Loading...

XML

Word

Printable

Type: Enhancement
Resolution: Fixed
Priority: P4
Fix Version/s: 25
Affects Version/s: None
Component/s: security-libs
Labels:
None

Subcomponent:
jdk.security
Resolved In Build:
b17
Verification:
Verified

The jarsigner -verify command currently performs verification by reading from JarFile to navigate the central directory (CEN) headers. It is enhanced to include cross-validation of entries. That is, the verification process now reads from both JarFile (CEN-based) and JarInputStream (stream-based) representations of the JAR.

duplicates

JDK-8332311 jarsigner can print a warning if verifying with JarInputStream has different result

Closed

relates to

JDK-8353299 VerifyJarEntryName.java test fails

Resolved

JDK-8353330 Test runtime/cds/appcds/SignedJar.java fails in CDSHeapVerifier

Resolved

links to

Commit(master) openjdk/jdk/bbd5b174

Review(master) openjdk/jdk/23532

Assignee:: Haimay Chao

Reporter:: Weijun Wang

Votes:: 0 Vote for this issue

Watchers:: 8 Start watching this issue

Created:: 2024-08-29 12:40

Updated:: 2025-08-21 12:24

Resolved:: 2025-03-31 07:59

Details

Description

Attachments

Issue Links

Activity

People

Dates