RFR 8049480: Current versions of Java can't verify jars signed and timestamped with Java 9
Xuelei Fan
xuelei.fan at oracle.com
Tue Jul 8 15:15:29 UTC 2014
Looks fine to me.
It would be nice to extend AlgorithmId.getStandardDigestName() to
AlgorithmId.getStandardName() in the future.
Xuelei
On 7/8/2014 10:37 PM, Wang Weijun wrote:
> Please review the jdk7u-only code change at
>
> http://cr.openjdk.java.net/~weijun/8049480/webrev.00/
>
> The reason is that the jdk7u version [1] of fix for JDK-8049480 is just a hack and not as powerful as its jdk8 sibling [2] and now I'll have to apply the jdk7u jar signature "hack" to timestamp signature again.
>
> I did a find usage on Algorithm.getName() and other cases are not impacted by the name difference.
>
> Thanks
> Max
>
> [1] http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/c399756623cb
> [2] http://hg.openjdk.java.net/jdk9/dev/jdk/rev/5dc3f32c0d26
>
More information about the security-dev
mailing list