Re: RFR: JDK-8155756 - Better context for some jlink exceptions

[Sundararajan Athijegannathan]

+1

-Sundar


On 11/7/2016 11:13 PM, Jim Laskey (Oracle) wrote:
> Only 2 of 3 examples still present.
>
> http://cr.openjdk.java.net/~jlaskey/8155756/webrev/index.html 
> 
> https://bugs.openjdk.java.net/browse/JDK-8155756 
> 
>

hg: jigsaw/jake/hotspot: Update jake for the fix for JDK-6479237

[mandy . chung]

Changeset: 0778dd3211ac
Author:mchung
Date:  2016-11-07 16:10 -0800
URL:   http://hg.openjdk.java.net/jigsaw/jake/hotspot/rev/0778dd3211ac

Update jake for the fix for JDK-6479237

! make/symbols/symbols-unix
! src/share/vm/prims/jvm.cpp
! src/share/vm/prims/jvm.h

hg: jigsaw/jake/jdk: 2 new changesets

[mandy . chung]

Changeset: 2ce9c7477e52
Author:sdrach
Date:  2016-10-31 10:08 -0700
URL:   http://hg.openjdk.java.net/jigsaw/jake/jdk/rev/2ce9c7477e52

Add a warning message to jar tool when unexpected entry is found in versioned 
directory.
Reviewed-by: mchung
Contributed-by: steve.dr...@oracle.com

! src/jdk.jartool/share/classes/sun/tools/jar/Main.java
! src/jdk.jartool/share/classes/sun/tools/jar/resources/jar.properties

Changeset: 20ddc65986b2
Author:mchung
Date:  2016-11-07 16:10 -0800
URL:   http://hg.openjdk.java.net/jigsaw/jake/jdk/rev/20ddc65986b2

Update jake for the fix for JDK-6479237

! make/mapfiles/libjava/mapfile-vers
! make/mapfiles/libjava/reorder-sparc
! make/mapfiles/libjava/reorder-sparcv9
! make/mapfiles/libjava/reorder-x86
! src/java.base/share/classes/java/lang/ClassLoader.java
! src/java.base/share/classes/java/lang/StackFrameInfo.java
! src/java.base/share/classes/java/lang/StackTraceElement.java
! src/java.base/share/classes/java/lang/Throwable.java
! src/java.base/share/classes/java/net/URLClassLoader.java
! src/java.base/share/classes/java/security/SecureClassLoader.java
! src/java.base/share/classes/jdk/internal/loader/BuiltinClassLoader.java
! src/java.base/share/classes/jdk/internal/loader/ClassLoaders.java
! src/java.base/share/native/include/jvm.h
- src/java.base/share/native/libjava/StackFrameInfo.c
+ src/java.base/share/native/libjava/StackTraceElement.c
! src/java.base/share/native/libjava/Throwable.c
! test/java/lang/StackTraceElement/PublicConstructor.java
! test/java/lang/StackTraceElement/SerialTest.java
! test/java/lang/management/CompositeData/ThreadInfoCompositeData.java

hg: jigsaw/jake/nashorn: Add module javadoc to nashorn modules to workaround build error

[mandy . chung]

Changeset: 2c70a0485b7c
Author:mchung
Date:  2016-11-07 15:21 -0800
URL:   http://hg.openjdk.java.net/jigsaw/jake/nashorn/rev/2c70a0485b7c

Add module javadoc to nashorn modules to workaround build error

! src/jdk.dynalink/share/classes/module-info.java
! src/jdk.scripting.nashorn.shell/share/classes/module-info.java
! src/jdk.scripting.nashorn/share/classes/module-info.java

hg: jigsaw/jake/langtools: 16 new changesets

[mandy . chung]

Changeset: f7187b5fe9e2
Author:rfield
Date:  2016-10-24 19:59 -0700
URL:   http://hg.openjdk.java.net/jigsaw/jake/langtools/rev/f7187b5fe9e2

8166649: jshell tool: missing --add-modules and --module-path
8167462: jshell tool: /help /reload is wrong about re-executing commands
Reviewed-by: jlahoda

! src/jdk.jshell/share/classes/jdk/internal/jshell/tool/JShellTool.java
! 
src/jdk.jshell/share/classes/jdk/internal/jshell/tool/resources/l10n.properties
! test/jdk/jshell/ToolBasicTest.java

Changeset: 32444e1ad88a
Author:tbell
Date:  2016-10-25 08:39 -0700
URL:   http://hg.openjdk.java.net/jigsaw/jake/langtools/rev/32444e1ad88a

8168369: fix for langtools intermittent failures needs to check PRODUCT_HOME
Reviewed-by: erikj

! test/Makefile

Changeset: 18d9a9e14262
Author:sadayapalam
Date:  2016-10-26 11:22 +0530
URL:   http://hg.openjdk.java.net/jigsaw/jake/langtools/rev/18d9a9e14262

8166367: Missing ExceptionTable attribute in anonymous class constructors
Reviewed-by: vromero

! src/jdk.compiler/share/classes/com/sun/tools/javac/comp/Flow.java
+ test/tools/javac/AnonymousClass/AnonymousCtorExceptionTest.java

Changeset: a94763e89674
Author:mcimadamore
Date:  2016-10-26 12:27 +0100
URL:   http://hg.openjdk.java.net/jigsaw/jake/langtools/rev/a94763e89674

8168134: Inference: javac incorrectly propagating inner constraint with 
primitive target
Summary: Check for propagation doesn't take into account primitive type 
constraints
Reviewed-by: vromero

! src/jdk.compiler/share/classes/com/sun/tools/javac/comp/Infer.java
+ test/tools/javac/generics/inference/8168134/T8168134.java

Changeset: 6a79477df95d
Author:mcimadamore
Date:  2016-10-26 15:41 +0100
URL:   http://hg.openjdk.java.net/jigsaw/jake/langtools/rev/6a79477df95d

8168774: Polymorhic signature method check crashes javac
Summary: Check for polysig method assumes arity is greater than zero
Reviewed-by: vromero

! src/jdk.compiler/share/classes/com/sun/tools/javac/code/Types.java
+ test/tools/javac/meth/BadPolySig.java

Changeset: edad5f2365b6
Author:lana
Date:  2016-10-27 21:22 +
URL:   http://hg.openjdk.java.net/jigsaw/jake/langtools/rev/edad5f2365b6

Merge


Changeset: 6bb6785c2329
Author:rfield
Date:  2016-10-27 17:11 -0700
URL:   http://hg.openjdk.java.net/jigsaw/jake/langtools/rev/6bb6785c2329

8167643: JShell: silently ignore access modifiers (as semantically irrelevant)
Reviewed-by: jlahoda

! 
src/jdk.jshell/share/classes/jdk/internal/jshell/tool/resources/l10n.properties
! src/jdk.jshell/share/classes/jdk/jshell/Eval.java
! test/jdk/jshell/ClassesTest.java
! test/jdk/jshell/ErrorTranslationTest.java
! test/jdk/jshell/IgnoreTest.java
! test/jdk/jshell/KullaTesting.java
! test/jdk/jshell/MethodsTest.java
! test/jdk/jshell/ModifiersTest.java
! test/jdk/jshell/ToolBasicTest.java

Changeset: e0798bbe23da
Author:alanb
Date:  2016-10-28 10:17 +0100
URL:   http://hg.openjdk.java.net/jigsaw/jake/langtools/rev/e0798bbe23da

8168789: ModuleReader.list and ModuleFinder.of update
Reviewed-by: mchung

! src/jdk.jdeps/share/classes/com/sun/tools/jdeps/JdepsConfiguration.java

Changeset: 117bd6e52035
Author:mchung
Date:  2016-10-31 18:06 -0700
URL:   http://hg.openjdk.java.net/jigsaw/jake/langtools/rev/117bd6e52035

8167057: jdeps option to list modules and internal APIs for @modules for test 
dev
Reviewed-by: dfuchs

! src/jdk.jdeps/share/classes/com/sun/tools/jdeps/DepsAnalyzer.java
! src/jdk.jdeps/share/classes/com/sun/tools/jdeps/JdepsFilter.java
! src/jdk.jdeps/share/classes/com/sun/tools/jdeps/JdepsTask.java
! src/jdk.jdeps/share/classes/com/sun/tools/jdeps/JdepsWriter.java
! src/jdk.jdeps/share/classes/com/sun/tools/jdeps/Module.java
! src/jdk.jdeps/share/classes/com/sun/tools/jdeps/ModuleAnalyzer.java
+ src/jdk.jdeps/share/classes/com/sun/tools/jdeps/ModuleExportsAnalyzer.java
+ src/jdk.jdeps/share/classes/com/sun/tools/jdeps/ModuleGraphBuilder.java
! src/jdk.jdeps/share/classes/com/sun/tools/jdeps/resources/jdeps.properties
! test/tools/jdeps/lib/JdepsRunner.java
+ test/tools/jdeps/listdeps/ListModuleDeps.java
+ test/tools/jdeps/listdeps/src/lib/Lib.java
+ test/tools/jdeps/listdeps/src/z/Bar.java
+ test/tools/jdeps/listdeps/src/z/Foo.java
+ test/tools/jdeps/listdeps/src/z/UseUnsafe.java

Changeset: 11ab0f581f11
Author:vromero
Date:  2016-11-01 10:14 -0400
URL:   http://hg.openjdk.java.net/jigsaw/jake/langtools/rev/11ab0f581f11

8132562: javac fails with CLASSPATH with double-quotes as an environment 
variable
Reviewed-by: jjg

! src/jdk.compiler/share/classes/com/sun/tools/javac/file/Locations.java
+ test/tools/javac/T8132562/ClassPathWithDoubleQuotesTest.java

Changeset: 85a8bfb00296
Author:vromero
Date:  2016-11-01 10:51 -0400
URL:   http://hg.openjdk.java.net/jigsaw/jake/langtools/rev/85a8bfb00296

8167431: javac takes too long time to resolve interface dependency
Reviewed-by: mcimadamore

! src/jdk.compiler/share/cla

hg: jigsaw/jake/jdk: Add qualified opens from java.desktop to jconsole

[mandy . chung]

Changeset: 7c9c0659c6e0
Author:mchung
Date:  2016-11-07 13:37 -0800
URL:   http://hg.openjdk.java.net/jigsaw/jake/jdk/rev/7c9c0659c6e0

Add qualified opens from java.desktop to jconsole

! make/launcher/Launcher-jdk.jconsole.gmk
! src/java.desktop/share/classes/module-info.java

hg: jigsaw/jake/jdk: 2 new changesets

[mandy . chung]

Changeset: 133257f8d51f
Author:redestad
Date:  2016-11-07 00:34 +0100
URL:   http://hg.openjdk.java.net/jigsaw/jake/jdk/rev/133257f8d51f

Update SystemModuleDescriptorPlugin to emit provider lists as List.of()
Reviewed-by: mchung, alanb

! src/java.base/share/classes/jdk/internal/module/Builder.java
! 
src/jdk.jlink/share/classes/jdk/tools/jlink/internal/plugins/SystemModuleDescriptorPlugin.java
! test/tools/jlink/plugins/SystemModuleDescriptors/SystemModulesTest.java

Changeset: 78172067c785
Author:mchung
Date:  2016-11-07 11:39 -0800
URL:   http://hg.openjdk.java.net/jigsaw/jake/jdk/rev/78172067c785

Minor cleanup

! 
src/jdk.jlink/share/classes/jdk/tools/jlink/internal/plugins/SystemModuleDescriptorPlugin.java

Re: RFR: JDK-8155756 - Better context for some jlink exceptions

[Mandy Chung]

> On Nov 7, 2016, at 9:43 AM, Jim Laskey (Oracle)  
> wrote:
> 
> Only 2 of 3 examples still present.
> 
> http://cr.openjdk.java.net/~jlaskey/8155756/webrev/index.html 

Looks okay to me.

Mandy

RFR: JDK-8155756 - Better context for some jlink exceptions

[Jim Laskey (Oracle)]

Only 2 of 3 examples still present.

http://cr.openjdk.java.net/~jlaskey/8155756/webrev/index.html 

https://bugs.openjdk.java.net/browse/JDK-8155756 

Re: RFR: 8159393 - jlink should print a warning that a signed modular JAR will be treated as unsigned

[Mandy Chung]

> On Nov 7, 2016, at 5:48 AM, Jim Laskey (Oracle)  
> wrote:
> 
> http://cr.openjdk.java.net/~jlaskey/8159393/webrev/index.html

I notice that this webrev has been updated with the new 
-—ignore-signing-information option, which is fine.

The following creates the image with IGNORE_SIGNING_DEFAULT confused me 
initially.  Is the createImage method calling these lines still needed?  

 256 ImageProvider imageProvider = createImageProvider(finder,
 257   config.getModules(),
 258   config.getLimitmods(),
 259   config.getByteOrder(),
 260   null,
 261   IGNORE_SIGNING_DEFAULT);


 507 
System.err.println(taskHelper.getMessage("warn.signing", path));

It’d be good to include “Warning: “ prefix in the warning message.  Perhaps add 
a new warn method for future use.

test/tools/jlink/JLinkSigningTest.java
   Nit: it’d be good to keep @modules sorted.

This test can use java.util.spi.ToolProvider instead of using the internal APIs 
to invoke javac, jlink etc.  See test/tools/jlink/basic/BasicTest.java.

Mandy 

Re: RFR: 8159393 - jlink should print a warning that a signed modular JAR will be treated as unsigned

[Sean Mullan]

On 11/7/16 11:21 AM, Sundararajan Athijegannathan wrote:

Looks good to me.

PS. jmods, jars are not modified by jlink. Only a new image directory is
generated. So, strip-signing-info confusion is unlikely.


I still find it confusing. If I saw that option, I would hesitate to use 
it until I was sure it would not strip the signature from my JAR file. 
Best to rename it to avoid confusion.


--Sean



-Sundar


On 11/7/2016 9:36 PM, Sean Mullan wrote:

On 11/7/16 9:13 AM, Jim Laskey (Oracle) wrote:

The bug https://bugs.openjdk.java.net/browse/JDK-8159393
 is really about
warning developers that their image does not support signing.  If
they are okay with that then they can override with
--strip-signing-information.


I find the option name --strip-signing-information a little bit
confusing. To me this implies jlink might remove the signature
information from the original signed modular JAR, which is not what
you are doing, correct? Why not call it "--ignore-signing-information"?

--Sean



— Jim




On Nov 7, 2016, at 10:11 AM, Jim Laskey (Oracle)
 wrote:

The security entries are (have been) ignored when building the
image.  At some future date (post-9), we need to decide how to sign
an image.

— Jim



On Nov 7, 2016, at 10:06 AM, Wang Weijun 
wrote:

The code block below checking if a jar file was signed is
correct.

There is one thing I don't understand, the
--strip-signing-information option. It looks like you will remove
the signature-related files if this option is set. But, where are
they stripped?

Thanks Max

On 11/7/2016 9:48 PM, Jim Laskey (Oracle) wrote:

Apologies for the poor links earlier.

http://cr.openjdk.java.net/~jlaskey/8159393/webrev/index.html
https://bugs.openjdk.java.net/browse/JDK-8159393



On Nov 7, 2016, at 9:26 AM, Jim Laskey (Oracle)
 wrote:

Revising to

String name = entry.name().toUpperCase(Locale.ENGLISH);

return name.startsWith("META-INF/") && name.indexOf('/', 9)
== -1 && ( name.endsWith(".SF") || name.endsWith(".DSA") ||
name.endsWith(".RSA") || name.endsWith(".EC") ||
name.startsWith("META-INF/SIG-") );



On Nov 7, 2016, at 9:17 AM, Jim Laskey (Oracle)
 wrote:

Right.  From SignatureFileVerifier.java


/** * Utility method used by JarVerifier and JarSigner * to
determine the signature file names and PKCS7 block * files
names that are supported * * @param s file name * @return
true if the input file name is a supported *
Signature File or PKCS7 block file name */ public static
boolean isBlockOrSF(String s) { // we currently only
support DSA and RSA PKCS7 blocks return s.endsWith(".SF")
|| s.endsWith(".DSA") || s.endsWith(".RSA") ||
s.endsWith(".EC"); }

/** * Yet another utility method used by JarVerifier and
JarSigner * to determine what files are signature related,
which includes * the MANIFEST, SF files, known signature
block files, and other * unknown signature related files
(those starting with SIG- with * an optional [A-Z0-9]{1,3}
extension right inside META-INF). * * @param name file
name * @return true if the input file name is signature
related */ public static boolean isSigningRelated(String
name) { name = name.toUpperCase(Locale.ENGLISH); if
(!name.startsWith("META-INF/")) { return false; } name =
name.substring(9); if (name.indexOf('/') != -1) { return
false; } if (isBlockOrSF(name) ||
name.equals("MANIFEST.MF")) { return true; } else if
(name.startsWith("SIG-")) { // check filename extension //
see
http://docs.oracle.com/javase/7/docs/technotes/guides/jar/jar.html#Digital_Signatures




// for what filename extensions are legal

int extIndex = name.lastIndexOf('.'); if (extIndex != -1)
{ String ext = name.substring(extIndex + 1); // validate
length first if (ext.length() > 3 || ext.length() < 1) {
return false; } // then check chars, must be in [a-zA-Z0-9]
per the jar spec for (int index = 0; index < ext.length();
index++) { char cc = ext.charAt(index); // chars are
promoted to uppercase so skip lowercase checks if ((cc <
'A' || cc > 'Z') && (cc < '0' || cc > '9')) { return
false; } } } return true; // no extension is OK } return
false; }






On Nov 7, 2016, at 9:16 AM, Alan Bateman
 wrote:

On 07/11/2016 13:09, Jim Laskey (Oracle) wrote:


Thank you.  Regarding SIG- I was just followed the
spec.


I hope Sean or Max can jump in on this, the other
question is .EC as I believe the JDK allows this when
signing too.

-Alan

Re: RFR: 8159393 - jlink should print a warning that a signed modular JAR will be treated as unsigned

[Sundararajan Athijegannathan]

Looks good to me.

PS. jmods, jars are not modified by jlink. Only a new image directory is
generated. So, strip-signing-info confusion is unlikely.

-Sundar


On 11/7/2016 9:36 PM, Sean Mullan wrote:
> On 11/7/16 9:13 AM, Jim Laskey (Oracle) wrote:
>> The bug https://bugs.openjdk.java.net/browse/JDK-8159393
>>  is really about
>> warning developers that their image does not support signing.  If
>> they are okay with that then they can override with
>> --strip-signing-information.
>
> I find the option name --strip-signing-information a little bit
> confusing. To me this implies jlink might remove the signature
> information from the original signed modular JAR, which is not what
> you are doing, correct? Why not call it "--ignore-signing-information"?
>
> --Sean
>
>>
>> — Jim
>>
>>
>>
>>> On Nov 7, 2016, at 10:11 AM, Jim Laskey (Oracle)
>>>  wrote:
>>>
>>> The security entries are (have been) ignored when building the
>>> image.  At some future date (post-9), we need to decide how to sign
>>> an image.
>>>
>>> — Jim
>>>
>>>
 On Nov 7, 2016, at 10:06 AM, Wang Weijun 
 wrote:

 The code block below checking if a jar file was signed is
 correct.

 There is one thing I don't understand, the
 --strip-signing-information option. It looks like you will remove
 the signature-related files if this option is set. But, where are
 they stripped?

 Thanks Max

 On 11/7/2016 9:48 PM, Jim Laskey (Oracle) wrote:
> Apologies for the poor links earlier.
>
> http://cr.openjdk.java.net/~jlaskey/8159393/webrev/index.html
> https://bugs.openjdk.java.net/browse/JDK-8159393
>
>
>> On Nov 7, 2016, at 9:26 AM, Jim Laskey (Oracle)
>>  wrote:
>>
>> Revising to
>>
>> String name = entry.name().toUpperCase(Locale.ENGLISH);
>>
>> return name.startsWith("META-INF/") && name.indexOf('/', 9)
>> == -1 && ( name.endsWith(".SF") || name.endsWith(".DSA") ||
>> name.endsWith(".RSA") || name.endsWith(".EC") ||
>> name.startsWith("META-INF/SIG-") );
>>
>>
>>> On Nov 7, 2016, at 9:17 AM, Jim Laskey (Oracle)
>>>  wrote:
>>>
>>> Right.  From SignatureFileVerifier.java
>>>
>>>
>>> /** * Utility method used by JarVerifier and JarSigner * to
>>> determine the signature file names and PKCS7 block * files
>>> names that are supported * * @param s file name * @return
>>> true if the input file name is a supported *
>>> Signature File or PKCS7 block file name */ public static
>>> boolean isBlockOrSF(String s) { // we currently only
>>> support DSA and RSA PKCS7 blocks return s.endsWith(".SF")
>>> || s.endsWith(".DSA") || s.endsWith(".RSA") ||
>>> s.endsWith(".EC"); }
>>>
>>> /** * Yet another utility method used by JarVerifier and
>>> JarSigner * to determine what files are signature related,
>>> which includes * the MANIFEST, SF files, known signature
>>> block files, and other * unknown signature related files
>>> (those starting with SIG- with * an optional [A-Z0-9]{1,3}
>>> extension right inside META-INF). * * @param name file
>>> name * @return true if the input file name is signature
>>> related */ public static boolean isSigningRelated(String
>>> name) { name = name.toUpperCase(Locale.ENGLISH); if
>>> (!name.startsWith("META-INF/")) { return false; } name =
>>> name.substring(9); if (name.indexOf('/') != -1) { return
>>> false; } if (isBlockOrSF(name) ||
>>> name.equals("MANIFEST.MF")) { return true; } else if
>>> (name.startsWith("SIG-")) { // check filename extension //
>>> see
>>> http://docs.oracle.com/javase/7/docs/technotes/guides/jar/jar.html#Digital_Signatures
>>>
>>>
>>>
> // for what filename extensions are legal
>>> int extIndex = name.lastIndexOf('.'); if (extIndex != -1)
>>> { String ext = name.substring(extIndex + 1); // validate
>>> length first if (ext.length() > 3 || ext.length() < 1) {
>>> return false; } // then check chars, must be in [a-zA-Z0-9]
>>> per the jar spec for (int index = 0; index < ext.length();
>>> index++) { char cc = ext.charAt(index); // chars are
>>> promoted to uppercase so skip lowercase checks if ((cc <
>>> 'A' || cc > 'Z') && (cc < '0' || cc > '9')) { return
>>> false; } } } return true; // no extension is OK } return
>>> false; }
>>>
>>>
>>>
>>>
>>>
 On Nov 7, 2016, at 9:16 AM, Alan Bateman
  wrote:

 On 07/11/2016 13:09, Jim Laskey (Oracle) wrote:

> Thank you.  Regarding SIG- I was just followed the
> spec.
>
 I hope Sean or Max can jump in on this, the other
 question is .EC as I believe the JDK allows this when
 signing too.

 -Alan
>>>
>>
>
>>>
>>

Re: RFR: 8159393 - jlink should print a warning that a signed modular JAR will be treated as unsigned

[Jim Laskey (Oracle)]

Suits me.


> On Nov 7, 2016, at 12:06 PM, Sean Mullan  wrote:
> 
> On 11/7/16 9:13 AM, Jim Laskey (Oracle) wrote:
>> The bug https://bugs.openjdk.java.net/browse/JDK-8159393
>>  is really about
>> warning developers that their image does not support signing.  If
>> they are okay with that then they can override with
>> --strip-signing-information.
> 
> I find the option name --strip-signing-information a little bit confusing. To 
> me this implies jlink might remove the signature information from the 
> original signed modular JAR, which is not what you are doing, correct? Why 
> not call it "--ignore-signing-information"?
> 
> --Sean
> 
>> 
>> — Jim
>> 
>> 
>> 
>>> On Nov 7, 2016, at 10:11 AM, Jim Laskey (Oracle)
>>>  wrote:
>>> 
>>> The security entries are (have been) ignored when building the
>>> image.  At some future date (post-9), we need to decide how to sign
>>> an image.
>>> 
>>> — Jim
>>> 
>>> 
 On Nov 7, 2016, at 10:06 AM, Wang Weijun 
 wrote:
 
 The code block below checking if a jar file was signed is
 correct.
 
 There is one thing I don't understand, the
 --strip-signing-information option. It looks like you will remove
 the signature-related files if this option is set. But, where are
 they stripped?
 
 Thanks Max
 
 On 11/7/2016 9:48 PM, Jim Laskey (Oracle) wrote:
> Apologies for the poor links earlier.
> 
> http://cr.openjdk.java.net/~jlaskey/8159393/webrev/index.html
> https://bugs.openjdk.java.net/browse/JDK-8159393
> 
> 
>> On Nov 7, 2016, at 9:26 AM, Jim Laskey (Oracle)
>>  wrote:
>> 
>> Revising to
>> 
>> String name = entry.name().toUpperCase(Locale.ENGLISH);
>> 
>> return name.startsWith("META-INF/") && name.indexOf('/', 9)
>> == -1 && ( name.endsWith(".SF") || name.endsWith(".DSA") ||
>> name.endsWith(".RSA") || name.endsWith(".EC") ||
>> name.startsWith("META-INF/SIG-") );
>> 
>> 
>>> On Nov 7, 2016, at 9:17 AM, Jim Laskey (Oracle)
>>>  wrote:
>>> 
>>> Right.  From SignatureFileVerifier.java
>>> 
>>> 
>>> /** * Utility method used by JarVerifier and JarSigner * to
>>> determine the signature file names and PKCS7 block * files
>>> names that are supported * * @param s file name * @return
>>> true if the input file name is a supported *
>>> Signature File or PKCS7 block file name */ public static
>>> boolean isBlockOrSF(String s) { // we currently only
>>> support DSA and RSA PKCS7 blocks return s.endsWith(".SF")
>>> || s.endsWith(".DSA") || s.endsWith(".RSA") ||
>>> s.endsWith(".EC"); }
>>> 
>>> /** * Yet another utility method used by JarVerifier and
>>> JarSigner * to determine what files are signature related,
>>> which includes * the MANIFEST, SF files, known signature
>>> block files, and other * unknown signature related files
>>> (those starting with SIG- with * an optional [A-Z0-9]{1,3}
>>> extension right inside META-INF). * * @param name file
>>> name * @return true if the input file name is signature
>>> related */ public static boolean isSigningRelated(String
>>> name) { name = name.toUpperCase(Locale.ENGLISH); if
>>> (!name.startsWith("META-INF/")) { return false; } name =
>>> name.substring(9); if (name.indexOf('/') != -1) { return
>>> false; } if (isBlockOrSF(name) ||
>>> name.equals("MANIFEST.MF")) { return true; } else if
>>> (name.startsWith("SIG-")) { // check filename extension //
>>> see
>>> http://docs.oracle.com/javase/7/docs/technotes/guides/jar/jar.html#Digital_Signatures
>>> 
>>> 
> // for what filename extensions are legal
>>> int extIndex = name.lastIndexOf('.'); if (extIndex != -1)
>>> { String ext = name.substring(extIndex + 1); // validate
>>> length first if (ext.length() > 3 || ext.length() < 1) {
>>> return false; } // then check chars, must be in [a-zA-Z0-9]
>>> per the jar spec for (int index = 0; index < ext.length();
>>> index++) { char cc = ext.charAt(index); // chars are
>>> promoted to uppercase so skip lowercase checks if ((cc <
>>> 'A' || cc > 'Z') && (cc < '0' || cc > '9')) { return
>>> false; } } } return true; // no extension is OK } return
>>> false; }
>>> 
>>> 
>>> 
>>> 
>>> 
 On Nov 7, 2016, at 9:16 AM, Alan Bateman
  wrote:
 
 On 07/11/2016 13:09, Jim Laskey (Oracle) wrote:
 
> Thank you.  Regarding SIG- I was just followed the
> spec.
> 
 I hope Sean or Max can jump in on this, the other
 question is .EC as I believe the JDK allows this when
 signing too.
 
 -Alan
>>> 
>> 
> 
>>> 
>> 

Re: RFR: 8159393 - jlink should print a warning that a signed modular JAR will be treated as unsigned

[Sean Mullan]

On 11/7/16 9:13 AM, Jim Laskey (Oracle) wrote:

The bug https://bugs.openjdk.java.net/browse/JDK-8159393
 is really about
warning developers that their image does not support signing.  If
they are okay with that then they can override with
--strip-signing-information.


I find the option name --strip-signing-information a little bit 
confusing. To me this implies jlink might remove the signature 
information from the original signed modular JAR, which is not what you 
are doing, correct? Why not call it "--ignore-signing-information"?


--Sean



— Jim




On Nov 7, 2016, at 10:11 AM, Jim Laskey (Oracle)
 wrote:

The security entries are (have been) ignored when building the
image.  At some future date (post-9), we need to decide how to sign
an image.

— Jim



On Nov 7, 2016, at 10:06 AM, Wang Weijun 
wrote:

The code block below checking if a jar file was signed is
correct.

There is one thing I don't understand, the
--strip-signing-information option. It looks like you will remove
the signature-related files if this option is set. But, where are
they stripped?

Thanks Max

On 11/7/2016 9:48 PM, Jim Laskey (Oracle) wrote:

Apologies for the poor links earlier.

http://cr.openjdk.java.net/~jlaskey/8159393/webrev/index.html
https://bugs.openjdk.java.net/browse/JDK-8159393



On Nov 7, 2016, at 9:26 AM, Jim Laskey (Oracle)
 wrote:

Revising to

String name = entry.name().toUpperCase(Locale.ENGLISH);

return name.startsWith("META-INF/") && name.indexOf('/', 9)
== -1 && ( name.endsWith(".SF") || name.endsWith(".DSA") ||
name.endsWith(".RSA") || name.endsWith(".EC") ||
name.startsWith("META-INF/SIG-") );



On Nov 7, 2016, at 9:17 AM, Jim Laskey (Oracle)
 wrote:

Right.  From SignatureFileVerifier.java


/** * Utility method used by JarVerifier and JarSigner * to
determine the signature file names and PKCS7 block * files
names that are supported * * @param s file name * @return
true if the input file name is a supported *
Signature File or PKCS7 block file name */ public static
boolean isBlockOrSF(String s) { // we currently only
support DSA and RSA PKCS7 blocks return s.endsWith(".SF")
|| s.endsWith(".DSA") || s.endsWith(".RSA") ||
s.endsWith(".EC"); }

/** * Yet another utility method used by JarVerifier and
JarSigner * to determine what files are signature related,
which includes * the MANIFEST, SF files, known signature
block files, and other * unknown signature related files
(those starting with SIG- with * an optional [A-Z0-9]{1,3}
extension right inside META-INF). * * @param name file
name * @return true if the input file name is signature
related */ public static boolean isSigningRelated(String
name) { name = name.toUpperCase(Locale.ENGLISH); if
(!name.startsWith("META-INF/")) { return false; } name =
name.substring(9); if (name.indexOf('/') != -1) { return
false; } if (isBlockOrSF(name) ||
name.equals("MANIFEST.MF")) { return true; } else if
(name.startsWith("SIG-")) { // check filename extension //
see
http://docs.oracle.com/javase/7/docs/technotes/guides/jar/jar.html#Digital_Signatures



// for what filename extensions are legal

int extIndex = name.lastIndexOf('.'); if (extIndex != -1)
{ String ext = name.substring(extIndex + 1); // validate
length first if (ext.length() > 3 || ext.length() < 1) {
return false; } // then check chars, must be in [a-zA-Z0-9]
per the jar spec for (int index = 0; index < ext.length();
index++) { char cc = ext.charAt(index); // chars are
promoted to uppercase so skip lowercase checks if ((cc <
'A' || cc > 'Z') && (cc < '0' || cc > '9')) { return
false; } } } return true; // no extension is OK } return
false; }






On Nov 7, 2016, at 9:16 AM, Alan Bateman
 wrote:

On 07/11/2016 13:09, Jim Laskey (Oracle) wrote:


Thank you.  Regarding SIG- I was just followed the
spec.


I hope Sean or Max can jump in on this, the other
question is .EC as I believe the JDK allows this when
signing too.

-Alan

Re: RFR: 8159393 - jlink should print a warning that a signed modular JAR will be treated as unsigned

[Jim Laskey (Oracle)]

It’s the lack of inclusion as oppose to exclusion.

> On Nov 7, 2016, at 10:33 AM, Wang Weijun  wrote:
> 
> Great. I asked the question because you will need the exact same check to 
> determine what files should be ignored and I thought they should appear in 
> the same webrev. If it's already done somewhere else please make sure it is 
> the same. 
> 
> Thanks
> Max
> 
>> 在 2016年11月7日，22:11，Jim Laskey (Oracle)  写道：
>> 
>> The security entries are (have been) ignored when building the image.  At 
>> some future date (post-9), we need to decide how to sign an image.
>> 
>> — Jim
>> 
>> 
>>> On Nov 7, 2016, at 10:06 AM, Wang Weijun  wrote:
>>> 
>>> The code block below checking if a jar file was signed is correct.
>>> 
>>> There is one thing I don't understand, the --strip-signing-information 
>>> option. It looks like you will remove the signature-related files if this 
>>> option is set. But, where are they stripped?
>>> 
>>> Thanks
>>> Max
>>> 
 On 11/7/2016 9:48 PM, Jim Laskey (Oracle) wrote:
 Apologies for the poor links earlier.
 
 http://cr.openjdk.java.net/~jlaskey/8159393/webrev/index.html
 https://bugs.openjdk.java.net/browse/JDK-8159393
 
 
> On Nov 7, 2016, at 9:26 AM, Jim Laskey (Oracle)  
> wrote:
> 
> Revising to
> 
> String name = entry.name().toUpperCase(Locale.ENGLISH);
> 
> return name.startsWith("META-INF/") && name.indexOf('/', 
> 9) == -1 && (
> name.endsWith(".SF") ||
> name.endsWith(".DSA") ||
> name.endsWith(".RSA") ||
> name.endsWith(".EC") ||
> name.startsWith("META-INF/SIG-")
> );
> 
> 
>> On Nov 7, 2016, at 9:17 AM, Jim Laskey (Oracle) 
>>  wrote:
>> 
>> Right.  From SignatureFileVerifier.java
>> 
>> 
>> /**
>> * Utility method used by JarVerifier and JarSigner
>> * to determine the signature file names and PKCS7 block
>> * files names that are supported
>> *
>> * @param s file name
>> * @return true if the input file name is a supported
>> *  Signature File or PKCS7 block file name
>> */
>> public static boolean isBlockOrSF(String s) {
>>// we currently only support DSA and RSA PKCS7 blocks
>>return s.endsWith(".SF")
>>|| s.endsWith(".DSA")
>>|| s.endsWith(".RSA")
>>|| s.endsWith(".EC");
>> }
>> 
>> /**
>> * Yet another utility method used by JarVerifier and JarSigner
>> * to determine what files are signature related, which includes
>> * the MANIFEST, SF files, known signature block files, and other
>> * unknown signature related files (those starting with SIG- with
>> * an optional [A-Z0-9]{1,3} extension right inside META-INF).
>> *
>> * @param name file name
>> * @return true if the input file name is signature related
>> */
>> public static boolean isSigningRelated(String name) {
>>name = name.toUpperCase(Locale.ENGLISH);
>>if (!name.startsWith("META-INF/")) {
>>return false;
>>}
>>name = name.substring(9);
>>if (name.indexOf('/') != -1) {
>>return false;
>>}
>>if (isBlockOrSF(name) || name.equals("MANIFEST.MF")) {
>>return true;
>>} else if (name.startsWith("SIG-")) {
>>// check filename extension
>>// see 
>> http://docs.oracle.com/javase/7/docs/technotes/guides/jar/jar.html#Digital_Signatures
>>// for what filename extensions are legal
>>int extIndex = name.lastIndexOf('.');
>>if (extIndex != -1) {
>>String ext = name.substring(extIndex + 1);
>>// validate length first
>>if (ext.length() > 3 || ext.length() < 1) {
>>return false;
>>}
>>// then check chars, must be in [a-zA-Z0-9] per the jar spec
>>for (int index = 0; index < ext.length(); index++) {
>>char cc = ext.charAt(index);
>>// chars are promoted to uppercase so skip lowercase 
>> checks
>>if ((cc < 'A' || cc > 'Z') && (cc < '0' || cc > '9')) {
>>return false;
>>}
>>}
>>}
>>return true; // no extension is OK
>>}
>>return false;
>> }
>> 
>> 
>> 
>> 
>> 
>>> On Nov 7, 2016, at 9:16 AM, Alan Bateman  
>>> wrote:
>>> 
>>> On 07/11/2016 13:09, Jim Laskey (Oracle) wrote:
>>> 
 Thank you.  Regarding SIG- I was just followed the spec.
 
>>> I hope Sean or Max can jump in on this, the other question is .EC as I 
>>> believe the JDK allows this when signing too.

Re: RFR: 8159393 - jlink should print a warning that a signed modular JAR will be treated as unsigned

[Wang Weijun]

Great. I asked the question because you will need the exact same check to 
determine what files should be ignored and I thought they should appear in the 
same webrev. If it's already done somewhere else please make sure it is the 
same. 

Thanks
Max

> 在 2016年11月7日，22:11，Jim Laskey (Oracle)  写道：
> 
> The security entries are (have been) ignored when building the image.  At 
> some future date (post-9), we need to decide how to sign an image.
> 
> — Jim
> 
> 
>> On Nov 7, 2016, at 10:06 AM, Wang Weijun  wrote:
>> 
>> The code block below checking if a jar file was signed is correct.
>> 
>> There is one thing I don't understand, the --strip-signing-information 
>> option. It looks like you will remove the signature-related files if this 
>> option is set. But, where are they stripped?
>> 
>> Thanks
>> Max
>> 
>>> On 11/7/2016 9:48 PM, Jim Laskey (Oracle) wrote:
>>> Apologies for the poor links earlier.
>>> 
>>> http://cr.openjdk.java.net/~jlaskey/8159393/webrev/index.html
>>> https://bugs.openjdk.java.net/browse/JDK-8159393
>>> 
>>> 
 On Nov 7, 2016, at 9:26 AM, Jim Laskey (Oracle)  
 wrote:
 
 Revising to
 
  String name = entry.name().toUpperCase(Locale.ENGLISH);
 
  return name.startsWith("META-INF/") && name.indexOf('/', 
 9) == -1 && (
  name.endsWith(".SF") ||
  name.endsWith(".DSA") ||
  name.endsWith(".RSA") ||
  name.endsWith(".EC") ||
  name.startsWith("META-INF/SIG-")
  );
 
 
> On Nov 7, 2016, at 9:17 AM, Jim Laskey (Oracle)  
> wrote:
> 
> Right.  From SignatureFileVerifier.java
> 
> 
> /**
>  * Utility method used by JarVerifier and JarSigner
>  * to determine the signature file names and PKCS7 block
>  * files names that are supported
>  *
>  * @param s file name
>  * @return true if the input file name is a supported
>  *  Signature File or PKCS7 block file name
>  */
> public static boolean isBlockOrSF(String s) {
> // we currently only support DSA and RSA PKCS7 blocks
> return s.endsWith(".SF")
> || s.endsWith(".DSA")
> || s.endsWith(".RSA")
> || s.endsWith(".EC");
> }
> 
> /**
>  * Yet another utility method used by JarVerifier and JarSigner
>  * to determine what files are signature related, which includes
>  * the MANIFEST, SF files, known signature block files, and other
>  * unknown signature related files (those starting with SIG- with
>  * an optional [A-Z0-9]{1,3} extension right inside META-INF).
>  *
>  * @param name file name
>  * @return true if the input file name is signature related
>  */
> public static boolean isSigningRelated(String name) {
> name = name.toUpperCase(Locale.ENGLISH);
> if (!name.startsWith("META-INF/")) {
> return false;
> }
> name = name.substring(9);
> if (name.indexOf('/') != -1) {
> return false;
> }
> if (isBlockOrSF(name) || name.equals("MANIFEST.MF")) {
> return true;
> } else if (name.startsWith("SIG-")) {
> // check filename extension
> // see 
> http://docs.oracle.com/javase/7/docs/technotes/guides/jar/jar.html#Digital_Signatures
> // for what filename extensions are legal
> int extIndex = name.lastIndexOf('.');
> if (extIndex != -1) {
> String ext = name.substring(extIndex + 1);
> // validate length first
> if (ext.length() > 3 || ext.length() < 1) {
> return false;
> }
> // then check chars, must be in [a-zA-Z0-9] per the jar spec
> for (int index = 0; index < ext.length(); index++) {
> char cc = ext.charAt(index);
> // chars are promoted to uppercase so skip lowercase 
> checks
> if ((cc < 'A' || cc > 'Z') && (cc < '0' || cc > '9')) {
> return false;
> }
> }
> }
> return true; // no extension is OK
> }
> return false;
> }
> 
> 
> 
> 
> 
>> On Nov 7, 2016, at 9:16 AM, Alan Bateman  wrote:
>> 
>> On 07/11/2016 13:09, Jim Laskey (Oracle) wrote:
>> 
>>> Thank you.  Regarding SIG- I was just followed the spec.
>>> 
>> I hope Sean or Max can jump in on this, the other question is .EC as I 
>> believe the JDK allows this when signing too.
>> 
>> -Alan
> 
 
>>> 
> 

Re: RFR: 8159393 - jlink should print a warning that a signed modular JAR will be treated as unsigned

[Wang Weijun]

The code block below checking if a jar file was signed is correct.

There is one thing I don't understand, the --strip-signing-information 
option. It looks like you will remove the signature-related files if 
this option is set. But, where are they stripped?


Thanks
Max

On 11/7/2016 9:48 PM, Jim Laskey (Oracle) wrote:

Apologies for the poor links earlier.

http://cr.openjdk.java.net/~jlaskey/8159393/webrev/index.html
https://bugs.openjdk.java.net/browse/JDK-8159393



On Nov 7, 2016, at 9:26 AM, Jim Laskey (Oracle)  wrote:

Revising to

   String name = entry.name().toUpperCase(Locale.ENGLISH);

   return name.startsWith("META-INF/") && name.indexOf('/', 9) == -1 
&& (
   name.endsWith(".SF") ||
   name.endsWith(".DSA") ||
   name.endsWith(".RSA") ||
   name.endsWith(".EC") ||
   name.startsWith("META-INF/SIG-")
   );



On Nov 7, 2016, at 9:17 AM, Jim Laskey (Oracle)  wrote:

Right.  From SignatureFileVerifier.java


  /**
   * Utility method used by JarVerifier and JarSigner
   * to determine the signature file names and PKCS7 block
   * files names that are supported
   *
   * @param s file name
   * @return true if the input file name is a supported
   *  Signature File or PKCS7 block file name
   */
  public static boolean isBlockOrSF(String s) {
  // we currently only support DSA and RSA PKCS7 blocks
  return s.endsWith(".SF")
  || s.endsWith(".DSA")
  || s.endsWith(".RSA")
  || s.endsWith(".EC");
  }

  /**
   * Yet another utility method used by JarVerifier and JarSigner
   * to determine what files are signature related, which includes
   * the MANIFEST, SF files, known signature block files, and other
   * unknown signature related files (those starting with SIG- with
   * an optional [A-Z0-9]{1,3} extension right inside META-INF).
   *
   * @param name file name
   * @return true if the input file name is signature related
   */
  public static boolean isSigningRelated(String name) {
  name = name.toUpperCase(Locale.ENGLISH);
  if (!name.startsWith("META-INF/")) {
  return false;
  }
  name = name.substring(9);
  if (name.indexOf('/') != -1) {
  return false;
  }
  if (isBlockOrSF(name) || name.equals("MANIFEST.MF")) {
  return true;
  } else if (name.startsWith("SIG-")) {
  // check filename extension
  // see 
http://docs.oracle.com/javase/7/docs/technotes/guides/jar/jar.html#Digital_Signatures
  // for what filename extensions are legal
  int extIndex = name.lastIndexOf('.');
  if (extIndex != -1) {
  String ext = name.substring(extIndex + 1);
  // validate length first
  if (ext.length() > 3 || ext.length() < 1) {
  return false;
  }
  // then check chars, must be in [a-zA-Z0-9] per the jar spec
  for (int index = 0; index < ext.length(); index++) {
  char cc = ext.charAt(index);
  // chars are promoted to uppercase so skip lowercase checks
  if ((cc < 'A' || cc > 'Z') && (cc < '0' || cc > '9')) {
  return false;
  }
  }
  }
  return true; // no extension is OK
  }
  return false;
  }






On Nov 7, 2016, at 9:16 AM, Alan Bateman  wrote:

On 07/11/2016 13:09, Jim Laskey (Oracle) wrote:


Thank you.  Regarding SIG- I was just followed the spec.


I hope Sean or Max can jump in on this, the other question is .EC as I believe 
the JDK allows this when signing too.

-Alan

Re: RFR: 8159393 - jlink should print a warning that a signed modular JAR will be treated as unsigned

[Jim Laskey (Oracle)]

The bug https://bugs.openjdk.java.net/browse/JDK-8159393 
 is really about warning 
developers that their image does not support signing.  If they are okay with 
that then they can override with --strip-signing-information.

— Jim



> On Nov 7, 2016, at 10:11 AM, Jim Laskey (Oracle)  
> wrote:
> 
> The security entries are (have been) ignored when building the image.  At 
> some future date (post-9), we need to decide how to sign an image.
> 
> — Jim
> 
> 
>> On Nov 7, 2016, at 10:06 AM, Wang Weijun  wrote:
>> 
>> The code block below checking if a jar file was signed is correct.
>> 
>> There is one thing I don't understand, the --strip-signing-information 
>> option. It looks like you will remove the signature-related files if this 
>> option is set. But, where are they stripped?
>> 
>> Thanks
>> Max
>> 
>> On 11/7/2016 9:48 PM, Jim Laskey (Oracle) wrote:
>>> Apologies for the poor links earlier.
>>> 
>>> http://cr.openjdk.java.net/~jlaskey/8159393/webrev/index.html
>>> https://bugs.openjdk.java.net/browse/JDK-8159393
>>> 
>>> 
 On Nov 7, 2016, at 9:26 AM, Jim Laskey (Oracle)  
 wrote:
 
 Revising to
 
  String name = entry.name().toUpperCase(Locale.ENGLISH);
 
  return name.startsWith("META-INF/") && name.indexOf('/', 
 9) == -1 && (
  name.endsWith(".SF") ||
  name.endsWith(".DSA") ||
  name.endsWith(".RSA") ||
  name.endsWith(".EC") ||
  name.startsWith("META-INF/SIG-")
  );
 
 
> On Nov 7, 2016, at 9:17 AM, Jim Laskey (Oracle)  
> wrote:
> 
> Right.  From SignatureFileVerifier.java
> 
> 
> /**
>  * Utility method used by JarVerifier and JarSigner
>  * to determine the signature file names and PKCS7 block
>  * files names that are supported
>  *
>  * @param s file name
>  * @return true if the input file name is a supported
>  *  Signature File or PKCS7 block file name
>  */
> public static boolean isBlockOrSF(String s) {
> // we currently only support DSA and RSA PKCS7 blocks
> return s.endsWith(".SF")
> || s.endsWith(".DSA")
> || s.endsWith(".RSA")
> || s.endsWith(".EC");
> }
> 
> /**
>  * Yet another utility method used by JarVerifier and JarSigner
>  * to determine what files are signature related, which includes
>  * the MANIFEST, SF files, known signature block files, and other
>  * unknown signature related files (those starting with SIG- with
>  * an optional [A-Z0-9]{1,3} extension right inside META-INF).
>  *
>  * @param name file name
>  * @return true if the input file name is signature related
>  */
> public static boolean isSigningRelated(String name) {
> name = name.toUpperCase(Locale.ENGLISH);
> if (!name.startsWith("META-INF/")) {
> return false;
> }
> name = name.substring(9);
> if (name.indexOf('/') != -1) {
> return false;
> }
> if (isBlockOrSF(name) || name.equals("MANIFEST.MF")) {
> return true;
> } else if (name.startsWith("SIG-")) {
> // check filename extension
> // see 
> http://docs.oracle.com/javase/7/docs/technotes/guides/jar/jar.html#Digital_Signatures
> // for what filename extensions are legal
> int extIndex = name.lastIndexOf('.');
> if (extIndex != -1) {
> String ext = name.substring(extIndex + 1);
> // validate length first
> if (ext.length() > 3 || ext.length() < 1) {
> return false;
> }
> // then check chars, must be in [a-zA-Z0-9] per the jar spec
> for (int index = 0; index < ext.length(); index++) {
> char cc = ext.charAt(index);
> // chars are promoted to uppercase so skip lowercase 
> checks
> if ((cc < 'A' || cc > 'Z') && (cc < '0' || cc > '9')) {
> return false;
> }
> }
> }
> return true; // no extension is OK
> }
> return false;
> }
> 
> 
> 
> 
> 
>> On Nov 7, 2016, at 9:16 AM, Alan Bateman  wrote:
>> 
>> On 07/11/2016 13:09, Jim Laskey (Oracle) wrote:
>> 
>>> Thank you.  Regarding SIG- I was just followed the spec.
>>> 
>> I hope Sean or Max can jump in on this, the other question is .EC as I 
>> believe the JDK allows this when signing too.
>> 
>> -Alan
> 
 
>>> 
> 

Re: RFR: 8159393 - jlink should print a warning that a signed modular JAR will be treated as unsigned

[Alan Bateman]

On 07/11/2016 13:26, Jim Laskey (Oracle) wrote:


Revising to

 String name = entry.name().toUpperCase(Locale.ENGLISH);

 return name.startsWith("META-INF/") && name.indexOf('/', 9) == -1 
&& (
 name.endsWith(".SF") ||
 name.endsWith(".DSA") ||
 name.endsWith(".RSA") ||
 name.endsWith(".EC") ||
 name.startsWith("META-INF/SIG-")
 );


Good, I think this is right now but I'm sure Sean or Max will jump in at 
some point to say for sure.


-Alan

Re: RFR: 8159393 - jlink should print a warning that a signed modular JAR will be treated as unsigned

[Jim Laskey (Oracle)]

The security entries are (have been) ignored when building the image.  At some 
future date (post-9), we need to decide how to sign an image.

— Jim


> On Nov 7, 2016, at 10:06 AM, Wang Weijun  wrote:
> 
> The code block below checking if a jar file was signed is correct.
> 
> There is one thing I don't understand, the --strip-signing-information 
> option. It looks like you will remove the signature-related files if this 
> option is set. But, where are they stripped?
> 
> Thanks
> Max
> 
> On 11/7/2016 9:48 PM, Jim Laskey (Oracle) wrote:
>> Apologies for the poor links earlier.
>> 
>> http://cr.openjdk.java.net/~jlaskey/8159393/webrev/index.html
>> https://bugs.openjdk.java.net/browse/JDK-8159393
>> 
>> 
>>> On Nov 7, 2016, at 9:26 AM, Jim Laskey (Oracle)  
>>> wrote:
>>> 
>>> Revising to
>>> 
>>>   String name = entry.name().toUpperCase(Locale.ENGLISH);
>>> 
>>>   return name.startsWith("META-INF/") && name.indexOf('/', 
>>> 9) == -1 && (
>>>   name.endsWith(".SF") ||
>>>   name.endsWith(".DSA") ||
>>>   name.endsWith(".RSA") ||
>>>   name.endsWith(".EC") ||
>>>   name.startsWith("META-INF/SIG-")
>>>   );
>>> 
>>> 
 On Nov 7, 2016, at 9:17 AM, Jim Laskey (Oracle)  
 wrote:
 
 Right.  From SignatureFileVerifier.java
 
 
  /**
   * Utility method used by JarVerifier and JarSigner
   * to determine the signature file names and PKCS7 block
   * files names that are supported
   *
   * @param s file name
   * @return true if the input file name is a supported
   *  Signature File or PKCS7 block file name
   */
  public static boolean isBlockOrSF(String s) {
  // we currently only support DSA and RSA PKCS7 blocks
  return s.endsWith(".SF")
  || s.endsWith(".DSA")
  || s.endsWith(".RSA")
  || s.endsWith(".EC");
  }
 
  /**
   * Yet another utility method used by JarVerifier and JarSigner
   * to determine what files are signature related, which includes
   * the MANIFEST, SF files, known signature block files, and other
   * unknown signature related files (those starting with SIG- with
   * an optional [A-Z0-9]{1,3} extension right inside META-INF).
   *
   * @param name file name
   * @return true if the input file name is signature related
   */
  public static boolean isSigningRelated(String name) {
  name = name.toUpperCase(Locale.ENGLISH);
  if (!name.startsWith("META-INF/")) {
  return false;
  }
  name = name.substring(9);
  if (name.indexOf('/') != -1) {
  return false;
  }
  if (isBlockOrSF(name) || name.equals("MANIFEST.MF")) {
  return true;
  } else if (name.startsWith("SIG-")) {
  // check filename extension
  // see 
 http://docs.oracle.com/javase/7/docs/technotes/guides/jar/jar.html#Digital_Signatures
  // for what filename extensions are legal
  int extIndex = name.lastIndexOf('.');
  if (extIndex != -1) {
  String ext = name.substring(extIndex + 1);
  // validate length first
  if (ext.length() > 3 || ext.length() < 1) {
  return false;
  }
  // then check chars, must be in [a-zA-Z0-9] per the jar spec
  for (int index = 0; index < ext.length(); index++) {
  char cc = ext.charAt(index);
  // chars are promoted to uppercase so skip lowercase 
 checks
  if ((cc < 'A' || cc > 'Z') && (cc < '0' || cc > '9')) {
  return false;
  }
  }
  }
  return true; // no extension is OK
  }
  return false;
  }
 
 
 
 
 
> On Nov 7, 2016, at 9:16 AM, Alan Bateman  wrote:
> 
> On 07/11/2016 13:09, Jim Laskey (Oracle) wrote:
> 
>> Thank you.  Regarding SIG- I was just followed the spec.
>> 
> I hope Sean or Max can jump in on this, the other question is .EC as I 
> believe the JDK allows this when signing too.
> 
> -Alan
 
>>> 
>> 

Re: RFR: 8159393 - jlink should print a warning that a signed modular JAR will be treated as unsigned

[Jim Laskey (Oracle)]

Apologies for the poor links earlier.

http://cr.openjdk.java.net/~jlaskey/8159393/webrev/index.html
https://bugs.openjdk.java.net/browse/JDK-8159393


> On Nov 7, 2016, at 9:26 AM, Jim Laskey (Oracle)  
> wrote:
> 
> Revising to
> 
>String name = entry.name().toUpperCase(Locale.ENGLISH);
> 
>return name.startsWith("META-INF/") && name.indexOf('/', 
> 9) == -1 && (
>name.endsWith(".SF") ||
>name.endsWith(".DSA") ||
>name.endsWith(".RSA") ||
>name.endsWith(".EC") ||
>name.startsWith("META-INF/SIG-")
>);
> 
> 
>> On Nov 7, 2016, at 9:17 AM, Jim Laskey (Oracle)  
>> wrote:
>> 
>> Right.  From SignatureFileVerifier.java
>> 
>> 
>>   /**
>>* Utility method used by JarVerifier and JarSigner
>>* to determine the signature file names and PKCS7 block
>>* files names that are supported
>>*
>>* @param s file name
>>* @return true if the input file name is a supported
>>*  Signature File or PKCS7 block file name
>>*/
>>   public static boolean isBlockOrSF(String s) {
>>   // we currently only support DSA and RSA PKCS7 blocks
>>   return s.endsWith(".SF")
>>   || s.endsWith(".DSA")
>>   || s.endsWith(".RSA")
>>   || s.endsWith(".EC");
>>   }
>> 
>>   /**
>>* Yet another utility method used by JarVerifier and JarSigner
>>* to determine what files are signature related, which includes
>>* the MANIFEST, SF files, known signature block files, and other
>>* unknown signature related files (those starting with SIG- with
>>* an optional [A-Z0-9]{1,3} extension right inside META-INF).
>>*
>>* @param name file name
>>* @return true if the input file name is signature related
>>*/
>>   public static boolean isSigningRelated(String name) {
>>   name = name.toUpperCase(Locale.ENGLISH);
>>   if (!name.startsWith("META-INF/")) {
>>   return false;
>>   }
>>   name = name.substring(9);
>>   if (name.indexOf('/') != -1) {
>>   return false;
>>   }
>>   if (isBlockOrSF(name) || name.equals("MANIFEST.MF")) {
>>   return true;
>>   } else if (name.startsWith("SIG-")) {
>>   // check filename extension
>>   // see 
>> http://docs.oracle.com/javase/7/docs/technotes/guides/jar/jar.html#Digital_Signatures
>>   // for what filename extensions are legal
>>   int extIndex = name.lastIndexOf('.');
>>   if (extIndex != -1) {
>>   String ext = name.substring(extIndex + 1);
>>   // validate length first
>>   if (ext.length() > 3 || ext.length() < 1) {
>>   return false;
>>   }
>>   // then check chars, must be in [a-zA-Z0-9] per the jar spec
>>   for (int index = 0; index < ext.length(); index++) {
>>   char cc = ext.charAt(index);
>>   // chars are promoted to uppercase so skip lowercase checks
>>   if ((cc < 'A' || cc > 'Z') && (cc < '0' || cc > '9')) {
>>   return false;
>>   }
>>   }
>>   }
>>   return true; // no extension is OK
>>   }
>>   return false;
>>   }
>> 
>> 
>> 
>> 
>> 
>>> On Nov 7, 2016, at 9:16 AM, Alan Bateman  wrote:
>>> 
>>> On 07/11/2016 13:09, Jim Laskey (Oracle) wrote:
>>> 
 Thank you.  Regarding SIG- I was just followed the spec.
 
>>> I hope Sean or Max can jump in on this, the other question is .EC as I 
>>> believe the JDK allows this when signing too.
>>> 
>>> -Alan
>> 
> 

Re: RFR: 8159393 - jlink should print a warning that a signed modular JAR will be treated as unsigned

[Jim Laskey (Oracle)]

Revising to

String name = entry.name().toUpperCase(Locale.ENGLISH);

return name.startsWith("META-INF/") && name.indexOf('/', 9) 
== -1 && (
name.endsWith(".SF") ||
name.endsWith(".DSA") ||
name.endsWith(".RSA") ||
name.endsWith(".EC") ||
name.startsWith("META-INF/SIG-")
);


> On Nov 7, 2016, at 9:17 AM, Jim Laskey (Oracle)  
> wrote:
> 
> Right.  From SignatureFileVerifier.java
> 
> 
>/**
> * Utility method used by JarVerifier and JarSigner
> * to determine the signature file names and PKCS7 block
> * files names that are supported
> *
> * @param s file name
> * @return true if the input file name is a supported
> *  Signature File or PKCS7 block file name
> */
>public static boolean isBlockOrSF(String s) {
>// we currently only support DSA and RSA PKCS7 blocks
>return s.endsWith(".SF")
>|| s.endsWith(".DSA")
>|| s.endsWith(".RSA")
>|| s.endsWith(".EC");
>}
> 
>/**
> * Yet another utility method used by JarVerifier and JarSigner
> * to determine what files are signature related, which includes
> * the MANIFEST, SF files, known signature block files, and other
> * unknown signature related files (those starting with SIG- with
> * an optional [A-Z0-9]{1,3} extension right inside META-INF).
> *
> * @param name file name
> * @return true if the input file name is signature related
> */
>public static boolean isSigningRelated(String name) {
>name = name.toUpperCase(Locale.ENGLISH);
>if (!name.startsWith("META-INF/")) {
>return false;
>}
>name = name.substring(9);
>if (name.indexOf('/') != -1) {
>return false;
>}
>if (isBlockOrSF(name) || name.equals("MANIFEST.MF")) {
>return true;
>} else if (name.startsWith("SIG-")) {
>// check filename extension
>// see 
> http://docs.oracle.com/javase/7/docs/technotes/guides/jar/jar.html#Digital_Signatures
>// for what filename extensions are legal
>int extIndex = name.lastIndexOf('.');
>if (extIndex != -1) {
>String ext = name.substring(extIndex + 1);
>// validate length first
>if (ext.length() > 3 || ext.length() < 1) {
>return false;
>}
>// then check chars, must be in [a-zA-Z0-9] per the jar spec
>for (int index = 0; index < ext.length(); index++) {
>char cc = ext.charAt(index);
>// chars are promoted to uppercase so skip lowercase checks
>if ((cc < 'A' || cc > 'Z') && (cc < '0' || cc > '9')) {
>return false;
>}
>}
>}
>return true; // no extension is OK
>}
>return false;
>}
> 
> 
> 
> 
> 
>> On Nov 7, 2016, at 9:16 AM, Alan Bateman  wrote:
>> 
>> On 07/11/2016 13:09, Jim Laskey (Oracle) wrote:
>> 
>>> Thank you.  Regarding SIG- I was just followed the spec.
>>> 
>> I hope Sean or Max can jump in on this, the other question is .EC as I 
>> believe the JDK allows this when signing too.
>> 
>> -Alan
> 

Re: RFR: 8159393 - jlink should print a warning that a signed modular JAR will be treated as unsigned

[Jim Laskey (Oracle)]

Right.  From SignatureFileVerifier.java


/**
 * Utility method used by JarVerifier and JarSigner
 * to determine the signature file names and PKCS7 block
 * files names that are supported
 *
 * @param s file name
 * @return true if the input file name is a supported
 *  Signature File or PKCS7 block file name
 */
public static boolean isBlockOrSF(String s) {
// we currently only support DSA and RSA PKCS7 blocks
return s.endsWith(".SF")
|| s.endsWith(".DSA")
|| s.endsWith(".RSA")
|| s.endsWith(".EC");
}

/**
 * Yet another utility method used by JarVerifier and JarSigner
 * to determine what files are signature related, which includes
 * the MANIFEST, SF files, known signature block files, and other
 * unknown signature related files (those starting with SIG- with
 * an optional [A-Z0-9]{1,3} extension right inside META-INF).
 *
 * @param name file name
 * @return true if the input file name is signature related
 */
public static boolean isSigningRelated(String name) {
name = name.toUpperCase(Locale.ENGLISH);
if (!name.startsWith("META-INF/")) {
return false;
}
name = name.substring(9);
if (name.indexOf('/') != -1) {
return false;
}
if (isBlockOrSF(name) || name.equals("MANIFEST.MF")) {
return true;
} else if (name.startsWith("SIG-")) {
// check filename extension
// see 
http://docs.oracle.com/javase/7/docs/technotes/guides/jar/jar.html#Digital_Signatures
// for what filename extensions are legal
int extIndex = name.lastIndexOf('.');
if (extIndex != -1) {
String ext = name.substring(extIndex + 1);
// validate length first
if (ext.length() > 3 || ext.length() < 1) {
return false;
}
// then check chars, must be in [a-zA-Z0-9] per the jar spec
for (int index = 0; index < ext.length(); index++) {
char cc = ext.charAt(index);
// chars are promoted to uppercase so skip lowercase checks
if ((cc < 'A' || cc > 'Z') && (cc < '0' || cc > '9')) {
return false;
}
}
}
return true; // no extension is OK
}
return false;
}





> On Nov 7, 2016, at 9:16 AM, Alan Bateman  wrote:
> 
> On 07/11/2016 13:09, Jim Laskey (Oracle) wrote:
> 
>> Thank you.  Regarding SIG- I was just followed the spec.
>> 
> I hope Sean or Max can jump in on this, the other question is .EC as I 
> believe the JDK allows this when signing too.
> 
> -Alan

Re: RFR: 8159393 - jlink should print a warning that a signed modular JAR will be treated as unsigned

[Alan Bateman]

On 07/11/2016 13:09, Jim Laskey (Oracle) wrote:


Thank you.  Regarding SIG- I was just followed the spec.

I hope Sean or Max can jump in on this, the other question is .EC as I 
believe the JDK allows this when signing too.


-Alan

Re: RFR: 8159393 - jlink should print a warning that a signed modular JAR will be treated as unsigned

[Jim Laskey (Oracle)]

But I need to be more careful with "Note that if such files are located in 
META-INF subdirectories, they are not considered signature-related.”


> On Nov 7, 2016, at 9:09 AM, Jim Laskey (Oracle)  
> wrote:
> 
> Thank you.  Regarding SIG- I was just followed the spec.
> 
> 
> Signed JAR File
> <>Overview
> A JAR file can be signed by using the command line jarsigner 
> 
>  tool or directly through the java.security API. Every file entry, including 
> non-signature related files in the META-INF directory, will be signed if the 
> JAR file is signed by the jarsigner tool. The signature related files are:
> META-INF/MANIFEST.MF
> META-INF/*.SF
> META-INF/*.DSA
> META-INF/*.RSA
> META-INF/SIG-*
> Note that if such files are located in META-INF subdirectories, they are not 
> considered signature-related. Case-insensitive versions of these filenames 
> are reserved and will also not be signed.
> Subsets of a JAR file can be signed by using the java.security API. A signed 
> JAR file is exactly the same as the original JAR file, except that its 
> manifest is updated and two additional files are added to the META-INF 
> directory: a signature file and a signature block file. When jarsigner is not 
> used, the signing program has to construct both the signature file and the 
> signature block file.
> 
> 
>> On Nov 7, 2016, at 8:40 AM, Alan Bateman  wrote:
>> 
>> 
>> n 07/11/2016 12:29, Jim Laskey (Oracle) wrote:
>>> http://cr.openjdk.java.net/~jlaskey/8159393/webrev/test/tools/jlink/JLinkSigningTest.java.html
>>>  
>>> 
>>> https://bugs.openjdk.java.net/browse/JDK-8159393
>>> 
>> I think this is the link:
>> http://cr.openjdk.java.net/~jlaskey/8159393/webrev/index.html
>> 
>> I hope someone from the security area will be able to help review this. One 
>> thing that isn't clear to me is whether the check for META-INF/SIG-* is 
>> right. Also I assume you need to toUpperCase(Locale.ENGLISH) to align with 
>> how JAR file verification checks for signed JARs.
>> 
>> In passing, should the usage and warning use "modular JAR" rather than 
>> "modular jar"?
>> 
>> -Alan
>> 
> 

Re: RFR: 8159393 - jlink should print a warning that a signed modular JAR will be treated as unsigned

[Jim Laskey (Oracle)]

Thank you.  Regarding SIG- I was just followed the spec.


Signed JAR File
 <>Overview
A JAR file can be signed by using the command line jarsigner 

 tool or directly through the java.security API. Every file entry, including 
non-signature related files in the META-INF directory, will be signed if the 
JAR file is signed by the jarsigner tool. The signature related files are:
META-INF/MANIFEST.MF
META-INF/*.SF
META-INF/*.DSA
META-INF/*.RSA
META-INF/SIG-*
Note that if such files are located in META-INF subdirectories, they are not 
considered signature-related. Case-insensitive versions of these filenames are 
reserved and will also not be signed.
Subsets of a JAR file can be signed by using the java.security API. A signed 
JAR file is exactly the same as the original JAR file, except that its manifest 
is updated and two additional files are added to the META-INF directory: a 
signature file and a signature block file. When jarsigner is not used, the 
signing program has to construct both the signature file and the signature 
block file.


> On Nov 7, 2016, at 8:40 AM, Alan Bateman  wrote:
> 
> 
> n 07/11/2016 12:29, Jim Laskey (Oracle) wrote:
>> http://cr.openjdk.java.net/~jlaskey/8159393/webrev/test/tools/jlink/JLinkSigningTest.java.html
>>  
>> 
>> https://bugs.openjdk.java.net/browse/JDK-8159393
>> 
> I think this is the link:
>  http://cr.openjdk.java.net/~jlaskey/8159393/webrev/index.html
> 
> I hope someone from the security area will be able to help review this. One 
> thing that isn't clear to me is whether the check for META-INF/SIG-* is 
> right. Also I assume you need to toUpperCase(Locale.ENGLISH) to align with 
> how JAR file verification checks for signed JARs.
> 
> In passing, should the usage and warning use "modular JAR" rather than 
> "modular jar"?
> 
> -Alan
> 

Re: RFR: 8159393 - jlink should print a warning that a signed modular JAR will be treated as unsigned

[Alan Bateman]

n 07/11/2016 12:29, Jim Laskey (Oracle) wrote:

http://cr.openjdk.java.net/~jlaskey/8159393/webrev/test/tools/jlink/JLinkSigningTest.java.html
 

https://bugs.openjdk.java.net/browse/JDK-8159393


I think this is the link:
  http://cr.openjdk.java.net/~jlaskey/8159393/webrev/index.html

I hope someone from the security area will be able to help review this. 
One thing that isn't clear to me is whether the check for META-INF/SIG-* 
is right. Also I assume you need to toUpperCase(Locale.ENGLISH) to align 
with how JAR file verification checks for signed JARs.


In passing, should the usage and warning use "modular JAR" rather than 
"modular jar"?


-Alan

RFR: 8159393 - jlink should print a warning that a signed modular JAR will be treated as unsigned

[Jim Laskey (Oracle)]

http://cr.openjdk.java.net/~jlaskey/8159393/webrev/test/tools/jlink/JLinkSigningTest.java.html
 

https://bugs.openjdk.java.net/browse/JDK-8159393