RFR: 8277474: jarsigner does not check if algorithm parameters are disabled [v3]

Hai-May Chao hchao at openjdk.java.net
Thu Mar 3 01:40:39 UTC 2022


> This fixes jarsigner to enforce checking against algorithm constraint properties so when the signature algorithms parameters use disabled or legacy algorithms, it will emit warnings accordingly. If the algorithm used in parameters is disabled, jarsigner treats the jar as unsigned.

Hai-May Chao has updated the pull request incrementally with two additional commits since the last revision:

 - Updated -verbose output
 - Updated -verbose output

-------------

Changes:
  - all: https://git.openjdk.java.net/jdk/pull/7582/files
  - new: https://git.openjdk.java.net/jdk/pull/7582/files/9ffda802..516d8bf0

Webrevs:
 - full: https://webrevs.openjdk.java.net/?repo=jdk&pr=7582&range=02
 - incr: https://webrevs.openjdk.java.net/?repo=jdk&pr=7582&range=01-02

  Stats: 20 lines in 2 files changed: 12 ins; 0 del; 8 mod
  Patch: https://git.openjdk.java.net/jdk/pull/7582.diff
  Fetch: git fetch https://git.openjdk.java.net/jdk pull/7582/head:pull/7582

PR: https://git.openjdk.java.net/jdk/pull/7582



More information about the security-dev mailing list