-
Bug
-
Resolution: Not an Issue
-
P4
-
None
-
11
-
x86_64
-
linux_ubuntu
ADDITIONAL SYSTEM INFORMATION :
OS Linux(Ubuntu) & OS Windows 10
OpenJDK11
A DESCRIPTION OF THE PROBLEM :
When I try to launch JNLP application using OpenJDK 11 & IcedTea-Web in OS Ubuntu(Linux), it fails with error that my application is signed with not permitted algorithm. But in OS Windows I launch this application successfully.
I found out that is happens because my Manifest.mf file has digest computed using 3 algorithms: MD5, SHA-1, SHA-256. But my application is signed using algorithm SHA256withRSA with key length = 2048.
In java.security there is property jdk.jar.disabledAlgorithms, which disables MD5, but I see different behavior in OS Linux and OS Windows using the same JDK. In Linux java while checking JAR signature also checks digest algorithms in Manifest file, but in Windows it checks only .SF
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
1. Download OpenJDK
2. launch JNLP application that is signed with SHA256withRSA algorithm in OS Linux
3. Get error that my app is not signed with allowed algorithm
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
Application lauched successfully in both Linux & Windows
ACTUAL -
In OS Linux(Ubuntu) JNLP application failed to launch with error that it is not signed with allowed algorithm
FREQUENCY : always
OS Linux(Ubuntu) & OS Windows 10
OpenJDK11
A DESCRIPTION OF THE PROBLEM :
When I try to launch JNLP application using OpenJDK 11 & IcedTea-Web in OS Ubuntu(Linux), it fails with error that my application is signed with not permitted algorithm. But in OS Windows I launch this application successfully.
I found out that is happens because my Manifest.mf file has digest computed using 3 algorithms: MD5, SHA-1, SHA-256. But my application is signed using algorithm SHA256withRSA with key length = 2048.
In java.security there is property jdk.jar.disabledAlgorithms, which disables MD5, but I see different behavior in OS Linux and OS Windows using the same JDK. In Linux java while checking JAR signature also checks digest algorithms in Manifest file, but in Windows it checks only .SF
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
1. Download OpenJDK
2. launch JNLP application that is signed with SHA256withRSA algorithm in OS Linux
3. Get error that my app is not signed with allowed algorithm
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
Application lauched successfully in both Linux & Windows
ACTUAL -
In OS Linux(Ubuntu) JNLP application failed to launch with error that it is not signed with allowed algorithm
FREQUENCY : always