subject:"RFR\: 8259401\: Add checking to jarsigner to warn weak algorithms used in signer’s cert chain \[v2\]"

Re: RFR: 8259401: Add checking to jarsigner to warn weak algorithms used in signer’s cert chain [v2]

2021-01-13 Thread Hai-May Chao

On Wed, 13 Jan 2021 15:17:22 GMT, Weijun Wang  wrote:

>> Hai-May Chao has updated the pull request incrementally with one additional 
>> commit since the last revision:
>> 
>>   No warning for trusted cert's SHA1, and added debug output to test
>
> src/jdk.jartool/share/classes/sun/security/tools/jarsigner/Main.java line 
> 1491:
> 
>> 1489: .append(checkWeakKey(key));
>> 1490: 
>> 1491: certStr.append("\n").append(tab).append("[");
> 
> It's a little strange to leave the other half of the bracket 
> (`certStr.append("]");` on line 1568) outside the if-else block. Can you 
> please move it inside? Of course you will have to duplicate them.

I'd prefer to keep it as is instead of duplicating the code in several places 
inside if block and else block.

-

PR: https://git.openjdk.java.net/jdk/pull/2042

Re: RFR: 8259401: Add checking to jarsigner to warn weak algorithms used in signer’s cert chain [v2]

2021-01-13 Thread Hai-May Chao

On Wed, 13 Jan 2021 20:26:17 GMT, Sean Mullan  wrote:

>> Hai-May Chao has updated the pull request incrementally with one additional 
>> commit since the last revision:
>> 
>>   No warning for trusted cert's SHA1, and added debug output to test
>
> Marked as reviewed by mullan (Reviewer).

Thanks for the review, Max. The comment about trusted cert's sigalg checking 
has been removed.

-

PR: https://git.openjdk.java.net/jdk/pull/2042

Re: RFR: 8259401: Add checking to jarsigner to warn weak algorithms used in signer’s cert chain [v2]

Re: RFR: 8259401: Add checking to jarsigner to warn weak algorithms used in signer’s cert chain [v2]

2 matches

Site Navigation

Mail list logo

Footer information