-
Bug
-
Resolution: Fixed
-
P3
-
6, 6u1, 6u17
-
b100
-
generic, x86
-
generic, linux, windows
-
Verified
| Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
|---|---|---|---|---|---|---|
| JDK-2194109 | 6-pool | Nikolay Gorshkov | P3 | Closed | Won't Fix | |
| JDK-8164873 | OpenJDK6 | Andrew Hughes | P3 | Resolved | Fixed | b40 |
We are seeing a similar bug to that described in 5078608. On some machines, we get the following error when validating a large .pack.gz file (j3dcore.jar) that has been unpacked using unpack200.
jarsigner: java.lang.SecurityException: SHA1 digest error for javax/media/j3d/Alpha.class
The sequence of operations on the build machine is:
pack200 --repack
jarsigner
pack200
Then when that taget machine, which may be a different rev of the JVM, unpacks and validates it, it fails on some machines.
unpack200
jarsigner --verify
One combination that seems to break is if we repack/sign/pack on JDK 6 or 5u11 and then unpack/verify on 5u6 or 5u7.
I have put test files in the following directory:
http://download.java.net/media/java3d/bugs/pack200/
j3dcore.jar.orig original (unsigned, not repacked)
j3dcore.jar.repacked repacked (but unsigned) jar file
j3dcore.jar signed jar file
j3dcore.jar.pack.gz pack200 jar file
If you verify the j3dcore.jar file it will work on any JVM. If you unpack200 the j3dcore.jar.pack.gz file on 5u6 and then verify it, it will fail.
The workaround described in 5078608 of using "--segment-limit=-1" for both repack and pack seems to work.
jarsigner: java.lang.SecurityException: SHA1 digest error for javax/media/j3d/Alpha.class
The sequence of operations on the build machine is:
pack200 --repack
jarsigner
pack200
Then when that taget machine, which may be a different rev of the JVM, unpacks and validates it, it fails on some machines.
unpack200
jarsigner --verify
One combination that seems to break is if we repack/sign/pack on JDK 6 or 5u11 and then unpack/verify on 5u6 or 5u7.
I have put test files in the following directory:
http://download.java.net/media/java3d/bugs/pack200/
j3dcore.jar.orig original (unsigned, not repacked)
j3dcore.jar.repacked repacked (but unsigned) jar file
j3dcore.jar signed jar file
j3dcore.jar.pack.gz pack200 jar file
If you verify the j3dcore.jar file it will work on any JVM. If you unpack200 the j3dcore.jar.pack.gz file on 5u6 and then verify it, it will fail.
The workaround described in 5078608 of using "--segment-limit=-1" for both repack and pack seems to work.
- backported by
-
JDK-8164873 Error verifying signatures of pack200 files in some cases
-
- Resolved
-
-
-
- Closed
-
- relates to
-
-
- Open
-
-
-
- Resolved
-
-
-
- Closed
-
-
-
- Closed
-
(1 relates to)