Please review: Signed Modular JAR file support
Sean Mullan
sean.mullan at oracle.com
Tue May 24 07:08:35 PDT 2011
On 5/24/11 2:47 AM, Weijun Wang wrote:
>
>
> On 05/24/2011 04:33 AM, Sean Mullan wrote:
>> I have implemented support for signed modular jars. This leverages the
>> work that Mandy did for modular jars [1] and adds the functionality to
>> validate and install a signed modular jar file. The signed jar's code
>> signers and optional timestamp information are validated and stored in
>> the module library and permissions are granted based on the configured
>> security policy.
>>
>> Please note that signatures on a pre-modularized signed jar must be
>> removed and regenerated after it is repackaged as a modular jar. This is
>> because existing signatures will become invalid after the module-info
>> class is added to the jar file.
>
> So this means "jar x" and "jar c" again? Or, is it nice to have a "jarsigner
> -strip" command?
Yes it would probably be nice to have something like a jarsigner -strip or
-unsign option.
--Sean
More information about the jigsaw-dev
mailing list