RFR : 8038837:Add support to jarsigner for specifying timestamp hash algorithm
Seán Coffey
sean.coffey at oracle.com
Fri Jan 29 13:41:35 UTC 2016
On 29/01/16 11:52, Wang Weijun wrote:
>> On Jan 29, 2016, at 7:48 PM, Seán Coffey <sean.coffey at oracle.com> wrote:
>>
>> Since I now reference the JarSignerParameters class directly in TimestampedSigner.java, the compiler was generating a warning. I thought it might be neater to break JarSignerParameters into its own separate class.
> Oh, yes.
>
>> Shall I revert ?
> No. It's not a good practice putting 2 top level classes into one file.
>
> Was that the compiler is complaining about?
Yes - compiler picks this up :
/home/scoffey/ws/jdk8u-dev/jdk/src/share/classes/sun/security/tools/jarsigner/TimestampedSigner.java:137:
warning: auxiliary class JarSignerParameters in
/home/scoffey/ws/jdk8u-dev/jdk/src/share/classes/sun/security/tools/jarsigner/Main.java
should not be accessed from outside its own source file
tSADigestAlg = ((JarSignerParameters)params).getTSADigestAlg();
^
error: warnings found and -Werror specified
regards,
Sean.
>
> Thanks
> Max
>
>
>> Regards,
>> Sean.
>>
>> On 29/01/16 11:42, Wang Weijun wrote:
>>> Why did you remove the JarSignerParameters class definition inside jarsigner/Main.java? Was it duplicated somewhere else?
>>>
>>> Thanks
>>> Max
>>>
>>>> On Jan 27, 2016, at 11:09 PM, Seán Coffey <sean.coffey at oracle.com> wrote:
>>>>
>>>> Hi,
>>>>
>>>> I'd like to backport this enhancement to JDK 8u. It's been approved via CCC process already.
>>>>
>>>> The fix differs to that in JDK 9 in that I've chosen not to update the JDK 9 deprecated ContentSignerParameters interface. That was a request from Dev engineer.
>>>>
>>>> For jdk8u, the tSAPolicyID value is obtained from the JarSignerParameters class. I've moved that class to its own source file. Build and tests are green.
>>>>
>>>> webrev : http://cr.openjdk.java.net/~coffeys/webrev.8038837.8u/webrev/
>>>> bug report : https://bugs.openjdk.java.net/browse/JDK-8038837
>>>> --
>>>> Regards,
>>>> Sean.
>>>>
More information about the security-dev
mailing list