[jira] [Updated] (FELIX-5227) Created manifest files do not end with newline

Tue, 29 Mar 2016 05:00:45 -0700 

     [ 
https://issues.apache.org/jira/browse/FELIX-5227?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Kai Hudalla updated FELIX-5227:
-------------------------------
    Attachment: californium-osgi-1.0.4-20160326.145623-2.jar

When using {{jarsigner}} to verify the bundle jar

{code}
$> jarsigner -verify californium-osgi-1.0.4-20160326.145623-2.jar
jar verified.

Warning:
This jar contains unsigned entries which have not been integrity-checked.

Re-run with the -verbose and -certs options for more details.
{code}

the jar gets verified with warnings. When you use the {{-verbose}} option to 
get more details you can see that jarsigner does not recognize the Manifest 
entry for 
{{org/eclipse/californium/core/network/stack/CoapStack$StackBottomAdapter.class}}
 and thus thinks that it is not signed.

The Manifest contains

{code}
...
Require-Capability: osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.7))"
Tool: Bnd-2.3.0.201405100607
Name: org/eclipse/californium/core/network/stack/CoapStack$StackBottom
 Adapter.class
SHA-256-Digest: P6yFKOXxaWGxUWXtIFmpL3huKW58+A2zpg+DksFfIgk=

Name: org/eclipse/californium/elements/Connector.class
SHA-256-Digest: dDtvM7+qv6VyPfrknDVUAYA4r2Qf/OVVcPFWUTni4XE=
...
{code}

Note that there is no empty line between the last entry created by BND and the 
first entry created by jarsigner. I suspect that this is the reason why 
jarsigner does not recognize the entry when verifying the bundle.

> Created manifest files do not end with newline
> ----------------------------------------------
>
>                 Key: FELIX-5227
>                 URL: https://issues.apache.org/jira/browse/FELIX-5227
>             Project: Felix
>          Issue Type: Bug
>          Components: Maven Bundle Plugin
>    Affects Versions: maven-bundle-plugin-3.0.1
>         Environment: Linux
>            Reporter: Kai Hudalla
>         Attachments: californium-osgi-1.0.4-20160326.145623-2.jar
>
>
> Manifest files created by the maven bundle plugin do not end with a newline 
> character. This is problematic when signing a bundle containing such a 
> Manifest because the jarsigner tool then fails to insert an empty line 
> between the last entry in the Manifest created by the bundle plugin (in my 
> case the line containing the *tool:* header) and the first entry for signed 
> files contained in the bundle.
> When later verifying such a signed bundle this results in jarsigner issuing a 
> warning that the jar contains files for which no signature exists which I 
> assume is because of the missing empty line.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to