< prev index next >
src/share/classes/java/util/jar/JarVerifier.java
Print this page
rev 1455 : 6870812: enhance security tools to use ECC algorithms
Reviewed-by: vinnie, mullan
@@ -50,11 +50,11 @@
/* a table mapping names to code signers, for jar entries that have
had their actual hashes verified */
private Hashtable verifiedSigners;
/* a table mapping names to code signers, for jar entries that have
- passed the .SF/.DSA -> MANIFEST check */
+ passed the .SF/.DSA/.EC -> MANIFEST check */
private Hashtable sigFileSigners;
/* a hash table to hold .SF bytes */
private Hashtable sigFileData;
@@ -121,11 +121,11 @@
String name = je.getName();
/*
* Assumptions:
* 1. The manifest should be the first entry in the META-INF directory.
- * 2. The .SF/.DSA files follow the manifest, before any normal entries
+ * 2. The .SF/.DSA/.EC files follow the manifest, before any normal entries
* 3. Any of the following will throw a SecurityException:
* a. digest mismatch between a manifest section and
* the SF section.
* b. digest mismatch between the actual jar entry and the manifest
*/
@@ -139,11 +139,11 @@
mev.setEntry(null, je);
return;
}
if (SignatureFileVerifier.isBlockOrSF(uname)) {
- /* We parse only DSA or RSA PKCS7 blocks. */
+ /* We parse only DSA, RSA or EC PKCS7 blocks. */
parsingBlockOrSF = true;
baos.reset();
mev.setEntry(null, je);
}
return;
< prev index next >