[9] RFR: 8168882: keytool doesn't print certificate info if disabled algorithm was used for signing a jar
Artem Smotrakov
artem.smotrakov at oracle.com
Tue Nov 1 23:35:13 UTC 2016
Hello,
Please review this small update for keytool.
"keytool -printcert -jarfile" doesn't work with jars which were signed
with algorithms listed in "jdk.jar.disabledAlgorithms" security property.
The patch below resets "jdk.jar.disabledAlgorithms" security property
before reading a jar file, and prints a warning.
I also re-wrote readjar.sh test, and added SecurityTools class with a
couple of re-usable methods for jarsigner and keytool (those methods are
based on methods from TimestampCheck.java).
Bug: https://bugs.openjdk.java.net/browse/JDK-8168882
Webrev: http://cr.openjdk.java.net/~asmotrak/8168882/webrev.00/
Artem
More information about the security-dev
mailing list