提交 50874d19 编写于 作者: I igerasim

8169392: Additional jar validation steps

Reviewed-by: mullan, herrick, ahgross
上级 655050a6
/*
* Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
......@@ -180,10 +180,12 @@ class JarVerifier {
// only set the jev object for entries that have a signature
// (either verified or not)
if (sigFileSigners.get(name) != null ||
verifiedSigners.get(name) != null) {
mev.setEntry(name, je);
return;
if (!name.equals(JarFile.MANIFEST_NAME)) {
if (sigFileSigners.get(name) != null ||
verifiedSigners.get(name) != null) {
mev.setEntry(name, je);
return;
}
}
// don't compute the digest for this entry
......
/*
* Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
......@@ -107,6 +107,8 @@ public class ManifestEntryVerifier {
/* get the headers from the manifest for this entry */
/* if there aren't any, we can't verify any digests for this entry */
skip = false;
Attributes attr = man.getAttributes(name);
if (attr == null) {
// ugh. we should be able to remove this at some point.
......@@ -141,7 +143,6 @@ public class ManifestEntryVerifier {
}
if (digest != null) {
skip = false;
digest.reset();
digests.add(digest);
manifestHashes.add(
......@@ -197,6 +198,10 @@ public class ManifestEntryVerifier {
return null;
}
if (digests.isEmpty()) {
throw new SecurityException("digest missing for " + name);
}
if (signers != null)
return signers;
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册