JDK-6572493 : Bundle security components for JKernel
  • Type: Enhancement
  • Component: deploy
  • Sub-Component: deployment_toolkit
  • Affected Version: 6u4
  • Priority: P2
  • Status: Closed
  • Resolution: Fixed
  • OS: generic
  • CPU: generic
  • Submitted: 2007-06-21
  • Updated: 2012-10-18
  • Resolved: 2008-02-12
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 6 JDK 7
6u10 b02Fixed 7Fixed
Related Reports
Relates :  
JDK-6589656 - Bundle security improvements for JKernel
Relates :  
JDK-6569133 - Installing Optional Packages failing with Kernel JRE
Description
Need code for JRE builds and JKernel to:
  1) Avoid dependencies on most Java security classes
  2) Generate secure hashcodes corresponding to each JKernel bundle for a resource
     that will be used by JKernel during bundle downloads
  3) Check downloaded bundles to see that they are not corrupt and that they contain
     the same bits as in the bundles created by a given JRE build

See comments for additional details.
Comments
EVALUATION Definitely need this.
22-06-2007
SUGGESTED FIX The following new classes are proposed to implement this RFE: sun.security.provider.StandaloneMessageDigest sun.security.provider.StandaloneSHA sun.io.CheckedFileInputStream sun.io.CheckedFileOutputStream sun.misc.ByteArrayToFromHexDigits (might not need this long term) Plus the following build utility: /a/jdk/j2se/make/tools/jkernel/AppendCheckValue.java Plus changes to various Jkernel and make files. *** (#1 of 1): [ UNSAVED ] ###@###.###
21-06-2007