Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8217375

jarsigner breaks old signature with long lines in manifest

    XMLWordPrintable

Details

    • Bug
    • Status: Resolved
    • P3
    • Resolution: Fixed
    • 11
    • 13
    • security-libs
    • None

    Backports

      Description

        After JDK-6372077 the maximum length of a line in a manifest file was changed from 70 to 72 bytes. If a JAR file was signed with an old version of jarsigner and signed again using a different signer with jarsigner from JDK 11, the manifest file might be rewritten (if the manifest has any change, for example, a new file is added) with a different width. The manifest hash recorded in the original signature will not match the updated manifest and the old signature will not verify.

        Attachments

          Issue Links

            Activity

              People

                weijun Weijun Wang
                weijun Weijun Wang
                Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved: