Ok. > Oh, my habit is to always keeping them so that if anything goes > wrong ...
Ok. Xuelei On 6/4/2014 4:26 PM, Wang Weijun wrote: > Oh, I was just updating the webrev to > > http://cr.openjdk.java.net/~weijun/8044755/webrev.01/ > > As we've just discussed offline, the reason the 2nd jarsigner call fails is a > double weakness, not only the signer's key is 512 bit, but also signer's cert > is signed by a 512 key (of CA). > > Therefore I update the test to use a weak signature alg -- MD2withRSA. This > time I believe the weakness of CA's cert won't infect the its signature when > signing signer. > > Thanks > Max > > On Jun 4, 2014, at 16:20, Xuelei Fan <[email protected]> wrote: > >> Looks fine to me. >> >> FYI, I'd like to remove the temporary files (a.jar, ks, etc) after a >> testing. >> >> Xuelei >> >> On 6/4/2014 2:21 PM, Wang Weijun wrote: >>> Please review a new test at >>> >>> http://cr.openjdk.java.net/~weijun/8044755/webrev.00/ >>> >>> It makes sure the CertPath validation check in jarsigner matches the >>> algorithm constraints check on key sizes. >>> >>> Thanks >>> Max >>> >> >
