RFR 8022761: SQE test regression on wrongly signed indexed jar file

Xueming Shen xueming.shen at oracle.com
Mon Aug 26 16:40:10 UTC 2013 

On 08/19/2013 06:11 AM, Weijun Wang wrote:
> Hi Sherman
>
> I try out "jar i" after signing and it puts INDEX.LIST at the very beginning of the file. Does this mean INDEX.LIST was actually an exception? Or it's just a bug?
>
> Anyway, I think I should update the fix for 8021788 and here is the webrev:
>
>   http://cr.openjdk.java.net/~weijun/8022761/webrev.00/
>
> Now it also skips INDEX.LIST, i.e. update line 142 to
>
>   if (uname.equals(JarFile.MANIFEST_NAME) ||
>           uname.equals(JarIndex.INDEX_NAME) ) {
>
> After this change, if INDEX.LIST appears before the MANIFEST and signature-related files, it will not be treated as signed. This should usually be true because it only happens when you call "jar i" after signing a jar which means INDEX.LIST *is* unsigned.
>
> Thanks
> Max
>
> On 8/12/13 12:18 PM, Weijun Wang wrote:
>> Hi Sherman
>>
>> SQE observes a regression in their test suite and
>> the reason is my recent fix for 8021788 at
>>
>>    http://hg.openjdk.java.net/jdk8/tl/jdk/rev/758e3117899c
>>
>> The jar file mentioned contains
>>
>>      66 Mon Jun 04 15:42:18 CST 2007 META-INF/INDEX.LIST
>>     323 Sat Apr 01 15:47:28 CST 2000 META-INF/MANIFEST.MF
>>     376 Mon Jun 04 15:41:00 CST 2007 META-INF/MYKEY.SF
>>     972 Sat Apr 01 15:47:38 CST 2000 META-INF/MYKEY.DSA
>>       0 Sat Apr 01 15:46:58 CST 2000 META-INF/
>>       0 Sat Apr 01 15:45:16 CST 2000 test/
>>      21 Sat Apr 01 15:46:24 CST 2000 test/test0
>>      21 Sat Apr 01 15:46:18 CST 2000 test/test1
>>      21 Sat Apr 01 15:46:04 CST 2000 test/test2
>>      21 Sat Apr 01 15:46:10 CST 2000 test/test3
>>
>> After JDK-8021788, the file is regarded as an unsigned jar because the
>> updated JarVerifier goes thru all signature-related files and treats all
>> others not. Here the first one is not signature-related so none is.
>>
>> Is fix for JDK-8021788 wrong? Inside JarVerifier.java, we have
>>
>>    * Assumptions:
>>    * 1. The manifest should be the first entry in the META-INF directory.
>>    * 2. The .SF/.DSA/.EC files follow the manifest, before any normal
>> entries
>>
>> Is this INDEX.LIST an exception?
>>

Hi Max,

The assumption was made probably before the jar index was introduced(1.3?).
Jar spec never assumes the "order" of the files inside the meta-inf directory
(the spec treats the jar/zip file as a file system, the implementation then faces
this issue when the archive is handled in "steam"), but our implementation
does have the assumption. JarInputStream has a similar assumption regarding
the manifest.mf and a workaround for jarindex, if the jarindex is the first one.
I would take it as an implementation details.

The change looks fine.

-Sherman

>> Thanks
>> Max

More information about the security-dev mailing list