On 6/5/2014 3:24 PM, Wang Weijun wrote: > > On Jun 4, 2014, at 16:26, Wang Weijun <[email protected]> wrote: > >> Oh, I was just updating the webrev to >> >> http://cr.openjdk.java.net/~weijun/8044755/webrev.01/ > > Are you OK with this 2nd version of webrev? > Ok.
Xuelei > Thanks > Max > >> >> As we've just discussed offline, the reason the 2nd jarsigner call fails is >> a double weakness, not only the signer's key is 512 bit, but also signer's >> cert is signed by a 512 key (of CA). >> >> Therefore I update the test to use a weak signature alg -- MD2withRSA. This >> time I believe the weakness of CA's cert won't infect the its signature when >> signing signer. >> >> Thanks >> Max >> >> On Jun 4, 2014, at 16:20, Xuelei Fan <[email protected]> wrote: >> >>> Looks fine to me. >>> >>> FYI, I'd like to remove the temporary files (a.jar, ks, etc) after a >>> testing. >>> >>> Xuelei >>> >>> On 6/4/2014 2:21 PM, Wang Weijun wrote: >>>> Please review a new test at >>>> >>>> http://cr.openjdk.java.net/~weijun/8044755/webrev.00/ >>>> >>>> It makes sure the CertPath validation check in jarsigner matches the >>>> algorithm constraints check on key sizes. >>>> >>>> Thanks >>>> Max >>>> >>> >> >
