jpkg enhancements to create signed modules

Mandy Chung mandy.chung at oracle.com
Tue May 11 12:28:57 PDT 2010


On 05/10/10 09:47, Vincent Ryan wrote:
> Hello,
>
> Please review these code changes to support the creation of signed modules:
>
>   http://cr.openjdk.java.net/~vinnie/6951048/webrev.00/webrev/
>
> It adds the following new options to the jpkg tool:
>
>   -S, --signer  <ID>         : module signer's identifier
>   -k, --keystore <location>  : module signer's keystore location
>   -t, --storetype <type>     : module signer's keystore type
>   --nosign                   : do not sign the module
>   --nopassword               : do not prompt for a keystore password
>
> Appropriate default values are supported and keystore passwords may be
> supplied to jpkg by redirecting standard input.
>
>
> This is just one of a number of changes to support signed modules throughout
> jigsaw.
>
> Please send me your comments as I'm hoping to address any issues and integrate
> these changes by the end of this week
Hi Vinnie,

Just a couple of questions for now and will do a detailed review
in your new version.

Packager.java
     line 224, 267:
     - Does this message ("Enter password") need to be localized?  If so,
       it should get from a resource bundle.  The jigsaw tools have yet to
       support L10N.  Perhaps we can start with this message.

Does this change introduce new dependency to the jdk.boot module?
You can check the module-info.java from the build directory:
    build/linux-i586/tmp/modules/src/jdk.boot/module-info.java

jdk.boot is the minimal module that doesn't depend on any
other module.

jpkg is preinstalled in the jdk-base-module in the modules build.
You can run build/linux-i586/jdk-base-module/bin/jpkg
to verify if it causes unexpected dependencies (not found by
the static analysis done by the class analyzer).

Mandy



More information about the jigsaw-dev mailing list