Open yeroc opened 1 year ago
This will be fixed with: https://github.com/openjdk/jdk8u-dev/pull/282
The workaround until that lands should be to remove SHA1 denyAfter 2019-01-01
from jdk.jar.disabledAlgorithms
in java.security
file.
Upstream bug: https://bugs.openjdk.org/browse/JDK-8278851
@jerboaa Thanks so much! I hadn't realized this jar was dual-signed but MANIFEST.MF
shows:
Name: DPPDLL.dll
SHA1-Digest: 2eqrShXQujVTdccGespKIj+uFAk=
SHA-256-Digest: I8jwKkCBVyNspzU644k05oHAMmTynwX5cJTt/jJAaQc=
So the bug you referenced is definitely the root cause here.
We are marking this issue as stale because it has not been updated for a while. This is just a way to keep the support issues queue manageable. It will be closed soon unless the stale label is removed by a committer, or a new comment is made.
Please verify the issue is solved with 8u382 ea builds from here (8u382 in July will have this fixed): https://adoptium.net/temurin/nightly/?version=8
Please provide a brief summary of the bug
We noticed a seeming regression in 8u362 when verifying signed jars. Both 8u352 and 11.0.18 are showing all entries as signed but 8u362 shows only the
MANIFEST.MF
file as signed along with aThis jar contains unsigned entries which have not been integrity-checked.
warning.8u362 output:
8.u352:
11.0.18 also verifies:
Please provide steps to reproduce where possible
No response
Expected Results
Expect
jarsigner
to properly report all entries as signed.Actual Results
jarsigner
instead warns thatThis jar contains unsigned entries which have not been integrity-checked.
What Java Version are you using?
openjdk version "1.8.0_362" OpenJDK Runtime Environment (Temurin)(build 1.8.0_362-b09) OpenJDK 64-Bit Server VM (Temurin)(build 25.362-b09, mixed mode)
What is your operating system and platform?
CentOS Linux release 7.9.2009 (Issue is also visible on Windows 10 build as well)
How did you install Java?
Installed via sdkman:
Did it work before?
Did you test with the latest update version?
Did you test with other Java versions?
Relevant log output
No response