RFR: 8378291: Test vector in test/jdk/java/util/jar/JarEntry/GetMethodsReturnClones.java is effectively unsigned

Tue, 07 Apr 2026 07:15:27 -0700 

Can I please get a review of this test-only change which updates the 
`test/jdk/java/util/jar/JarEntry/GetMethodsReturnClones.java` test to use a 
dynamically generated signed JAR file to run its tests? This addresses 
https://bugs.openjdk.org/browse/JDK-8378291.

This test exercises the `JarEntry.getCertificates()` and 
`JarEntry.getCodeSigners()` method to verify that those methods return a copy 
of the original array thus preventing any updates to the returned array from 
being propagated to the original array. This test was using a pre-generated 
`test.jar` file which was signed using a (now) weak key and the JAR was being 
treated as unsigned:


jarsigner -certs  -verbose -verify test/jdk/java/util/jar/JarEntry/test.jar 

         140 Sun Feb 08 17:22:36 IST 2004 META-INF/MANIFEST.MF
         202 Sun Feb 08 17:22:36 IST 2004 META-INF/TEST.SF
        1595 Sun Feb 08 17:22:36 IST 2004 META-INF/TEST.RSA
           0 Tue Sep 17 13:07:14 IST 2002 META-INF/
 m  ?   1770 Tue Sep 17 13:04:40 IST 2002 WriteFileTest.class

  s = signature was verified 
  m = entry is listed in manifest
  k = at least one certificate was found in keystore
  ? = unsigned entry

...
WARNING: The jar will be treated as unsigned, because it is signed with a weak 
algorithm that is now disabled by the security property:

  jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, DSA keySize < 1024, 
SHA1 denyAfter 2019-01-01


The test has now been updated to dynamically generate the JAR file and verify 
these methods. Existing tests in `test/jdk/java/util/jar` continue to pass and 
tier1 testing is currently in progress.

-------------

Commit messages:
 - 8378291: Test vector in 
test/jdk/java/util/jar/JarEntry/GetMethodsReturnClones.java is effectively 
unsigned

Changes: https://git.openjdk.org/jdk/pull/30602/files
  Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=30602&range=00
  Issue: https://bugs.openjdk.org/browse/JDK-8378291
  Stats: 130 lines in 2 files changed: 100 ins; 11 del; 19 mod
  Patch: https://git.openjdk.org/jdk/pull/30602.diff
  Fetch: git fetch https://git.openjdk.org/jdk.git pull/30602/head:pull/30602

PR: https://git.openjdk.org/jdk/pull/30602

Reply via email to