United StatesChange Country, Oracle Worldwide Web Sites Communities I am a... I want to...
JDK-7096008 : treating signed files as files even if not ALL files in the jar are signed

Details
Type:
Bug
Submit Date:
2011-09-28
Status:
Open
Updated Date:
2012-07-23
Project Name:
JDK
Resolved Date:
Component:
tools
OS:
linux
Sub-Component:
jar
CPU:
x86
Priority:
P4
Resolution:
Unresolved
Affected Versions:
6u26
Targeted Versions:

Related Reports

Sub Tasks

Description
FULL PRODUCT VERSION :


ADDITIONAL OS VERSION INFORMATION :
(not really relevant) 2.6.35.14-96.fc14.x86_64

A DESCRIPTION OF THE PROBLEM :
Additional details are at
https://bugzilla.redhat.com/show_bug.cgi?id=738814
where it is suggested that I file a bug report here.
The original issue was that an old jarsigner failed to sign the supposedly optional INDEX.LIST file
and this causes all of the other contents of the jar to be rejected.  Given that the individual files are signed, I don't understand why they are not trusted and used.

STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
regression: I believe this does work in older versions of java


REPRODUCIBILITY :
This bug can be reproduced always.

                                    

Comments



Hardware and Software, Engineered to Work Together