[security-dev 01295]: Need reviewer for 6883983: JarVerifier dependency on sun.security.pkcs should be removed
Alan Bateman
Alan.Bateman at Sun.COM
Tue Oct 13 13:40:46 UTC 2009
I need a reviewer for this trivial change to the JAR verification code.
In the JAR verification code it catches
sun.security.pkcs.ParsingException (it's been there forever). As the
code also catches IOException (and ParsingException is an IOException)
it looks like this dependency can be safely removed.
Thanks,
Alan.
--- a/src/share/classes/java/util/jar/JarVerifier.java
+++ b/src/share/classes/java/util/jar/JarVerifier.java
@@ -293,9 +293,6 @@ class JarVerifier {
}
sfv.process(sigFileSigners);
- } catch (sun.security.pkcs.ParsingException pe) {
- if (debug != null) debug.println("processEntry caught:
"+pe);
- // ignore and treat as unsigned
} catch (IOException ioe) {
if (debug != null) debug.println("processEntry caught:
"+ioe);
// ignore and treat as unsigned
More information about the security-dev
mailing list