RFR: 8259401: Add checking to jarsigner to warn weak algorithms used in si…
Rajan Halade
rhalade at openjdk.java.net
Tue Jan 12 22:30:55 UTC 2021
On Tue, 12 Jan 2021 03:34:00 GMT, Hai-May Chao <hchao at openjdk.org> wrote:
> The jarsigner tool currently provides warning associated with the signer’s cert when it uses weak algorithms, but not for the CA certs. This change is to process the signer’s cert chain to warn if CA certs use weak algorithms.
test/jdk/sun/security/tools/jarsigner/CheckSignerCertChain.java line 52:
> 50: public static void main(String[] args) throws Exception {
> 51:
> 52: // root certificate using SHA1withRSA and 1024-bit key
It will be helpful to have these comments logged as debug messages with System.out
-------------
PR: https://git.openjdk.java.net/jdk/pull/2042
More information about the security-dev
mailing list