[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openjdk-jigsaw-dev
Subject:    jpkg enhancements to create signed modules
From:       vincent.x.ryan () oracle ! com (Vincent Ryan)
Date:       2010-05-20 23:05:53
Message-ID: 4BF5C051.4060002 () oracle ! com
[Download RAW message or body]

Thanks for all your comments so far. The only one I have not yet
addressed is Mandy's issue regarding L10N of the password prompt.

The new webrev is available at:

     http://cr.openjdk.java.net/~vinnie/6951048/webrev.01/webrev/

I've made the default behaviour not to sign (replacing --nosign with
--sign) and enhanced the ModuleFileFormat.Reader class to handle
signed modules.

Signature validation is quite basic at the moment. I will add support
for full certificate path validation in a later changeset.




On 10/05/2010 17:47, Vincent Ryan wrote:
> Hello,
>
> Please review these code changes to support the creation of signed modules:
>
>    http://cr.openjdk.java.net/~vinnie/6951048/webrev.00/webrev/
>
> It adds the following new options to the jpkg tool:
>
>    -S, --signer<ID>          : module signer's identifier
>    -k, --keystore<location>   : module signer's keystore location
>    -t, --storetype<type>      : module signer's keystore type
>    --nosign                   : do not sign the module
>    --nopassword               : do not prompt for a keystore password
>
> Appropriate default values are supported and keystore passwords may be
> supplied to jpkg by redirecting standard input.
>
>
> This is just one of a number of changes to support signed modules throughout
> jigsaw.
>
> Please send me your comments as I'm hoping to address any issues and integrate
> these changes by the end of this week.
>
> Thanks.


[prev in list] [next in list] [prev in thread] [next in thread]