On Fri, 10 Oct 2025 07:20:20 GMT, Hai-May Chao <[email protected]> wrote:
>> This PR improves security warning when using JKS or JCEKS keystores.
>
> Hai-May Chao has updated the pull request incrementally with four additional
> commits since the last revision:
>
> - Updates with review comments
> - Updates with review comments
> - Revert changes to KeyStore.java
> - Remove test TestOutdatedKeyStore.java
src/jdk.jartool/share/classes/sun/security/tools/jarsigner/Main.java line 2432:
> 2430: }
> 2431: }
> 2432: if (store.getType().equalsIgnoreCase("JKS")
We should put in the same logic here as in `keytool` to check if the real
storetype is JKS or JCEKS. See
https://github.com/openjdk/jdk/blob/f6d77cb33299ae0636a2b52ee752f27e9ea9191b/src/java.base/share/classes/sun/security/tools/keytool/Main.java#L1392
test/jdk/sun/security/tools/jarsigner/compatibility/Compatibility.java line 26:
> 24: /*
> 25: * @test
> 26: * @bug 8217375 8260286 8267319 8353749
This is not specifically testing this issue, so I don't think you should
include the bugid.
test/jdk/sun/security/tools/jarsigner/warnings/Test.java line 1:
> 1: /*
I think you should create a new test which is a subclass of this Test which
checks that JKS and JCEKS produce the proper warnings when using jarsigner.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/27624#discussion_r2420484696
PR Review Comment: https://git.openjdk.org/jdk/pull/27624#discussion_r2420255919
PR Review Comment: https://git.openjdk.org/jdk/pull/27624#discussion_r2420295556
