RFR: 8253299: Manifest bytes are read twice when verifying a signed JAR
Claes Redestad
redestad at openjdk.java.net
Thu Nov 19 00:12:04 UTC 2020
On Wed, 18 Nov 2020 21:59:01 GMT, Hai-May Chao <hchao at openjdk.org> wrote:
> Small change to retrieve the raw bytes of manifest during verifying signed JAR.
This seems like a good optimization.
I think comparing the manifest name case insensitively might be preferable - e.g. using String.equalsIgnoreCase - but if the worst that can happen is that a non-conventionally cased is read twice then I think what you have here is good.
-------------
Marked as reviewed by redestad (Reviewer).
PR: https://git.openjdk.java.net/jdk/pull/1299
More information about the security-dev
mailing list