev at openjdk.java.net
> Sent: 11.5.'10,  2:39
>
> Vinnie discovered a small issue with the signed module file format [1] 
> while implementing.
>
> The module header in the module file format [2] includes a field named 
> csize which holds the size of the module file. The value of this field is 
> not known until the contents of the module file has been written. The 
> csize also includes the size of the signature section, but the signature 
> cannot be written until all of the hashes have been generated. Two of 
> those hashes (the module header hash and the whole file hash) are over 
> content containing the csize field. Thus there is a circular dependency 
> issue.
>
> The current implementation works around this by first writing a dummy 
> signature and then later replacing it with the real signature once the 
> overall size of the signature is known.
>
> However, this is not an optimal solution.
>
> The simplest fix would be to not include csize in the hashes. Another 
> possibility is to not sign the module header, as most of the information 
> contained in the header is part of initializing the processing of the file 
> itself, and any modifications would likely lead to an error before the 
> signature is validated anyway.
>
> Comments?
>
> [1]: http://cr.openjdk.java.net/~mullan/jigsaw/signed-module-file-format
> [2]: http://cr.openjdk.java.net/~mr/jigsaw/notes/module-file-format/
>
>
> On 5/10/10 12:47 PM, Vincent Ryan wrote:
>> Hello,
>>
>> Please review these code changes to support the creation of signed 
>> modules:
>>
>>   http://cr.openjdk.java.net/~vinnie/6951048/webrev.00/webrev/
>>
>> It adds the following new options to the jpkg tool:
>>
>>   -S, --signer<ID>          : module signer's identifier
>>   -k, --keystore<location>   : module signer's keystore location
>>   -t, --storetype<type>      : module signer's keystore type
>>   --nosign                   : do not sign the module
>>   --nopassword               : do not prompt for a keystore password
>>
>> Appropriate default values are supported and keystore passwords may be
>> supplied to jpkg by redirecting standard input.
>>
>>
>> This is just one of a number of changes to support signed modules 
>> throughout
>> jigsaw.
>>
>> Please send me your comments as I'm hoping to address any issues and 
>> integrate
>> these changes by the end of this week.
>>
>> Thanks.




More information about the jigsaw-dev mailing list