RFR: 8277474: jarsigner does not check if algorithm parameters are disabled [v6]

Hai-May Chao hchao at openjdk.java.net
Thu Mar 3 22:18:53 UTC 2022


> This fixes jarsigner to enforce checking against algorithm constraint properties so when the signature algorithms parameters use disabled or legacy algorithms, it will emit warnings accordingly. If the algorithm used in parameters is disabled, jarsigner treats the jar as unsigned.

Hai-May Chao has updated the pull request incrementally with one additional commit since the last revision:

  No need to do toUpperCase

-------------

Changes:
  - all: https://git.openjdk.java.net/jdk/pull/7582/files
  - new: https://git.openjdk.java.net/jdk/pull/7582/files/d2cd7ef8..74dc7040

Webrevs:
 - full: https://webrevs.openjdk.java.net/?repo=jdk&pr=7582&range=05
 - incr: https://webrevs.openjdk.java.net/?repo=jdk&pr=7582&range=04-05

  Stats: 4 lines in 1 file changed: 0 ins; 2 del; 2 mod
  Patch: https://git.openjdk.java.net/jdk/pull/7582.diff
  Fetch: git fetch https://git.openjdk.java.net/jdk pull/7582/head:pull/7582

PR: https://git.openjdk.java.net/jdk/pull/7582



More information about the security-dev mailing list