RFR 8056174: New APIs for jar signing
Wang Weijun
weijun.wang at oracle.com
Thu Nov 19 02:54:26 UTC 2015
> On Nov 19, 2015, at 2:40 AM, Sean Mullan <sean.mullan at oracle.com> wrote:
>
> Looks good, just a couple of minor comments:
>
> In JarSigner.Builder.getDefaultSignatureAlgorithm, change the word "bigger" to "greater than".
Updated.
>
> In AlgorithmId.getDefaultSigAlgForKey, I think you can remove the last sentence ("Remember ...") - this seems like a ToDo note to yourself which has been done.
It's a reminder if we update it again in the future.
It makes me feel a little uncomfortable that the rule is coded inside java.base but the spec is in jdk.jartool, although most likely we don't suggest users mixing modules from different releases.
--Max
>
> --Sean
>
> On 11/18/2015 01:53 AM, Wang Weijun wrote:
>> Hi All
>>
>> An updated webrev is available at
>>
>> http://cr.openjdk.java.net/~weijun/8056174/webrev.06/
>>
>> Compared with webrev.05, these changes are made:
>>
>> 1. In AlgorithmId.java, getDefaultSigAlgForKey() looks at the key size and returns signature algorithms with different digest part. Thanks, Mike!
>>
>> 2. In JarSigner.java:
>>
>> - method names are longer, sigAlg() is now signatureAlgorithm(). Thanks, Mandy!
>>
>> - a new eventHandler() setter, so caller can show the progress of signing
>>
>> - value in setProperty(key, value) is only String now. No need to care about cloning
>>
>> The change in the root idk repo is still
>>
>> diff --git a/modules.xml b/modules.xml
>> --- a/modules.xml
>> +++ b/modules.xml
>> @@ -1704,12 +1704,15 @@
>> <module>
>> <name>jdk.jartool</name>
>> <depend>java.base</depend>
>> <export>
>> <name>com.sun.jarsigner</name>
>> </export>
>> + <export>
>> + <name>jdk.security.jarsigner</name>
>> + </export>
>> </module>
>>
>> Thanks
>> Max
>>
More information about the security-dev
mailing list