jpkg enhancements to create signed modules
Vincent Ryan
vincent.x.ryan at oracle.com
Thu May 20 16:05:53 PDT 2010
Thanks for all your comments so far. The only one I have not yet
addressed is Mandy's issue regarding L10N of the password prompt.
The new webrev is available at:
http://cr.openjdk.java.net/~vinnie/6951048/webrev.01/webrev/
I've made the default behaviour not to sign (replacing --nosign with
--sign) and enhanced the ModuleFileFormat.Reader class to handle
signed modules.
Signature validation is quite basic at the moment. I will add support
for full certificate path validation in a later changeset.
On 10/05/2010 17:47, Vincent Ryan wrote:
> Hello,
>
> Please review these code changes to support the creation of signed modules:
>
> http://cr.openjdk.java.net/~vinnie/6951048/webrev.00/webrev/
>
> It adds the following new options to the jpkg tool:
>
> -S, --signer<ID> : module signer's identifier
> -k, --keystore<location> : module signer's keystore location
> -t, --storetype<type> : module signer's keystore type
> --nosign : do not sign the module
> --nopassword : do not prompt for a keystore password
>
> Appropriate default values are supported and keystore passwords may be
> supplied to jpkg by redirecting standard input.
>
>
> This is just one of a number of changes to support signed modules throughout
> jigsaw.
>
> Please send me your comments as I'm hoping to address any issues and integrate
> these changes by the end of this week.
>
> Thanks.
More information about the jigsaw-dev
mailing list