In JarFile, I think you should also upper-case the entry names before
passing to SignatureFileVerifier.isBlockOrSF, as all other calls to this
method in the JDK do that. The jar specification says that these
filenames are case-insensitive, so a file named "*.rsa" should also be
treated as a signature file.
Looks good otherwise, although I couldn't see any difference between the
8 and 9 fix.
--Sean
On 01/22/2014 02:01 AM, Wang Weijun wrote:
Hi All
Please take a look at the webrev at
http://cr.openjdk.java.net/~weijun/8031572/8/webrev.00/
JarVerifier has a flag that separates parsing signatures and verifying other
entries. The fix makes sure only signature-related files are processed in the
beginning so JarVerifier does not enter the second stage prematurely. Please
note that JarInputStream always feeds JarVerifier by natural order so once a
non-signatued-related file is processed it goes into verification stage and
will not parse a signature anymore.
Maybe a smarter solution is to be *always on alert*, which means at anytime an
incoming entry can be anything, so that even if signature-related files appear
at the middle of a file, at least those come after them can be treated as
signed when opening with a JarInputStream. This will be a huge change to the
JarVerifier class and IMHO does not really help much. Also I don’t want to
consider it at this final time of JDK 8.
You can also find webrevs for jdk9 and jdk7u at
http://cr.openjdk.java.net/~weijun/8031572/webrev.00/
and
http://cr.openjdk.java.net/~weijun/8031572/7/webrev.00/
There are some tiny differences. For 9, the JarVerifier fix needs to be rebased
on a language style changeset. For 7u, there are some differences in the test
because of class name change, implicit final, and default method.
Thanks
Max
