Please review: Signed Modular JAR file support

Weijun Wang weijun.wang at oracle.com
Mon May 23 23:47:59 PDT 2011



On 05/24/2011 04:33 AM, Sean Mullan wrote:
> I have implemented support for signed modular jars. This leverages the
> work that Mandy did for modular jars [1] and adds the functionality to
> validate and install a signed modular jar file. The signed jar's code
> signers and optional timestamp information are validated and stored in
> the module library and permissions are granted based on the configured
> security policy.
>
> Please note that signatures on a pre-modularized signed jar must be
> removed and regenerated after it is repackaged as a modular jar. This is
> because existing signatures will become invalid after the module-info
> class is added to the jar file.

So this means "jar x" and "jar c" again? Or, is it nice to have a 
"jarsigner -strip" command?

Thanks
Max

>
> Webrev at:
> http://cr.openjdk.java.net/~mullan/jigsaw/webrevs/signed-modular-jars/webrev.00/
>
>
> --Sean
>
> [1]
> http://mail.openjdk.java.net/pipermail/jigsaw-dev/2011-April/001230.html
>
>



More information about the jigsaw-dev mailing list