Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8245151

jarsigner should not raise duplicate warnings on verification

    XMLWordPrintable

    Details

    • Subcomponent:
    • Introduced In Build:
      b20
    • Introduced In Version:
      15
    • Resolved In Build:
      b24
    • Verification:
      Verified

      Backports

        Description

        1. Signed a jar with options "-digestalg SHA-1" and "-tsadigestalg SHA-1", the output contained the blow lines,
        ...
        jar signed.

        Warning:
        The SHA-1 algorithm specified for the -digestalg option is considered a security risk. This algorithm will be disabled in a future update.
        The SHA-1 algorithm specified for the -tsadigestalg option is considered a security risk. This algorithm will be disabled in a future update.
        ...

        2. Verified the signed jar, two duplicate warnings were raised about SHA-1, like the below,
        ...
        jar verified.

        Warning:
        The SHA-1 digest algorithm is considered a security risk. This algorithm will be disabled in a future update.
        The SHA-1 digest algorithm is considered a security risk. This algorithm will be disabled in a future update.
        ...

          Attachments

            Issue Links

            backported by

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8249161 jarsigner should not raise duplicate warnings on verification

            • P4 - Minor loss of function, or other problem where easy workaround is present.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8249679 jarsigner should not raise duplicate warnings on verification

            • P4 - Minor loss of function, or other problem where easy workaround is present.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8249762 jarsigner should not raise duplicate warnings on verification

            • P4 - Minor loss of function, or other problem where easy workaround is present.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8249775 jarsigner should not raise duplicate warnings on verification

            • P4 - Minor loss of function, or other problem where easy workaround is present.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8251767 jarsigner should not raise duplicate warnings on verification

            • P4 - Minor loss of function, or other problem where easy workaround is present.
            • Resolved
            relates to

            Enhancement - null JDK-8172404 Tools should warn if weak algorithms are used before restricting them

            • P3 - Major loss of function.
            • Resolved

              Activity

                People

                Assignee:
                hchao Haimay Chao
                Reporter:
                jjiang John Jiang
                Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                  Dates

                  Created:
                  Updated:
                  Resolved: