8245151: jarsigner should not raise duplicate warnings on verification

Reviewed-by: weijun
openjdk · May 19, 2020 · a97932d · a97932d
1 parent 4159f68
commit a97932d
Show file tree

Hide file tree

Showing 3 changed files with 4 additions and 2 deletions.
diff --git a/src/jdk.jartool/share/classes/sun/security/tools/jarsigner/Main.java b/src/jdk.jartool/share/classes/sun/security/tools/jarsigner/Main.java
@@ -1195,7 +1195,7 @@ private void displayMessagesAndResult(boolean isSigning) {
 
                 if ((legacyAlg & 4) != 0) {
                     warnings.add(String.format(
-                            rb.getString("The.digest.algorithm.1.is.considered.a.security.risk..This.algorithm.will.be.disabled.in.a.future.update."),
+                            rb.getString("The.timestamp.digest.algorithm.1.is.considered.a.security.risk..This.algorithm.will.be.disabled.in.a.future.update."),
                             legacyTsaDigestAlg));
                 }
 

diff --git a/src/jdk.jartool/share/classes/sun/security/tools/jarsigner/Resources.java b/src/jdk.jartool/share/classes/sun/security/tools/jarsigner/Resources.java
@@ -282,6 +282,8 @@ public class Resources extends java.util.ListResourceBundle {
                 "The %1$s algorithm specified for the %2$s option is considered a security risk. This algorithm will be disabled in a future update."},
         {"The.1.algorithm.specified.for.the.2.option.is.considered.a.security.risk.and.is.disabled.",
                 "The %1$s algorithm specified for the %2$s option is considered a security risk and is disabled."},
+        {"The.timestamp.digest.algorithm.1.is.considered.a.security.risk..This.algorithm.will.be.disabled.in.a.future.update.",
+                "The %1$s timestamp digest algorithm is considered a security risk. This algorithm will be disabled in a future update."},
         {"The.digest.algorithm.1.is.considered.a.security.risk..This.algorithm.will.be.disabled.in.a.future.update.",
                 "The %1$s digest algorithm is considered a security risk. This algorithm will be disabled in a future update."},
         {"The.signature.algorithm.1.is.considered.a.security.risk..This.algorithm.will.be.disabled.in.a.future.update.",

diff --git a/test/jdk/sun/security/tools/jarsigner/TimestampCheck.java b/test/jdk/sun/security/tools/jarsigner/TimestampCheck.java
@@ -445,7 +445,7 @@ public static void main(String[] args) throws Throwable {
                 verify("sha1tsaalg.jar", "-strict")
                         .shouldHaveExitValue(0)
                         .shouldContain("jar verified, with signer errors")
-                        .shouldContain("SHA-1 digest algorithm is considered a security risk")
+                        .shouldContain("SHA-1 timestamp digest algorithm is considered a security risk")
                         .shouldNotContain("is disabled");
 
                 // Disabled algorithms