
huangapple 未分类评论47阅读模式

Cannot package signed Java security providers with JMOD



> 不能将已签名的提供程序打包到JMOD文件中


> 仅提供那些提供Cipher、KeyAgreement、KeyGenerator、Mac或SecretKeyFactory实例的提供程序必须签名。如果您的提供程序只提供SecureRandom、MessageDigest、Signature、KeyStore等实例,则不需要对提供程序进行签名。

我尝试使用JDK 11版本开发此提供程序,该版本使用.jmod文件来替代.jar文件。

我还查看了标准安全策略使用的函数,并且其中许多函数使用Cipher、KeyAgreement、KeyGenerator、Mac或SecretKeyFactory,但在我使用的JDK 11中以某种方式打包为.jmod格式。



I'm reading this documentation about implementing a provider in the Java cryptography architecture and it states that

> You cannot package signed providers in JMOD files

The article also states:

> Only providers that supply instances of Cipher, KeyAgreement, KeyGenerator, Mac, or SecretKFactory must be signed. If your provider only supplies instances of SecureRandom, MessageDigest, Signature, KeyStore, etc., the provider does not need to be signed.

I am trying to develop this provider using the JDK 11 version, which makes use of .jmod files in replacement of .jar files.

And I was looking at the functions used by the standard security policies
and many of them use Cipher, KeyAgreement, KeyGenerator, Mac, or SecretKeyFactory, but are somehow packaged into .jmod format in the JDK 11 I'm using.

Can anyone explain this further?


得分: 1


在JDK中打包的jmod文件中的提供程序未经过“签名”,因为jmod不支持签名。如果您使用jmod list检查.jmod文件,您将不会找到任何.SF签名文件。

我正在尝试使用JDK 11版本开发此提供程序,该版本使用.jmod文件来替代.jar文件。










The providers in the jmod files packaged in the JDK are not 'signed', because jmods don't support signing. If you inspect the .jmod files with jmod list you will not find any .SF signature files for instance.

> I am trying to develop this provider using the JDK 11 version, which makes use of .jmod files in replacement of .jar files.

Note that .jmod files are not full replacements for jar files. jmod files are link-only artifacts. From the jmod doc:

> The JMOD file format lets you aggregate files other than .class files, metadata, and resources. This format is transportable but not executable, which means that you can use it during compile time or link time but not at run time.

In other words, the jmod files bundled with the JDK are not loaded directly for execution, but are instead meant to be fed to tools such as jlink, which pull them apart and re-package them. This re-packaging would invalidate any signature hashes any ways, so there is less reason why jmod files need to support signing.

If you want to distribute custom providers, you will have to distribute them using jar files, and then sign those jar files. Whether the signing is required when loading the providers depends on the JDK distribution.

Note that the JDK's own providers are not loaded from the bundled jmod files, but from an implementation specific archive whose validity is verified using another mechanism.

Using jmod files is only necessary if you want to package native libraries into an archive, and then distribute that archive. In that case, your users would have to re-package and then re-sign whatever artifact they end up generating based the jmod files.

If you don't need to distribute native libraries, my advice would be to distribute .jar files instead, which can be signed with jarsigner and then used for execution directly. As also stated in the jmod doc:

> Note: For most development tasks, including deploying modules on the module path or publishing them to a Maven repository, continue to package modules in modular JAR files. The jmod tool is intended for modules that have native libraries or other configuration files or for modules that you intend to link, with the jlink tool, to a runtime image.

  • 本文由 发表于 2020年7月24日 05:00:00
  • 转载请务必保留本文链接:https://java.coder-hub.com/63063042.html



:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:
