Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8277474

jarsigner does not check if algorithm parameters are disabled

    XMLWordPrintable

    Details

      Description

      Currently, the jarsigner tool does not warn you if algorithms used in signature/digest parameters are using legacy or disabled algorithms. For example, the parameters for the RSASSA-PSS signature algorithm contain two fields (hashAlgorithm and maskGenAlgorithm) that should be checked against the algorithm constraint properties.

      These algorithms however, are properly restricted at runtime, and if disabled, the JAR is treated as unsigned.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              hchao Haimay Chao
              Reporter:
              mullan Sean Mullan
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: