Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8217375

jarsigner breaks old signature with long lines in manifest

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: P3
    • Resolution: Fixed
    • Affects Version/s: 11
    • Fix Version/s: 13
    • Component/s: security-libs
    • Labels:
      None

      Backports

        Description

        After JDK-6372077 the maximum length of a line in a manifest file was changed from 70 to 72 bytes. If a JAR file was signed with an old version of jarsigner and signed again using a different signer with jarsigner from JDK 11, the manifest file might be rewritten (if the manifest has any change, for example, a new file is added) with a different width. The manifest hash recorded in the original signature will not match the updated manifest and the old signature will not verify.

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  weijun Weijun Wang
                  Reporter:
                  weijun Weijun Wang
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  3 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: