8309841: Jarsigner should print a warning if an entry is removed

[wkia]

This is backport of "8309841: Jarsigner should print a warning if an entry is removed"

Original patch does not apply cleanly to jdk11, some minor conflicts, and also in test/jdk/sun/security/tools/jarsigner/RemovedFiles.java ed25519 algorithm was replaced with RSA, and _ was replaced with a variable, and added the check in src/jdk.jartool/share/classes/sun/security/tools/jarsigner/Main.java at line 1259.

We need this fix in jdk11 and below, down to jdk8, as all versions have this issue with jarsigner.

New tests successfully ran locally on Linux, x86_64.

---

Progress

• Change must be properly reviewed (1 review required, with at least 1 Reviewer)
• Change requires CSR request JDK-8334261 to be approved
• Change must not contain extraneous whitespace
• Commit message must refer to an issue
• JDK-8309841 needs maintainer approval

Issues

• JDK-8309841: Jarsigner should print a warning if an entry is removed (Enhancement - P3 - Approved)
• JDK-8334261: Jarsigner should print a warning if an entry is removed (CSR)

Reviewers

• Alexey Bakhtin (@alexeybakhtin - Reviewer)
• Andrew John Hughes (@gnu-andrew - Reviewer)

Reviewing

Using git

Checkout this PR locally:
$ git fetch https://git.openjdk.org/jdk11u-dev.git pull/3007/head:pull/3007
$ git checkout pull/3007

Update a local copy of the PR:
$ git checkout pull/3007
$ git pull https://git.openjdk.org/jdk11u-dev.git pull/3007/head

Using Skara CLI tools

Checkout this PR locally:
$ git pr checkout 3007

View PR using the GUI difftool:
$ git pr show -t 3007

Using diff file

Download this PR as a diff file:
https://git.openjdk.org/jdk11u-dev/pull/3007.diff

Using Webrev

Link to Webrev Comment

[bridgekeeper]

👋 Welcome back rmarchenko! A progress list of the required criteria for merging this PR into master will be added to the body of your pull request. There are additional pull request commands available for use with this pull request.

[openjdk]

@wkia This change now passes all automated pre-integration checks.

After integration, the commit message for the final commit will be:

8309841: Jarsigner should print a warning if an entry is removed

Reviewed-by: abakhtin, andrew

You can use pull request commands such as /summary, /contributor and /issue to adjust it as needed.

At the time when this comment was updated there had been 5 new commits pushed to the master branch:

• bf78d9b: 8339728: [Accessibility,Windows,JAWS] Bug in the getKeyChar method of the AccessBridge class
• 624cef6: 8351099: Bump update version of OpenJDK: 11.0.28
• 8785172: 8026976: ECParameters, Point does not match field size
• 289644a: 8346887: DrawFocusRect() may cause an assertion failure
• ea3a0e4: 8328957: Update PKCS11Test.java to not use hardcoded path

Please see this link for an up-to-date comparison between the source branch of this pull request and the master branch.
As there are no conflicts, your changes will automatically be rebased on top of these commits when integrating. If you prefer to avoid this automatic rebasing, please check the documentation for the /integrate command for further details.

As you do not have Committer status in this project an existing Committer must agree to sponsor your change. Possible candidates are the reviewers of this PR (@alexeybakhtin, @gnu-andrew) but any other Committer may sponsor as well.

➡️ To flag this PR as ready for integration with the above commit message, type /integrate in a new comment. (Afterwards, your sponsor types /sponsor in a new comment to perform the integration).

[openjdk]

This backport pull request has now been updated with issue from the original commit.

[mlbridge]

Webrevs

• 01: Full - Incremental (49da1bb0)
• 00: Full (675ca9a0)

[wkia]

The test serviceability/sa/ClhsdbFindPC.java#id1 fails on Mac with timeout. I don't think it is related to the change.

[alexeybakhtin]

Thank you for the backport. LGTM

[openjdk]

⚠️ @wkia This change is now ready for you to apply for maintainer approval. This can be done directly in each associated issue or by using the /approval command.

[wkia]

/approval request I'd like to backport this to 11u-dev. We need this fix in jdk11 and below, down to jdk8, as all versions have this issue with jarsigner. Original patch does not apply cleanly to jdk11, some minor conflicts resolved, tests adapted. New tests successfully ran locally on Linux, x86_64.

[openjdk]

@wkia
8309841: The approval request has been created successfully.

[gnu-andrew]

The test serviceability/sa/ClhsdbFindPC.java#id1 fails on Mac with timeout. I don't think it is related to the change.

I agree. I've just seen the same failure on another 11u PR.

[gnu-andrew]

Backport looks good. The different hasNonexistentEntries handling seems consistent with the lack of JDK-8250586 in 11u. EdDSA support was only added in OpenJDK 16 by JDK-8242068.

I couldn't see the _ replacement mentioned. Was this backport based on the 17u version?

[gnu-andrew]

/approve yes

[openjdk]

@gnu-andrew
8309841: The approval request has been approved.

[wkia]

/integrate

[openjdk]

@wkia
Your change (at version 49da1bb) is now ready to be sponsored by a Committer.

[wkia]

_ replacement

It was done with the first commit as well as resolving conflicts, and replacing the absent alg with RSA.