Re: RFR: 8277474: jarsigner does not check if algorithm parameters are disabled

Weijun Wang Wed, 02 Mar 2022 08:54:26 -0800

On Tue, 22 Feb 2022 22:00:05 GMT, Hai-May Chao <hc...@openjdk.org> wrote:


> This fixes jarsigner to enforce checking against algorithm constraint 
> properties so when the signature algorithms parameters use disabled or legacy 
> algorithms, it will emit warnings accordingly. If the algorithm used in 
> parameters is disabled, jarsigner treats the jar as unsigned.

src/jdk.jartool/share/classes/sun/security/tools/jarsigner/Main.java line 1438:

> 1436:             try {
> 1437:                 LEGACY_CHECK.permits(algParams, jcp);
> 1438:                 return alg;

No need to return here since it will be returned on line 1445 anyway.

test/jdk/sun/security/tools/jarsigner/CheckAlgParams.java line 30:

> 28:  *          its signature algorithm use disabled or legacy algorithms
> 29:  * @library /test/lib
> 30:  * @modules java.base/sun.security.x509

Is this `@modules` line useful?

-------------

PR: https://git.openjdk.java.net/jdk/pull/7582

Re: RFR: 8277474: jarsigner does not check if algorithm parameters are disabled

Reply via email to