8165816: jarsigner -verify shows jar unsigned if it was signed with a weak algorithm

Reviewed-by: mullan
2016-09-14 00:29:30 +08:00 · 2016-09-14 00:29:30 +08:00 · 9eda16c50d
commit 9eda16c50d
parent 5fa14d430b
3 changed files with 18 additions and 5 deletions
--- a/jdk/src/java.base/share/classes/sun/security/pkcs/SignerInfo.java
+++ b/jdk/src/java.base/share/classes/sun/security/pkcs/SignerInfo.java
@ -55,6 +55,7 @@ import sun.security.util.DerOutputStream;
 import sun.security.util.DerValue;
 import sun.security.util.DisabledAlgorithmConstraints;
 import sun.security.util.HexDumpEncoder;
+import sun.security.util.KeyUtil;
 import sun.security.util.ObjectIdentifier;
 import sun.security.x509.AlgorithmId;
 import sun.security.x509.X500Name;
@ -399,7 +400,9 @@ public class SignerInfo implements DerEncoder {
            // check if the public key is restricted
            if (!JAR_DISABLED_CHECK.permits(SIG_PRIMITIVE_SET, key)) {
                throw new SignatureException("Public key check failed. " +
-                        "Disabled algorithm used: " + key.getAlgorithm());
+                        "Disabled key used: " +
+                        KeyUtil.getKeySize(key) + " bit " +
+                        key.getAlgorithm());
            }

            if (cert.hasUnsupportedCriticalExtension()) {
--- a/jdk/src/jdk.jartool/share/classes/sun/security/tools/jarsigner/Main.java
+++ b/jdk/src/jdk.jartool/share/classes/sun/security/tools/jarsigner/Main.java
@ -653,6 +653,7 @@ public class Main {
            }

            Manifest man = jf.getManifest();
+            boolean hasSignature = false;

            // The map to record display info, only used when -verbose provided
            //      key: signer info string
@ -668,6 +669,10 @@ public class Main {
                while (e.hasMoreElements()) {
                    JarEntry je = e.nextElement();
                    String name = je.getName();
+
+                    hasSignature = hasSignature
+                            || SignatureFileVerifier.isBlockOrSF(name);
+
                    CodeSigner[] signers = je.getCodeSigners();
                    boolean isSigned = (signers != null);
                    anySigned |= isSigned;
@ -812,8 +817,11 @@ public class Main {
            }

            if (!anySigned) {
-                System.out.println(rb.getString(
-                      "jar.is.unsigned.signatures.missing.or.not.parsable."));
+                if (hasSignature) {
+                    System.out.println(rb.getString("jar.treated.unsigned"));
+                } else {
+                    System.out.println(rb.getString("jar.is.unsigned"));
+                }
            } else {
                boolean warningAppeared = false;
                boolean errorAppeared = false;
--- a/jdk/src/jdk.jartool/share/classes/sun/security/tools/jarsigner/Resources.java
+++ b/jdk/src/jdk.jartool/share/classes/sun/security/tools/jarsigner/Resources.java
@ -142,8 +142,10 @@ public class Resources extends java.util.ListResourceBundle {
        {"no.manifest.", "no manifest."},
        {".Signature.related.entries.","(Signature related entries)"},
        {".Unsigned.entries.", "(Unsigned entries)"},
-        {"jar.is.unsigned.signatures.missing.or.not.parsable.",
-                "jar is unsigned. (signatures missing or not parsable)"},
+        {"jar.is.unsigned",
+                "jar is unsigned."},
+        {"jar.treated.unsigned",
+                "Signature not parsable or verifiable. The jar will be treated as unsigned. The jar may have been signed with a weak algorithm that is now disabled. For more information, rerun jarsigner with debug enabled (-J-Djava.security.debug=jar)."},
        {"jar.signed.", "jar signed."},
        {"jar.signed.with.signer.errors.", "jar signed, with signer errors."},
        {"jar.verified.", "jar verified."},