Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8273053

Different behavior while checking jar`s signature in Linux and Windows OSs

    XMLWordPrintable

    Details

    • Subcomponent:
    • CPU:
      x86_64
    • OS:
      linux_ubuntu

      Description

      ADDITIONAL SYSTEM INFORMATION :
      OS Linux(Ubuntu) & OS Windows 10
      OpenJDK11

      A DESCRIPTION OF THE PROBLEM :
      When I try to launch JNLP application using OpenJDK 11 & IcedTea-Web in OS Ubuntu(Linux), it fails with error that my application is signed with not permitted algorithm. But in OS Windows I launch this application successfully.
      I found out that is happens because my Manifest.mf file has digest computed using 3 algorithms: MD5, SHA-1, SHA-256. But my application is signed using algorithm SHA256withRSA with key length = 2048.
      In java.security there is property jdk.jar.disabledAlgorithms, which disables MD5, but I see different behavior in OS Linux and OS Windows using the same JDK. In Linux java while checking JAR signature also checks digest algorithms in Manifest file, but in Windows it checks only .SF

      STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
      1. Download OpenJDK
      2. launch JNLP application that is signed with SHA256withRSA algorithm in OS Linux
      3. Get error that my app is not signed with allowed algorithm

      EXPECTED VERSUS ACTUAL BEHAVIOR :
      EXPECTED -
      Application lauched successfully in both Linux & Windows
      ACTUAL -
      In OS Linux(Ubuntu) JNLP application failed to launch with error that it is not signed with allowed algorithm

      FREQUENCY : always


        Attachments

          Activity

            People

            Assignee:
            tongwan Andrew Wang
            Reporter:
            webbuggrp Webbug Group
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: