jdk Sdiff src/share/classes/sun/security/util

src/share/classes/sun/security/util/SignatureFileVerifier.java

rev 3083 : 7004035: signed jar with only META-INF/* inside is not verifiable
Reviewed-by: nobody

 248 
 249             if (manifestSigned ||
 250                 (verifySection(e.getValue(), name, md, decoder))) {
 251 
 252                 if (name.startsWith("./"))
 253                     name = name.substring(2);
 254 
 255                 if (name.startsWith("/"))
 256                     name = name.substring(1);
 257 
 258                 updateSigners(newSigners, signers, name);
 259 
 260                 if (debug != null) {
 261                     debug.println("processSignature signed name = "+name);
 262                 }
 263 
 264             } else if (debug != null) {
 265                 debug.println("processSignature unsigned name = "+name);
 266             }
 267         }



 268     }
 269 
 270     /**
 271      * See if the whole manifest was signed.
 272      */
 273     private boolean verifyManifestHash(Manifest sf,
 274                                        ManifestDigester md,
 275                                        BASE64Decoder decoder)
 276          throws IOException
 277     {
 278         Attributes mattr = sf.getMainAttributes();
 279         boolean manifestSigned = false;
 280 
 281         // go through all the attributes and process *-Digest-Manifest entries
 282         for (Map.Entry<Object,Object> se : mattr.entrySet()) {
 283 
 284             String key = se.getKey().toString();
 285 
 286             if (key.toUpperCase(Locale.ENGLISH).endsWith("-DIGEST-MANIFEST")) {
 287                 // 16 is length of "-Digest-Manifest"

 248 
 249             if (manifestSigned ||
 250                 (verifySection(e.getValue(), name, md, decoder))) {
 251 
 252                 if (name.startsWith("./"))
 253                     name = name.substring(2);
 254 
 255                 if (name.startsWith("/"))
 256                     name = name.substring(1);
 257 
 258                 updateSigners(newSigners, signers, name);
 259 
 260                 if (debug != null) {
 261                     debug.println("processSignature signed name = "+name);
 262                 }
 263 
 264             } else if (debug != null) {
 265                 debug.println("processSignature unsigned name = "+name);
 266             }
 267         }
 268 
 269         // MANIFEST.MF is always regarded as signed
 270         updateSigners(newSigners, signers, JarFile.MANIFEST_NAME);
 271     }
 272 
 273     /**
 274      * See if the whole manifest was signed.
 275      */
 276     private boolean verifyManifestHash(Manifest sf,
 277                                        ManifestDigester md,
 278                                        BASE64Decoder decoder)
 279          throws IOException
 280     {
 281         Attributes mattr = sf.getMainAttributes();
 282         boolean manifestSigned = false;
 283 
 284         // go through all the attributes and process *-Digest-Manifest entries
 285         for (Map.Entry<Object,Object> se : mattr.entrySet()) {
 286 
 287             String key = se.getKey().toString();
 288 
 289             if (key.toUpperCase(Locale.ENGLISH).endsWith("-DIGEST-MANIFEST")) {
 290                 // 16 is length of "-Digest-Manifest"