SHA1 deprecation for codesigning? (Was: RFR : 8038837:Add support to jarsigner for specifying timestamp hash algorithm)
ecki at zusammenkunft.net
ecki at zusammenkunft.net
Wed Jan 27 16:43:23 UTC 2016
BTW, is there any SHA1 deprecation planned/expected for JNLP code signing?
--
http://bernd.eckenfels.net
-----Original Message-----
From: "Seán Coffey" <sean.coffey at oracle.com>
To: "security-dev at openjdk.java.net" <security-dev at openjdk.java.net>
Sent: Mi., 27 Jan. 2016 17:40
Subject: RFR : 8038837:Add support to jarsigner for specifying timestamp hash algorithm
Hi,
I'd like to backport this enhancement to JDK 8u. It's been approved via
CCC process already.
The fix differs to that in JDK 9 in that I've chosen not to update the
JDK 9 deprecated ContentSignerParameters interface. That was a request
from Dev engineer.
For jdk8u, the tSAPolicyID value is obtained from the
JarSignerParameters class. I've moved that class to its own source file.
Build and tests are green.
webrev : http://cr.openjdk.java.net/~coffeys/webrev.8038837.8u/webrev*/
*bug report : https://bugs.openjdk.java.net/browse/JDK-8038837
--
Regards,
Sean.
More information about the security-dev
mailing list