RFR 8056174: New APIs for jar signing

Sean Mullan sean.mullan at oracle.com
Wed Nov 18 18:40:28 UTC 2015


Looks good, just a couple of minor comments:

In JarSigner.Builder.getDefaultSignatureAlgorithm, change the word 
"bigger" to "greater than".

In AlgorithmId.getDefaultSigAlgForKey, I think you can remove the last 
sentence ("Remember ...") - this seems like a ToDo note to yourself 
which has been done.

--Sean

On 11/18/2015 01:53 AM, Wang Weijun wrote:
> Hi All
>
> An updated webrev is available at
>
>    http://cr.openjdk.java.net/~weijun/8056174/webrev.06/
>
> Compared with webrev.05, these changes are made:
>
> 1. In AlgorithmId.java, getDefaultSigAlgForKey() looks at the key size and returns signature algorithms with different digest part. Thanks, Mike!
>
> 2. In JarSigner.java:
>
>   - method names are longer, sigAlg() is now signatureAlgorithm(). Thanks, Mandy!
>
>   - a new eventHandler() setter, so caller can show the progress of signing
>
>   - value in setProperty(key, value) is only String now. No need to care about cloning
>
> The change in the root idk repo is still
>
> diff --git a/modules.xml b/modules.xml
> --- a/modules.xml
> +++ b/modules.xml
> @@ -1704,12 +1704,15 @@
>     <module>
>       <name>jdk.jartool</name>
>       <depend>java.base</depend>
>       <export>
>         <name>com.sun.jarsigner</name>
>       </export>
> +    <export>
> +      <name>jdk.security.jarsigner</name>
> +    </export>
>     </module>
>
> Thanks
> Max
>



More information about the security-dev mailing list