Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8078534

DRS 1.2: checksum algorithm needs to be restricted to SHA-256

    Details

    • Resolved In Build:
      b15
    • Verification:
      Verified

      Backports

        Description

        DRS 1.2 implements checksum type rule for unsigned jars.
        The AMC interface passes checksum and checksum algorythm to deploy in CodeRef constructor in order to prevent deploy code from trying to download the jar and calculate the checksum itself. If a DRS ruleset could contain different checksum rules with different algorithms, then this would be thwarted, and deploy would try to download the jar to calculate the checksum in the other algorithm.

        We could solve this by changing the interface to pass in array of checksums and algorithms, and AMC would have to compute the checksums in all possible algorithms.

        It would be easier at this time to just restrict the possible algorithms to just SHA-256, and at this time we see no pressing need to support any other algorithm.

        DRS 1.2 will be modified to allow only SHA-256 as the algorithm used for checksum element.

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  herrick Andy Herrick
                  Reporter:
                  herrick Andy Herrick
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  4 Start watching this issue

                  Dates

                  • Due:
                    Created:
                    Updated:
                    Resolved: