RFR: 8309841: Jarsigner should print a warning if an entry is removed
Kevin Driver
kdriver at openjdk.org
Thu Sep 12 14:53:07 UTC 2024
On Fri, 7 Jun 2024 15:11:29 GMT, Weijun Wang <weijun at openjdk.org> wrote:
> There ~are two~ is one change~s~:
>
> 1. In `jarsigner -verify`, check a .SF file contains un-existing entries and print them out as
>
> Warning: nonexistent signed entries detected: [a]
>
> ~2. In `JarSigner::sign0`, when creating a new .SF file, only include signed file entries.~
>
> *Update*: Even when the JAR file is resigned, the hash entry for the missing file will be in the new .SF file. There is no way to tell if this is for a file entry or a user-defined entry.
test/jdk/sun/security/tools/jarsigner/RemovedFiles.java line 49:
> 47: // All is fine at the beginning.
> 48: SecurityTools.jarsigner("-verify a.jar")
> 49: .shouldNotContain("Nonexistent signed entries detected. See details in -verbose output.");
It may make sense to make this String into a constant. It is repeated several times, and that may be error prone.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/19599#discussion_r1757030672
More information about the security-dev
mailing list