-
Type:
Enhancement
-
Resolution: Unresolved
-
Priority:
P4
-
None
-
Affects Version/s: None
-
Component/s: core-libs
-
None
The test test/jdk/java/util/jar/JarEntry/GetMethodsReturnClones.java uses a binary test vector "input.jar". This JAR uses weak algorithms and is effectively unsigned:
% jarsigner -verify test/jdk/java/util/jar/JarEntry/test.jar
The jar will be treated as unsigned, because it is signed with a weak algorithm that is now disabled.
Because the test has null checks for certs and signers it effectively does nothing.
The test should be updated to generate the signed JAR programmatically and to fail if an entry expected to be signed is unsigned.
% jarsigner -verify test/jdk/java/util/jar/JarEntry/test.jar
The jar will be treated as unsigned, because it is signed with a weak algorithm that is now disabled.
Because the test has null checks for certs and signers it effectively does nothing.
The test should be updated to generate the signed JAR programmatically and to fail if an entry expected to be signed is unsigned.