Loading...

XML

Word

Printable

Type: Enhancement
Resolution: Unresolved
Priority: P4
Fix Version/s: tbd
Affects Version/s: None
Component/s: security-libs
Labels:
None

Subcomponent:
java.security

Currently, verifying a signed JAR only uses a hardcoded of JDK-internal providers. This makes sure a third-party JCA/JCE JAR file does not uses a signature defined inside it to sign itself, and thus avoid an infinite loop. For non JCA/JCE JAR files, this might not be necessary.

relates to

JDK-8292779 Support arbitrary key/signature algorithms in JAR signing

Closed

Assignee:: Unassigned

Reporter:: Weijun Wang

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Created:: 2022-08-23 07:11

Updated:: 2022-08-23 20:45

Details

Description

Attachments

Issue Links

Activity

People

Dates