Mercurial Mercurial > jdk-sandbox / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
8024659: Clarify JarFile API
authorweijun
Thu, 19 Sep 2013 10:41:29 +0800
changeset 22316 5668a8abf212
parent 22315 529f1cc322fc
child 22318 5df7062f4a68
8024659: Clarify JarFile API Reviewed-by: mullan, ahgross
jdk/src/share/classes/java/util/jar/JarFile.java file | annotate | diff | comparison | revisions 
--- a/jdk/src/share/classes/java/util/jar/JarFile.java	Thu Sep 19 10:40:16 2013 +0800
+++ b/jdk/src/share/classes/java/util/jar/JarFile.java	Thu Sep 19 10:41:29 2013 +0800
@@ -53,6 +53,13 @@
  * or method in this class will cause a {@link NullPointerException} to be
  * thrown.
  *
+ * If the verify flag is on when opening a signed jar file, the content of the
+ * file is verified against its signature embedded inside the file. Please note
+ * that the verification process does not include validating the signer's
+ * certificate. A caller should inspect the return value of
+ * {@link JarEntry#getCodeSigners()} to further determine if the signature
+ * can be trusted.
+ *
  * @author  David Connelly
  * @see     Manifest
  * @see     java.util.zip.ZipFile
jdk-sandbox