Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-6575373

Error verifying signatures of pack200 files in some cases

    Details

    • Subcomponent:
    • Resolved In Build:
      b100
    • CPU:
      generic, x86
    • OS:
      generic, linux, windows
    • Verification:
      Verified

      Backports

        Description

        We are seeing a similar bug to that described in 5078608. On some machines, we get the following error when validating a large .pack.gz file (j3dcore.jar) that has been unpacked using unpack200.

        jarsigner: java.lang.SecurityException: SHA1 digest error for javax/media/j3d/Alpha.class

        The sequence of operations on the build machine is:

        pack200 --repack
        jarsigner
        pack200

        Then when that taget machine, which may be a different rev of the JVM, unpacks and validates it, it fails on some machines.

        unpack200
        jarsigner --verify

        One combination that seems to break is if we repack/sign/pack on JDK 6 or 5u11 and then unpack/verify on 5u6 or 5u7.

        I have put test files in the following directory:

        http://download.java.net/media/java3d/bugs/pack200/

        j3dcore.jar.orig original (unsigned, not repacked)
        j3dcore.jar.repacked repacked (but unsigned) jar file
        j3dcore.jar signed jar file
        j3dcore.jar.pack.gz pack200 jar file

        If you verify the j3dcore.jar file it will work on any JVM. If you unpack200 the j3dcore.jar.pack.gz file on 5u6 and then verify it, it will fail.

        The workaround described in 5078608 of using "--segment-limit=-1" for both repack and pack seems to work.

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  ksrini Kumar Srinivasan (Inactive)
                  Reporter:
                  kcr Kevin Rushforth
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  0 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved:
                    Imported:
                    Indexed: