Carrot2

Exception when opening the Plug-in Details window from the About box

Details

  • Description:
    Hide

    This happens only on the downloaded Workbench, runs fine from Eclipse.

    1. On Windows XP, open Workbench
    2. Open the About box and click Plug-in details and the following exception will be thrown:

    java.lang.SecurityException: Either the manfiest file or the signature file has been tampered in this bundle: F:\download\workbench\plugins\org.eclipse.core.runtime.compatibility.registry_3.2.100.v20070316.jar
    at org.eclipse.osgi.internal.verifier.SignedBundleFile.verifyManifestAndSingatureFile(SignedBundleFile.java:98)
    at org.eclipse.osgi.internal.verifier.SignedBundleFile.processSigner(SignedBundleFile.java:537)
    at org.eclipse.osgi.internal.verifier.SignedBundleFile.setBundleFile(SignedBundleFile.java:473)
    at org.eclipse.osgi.internal.verifier.SignedBundleHook.getVerifier(SignedBundleHook.java:165)
    at org.eclipse.osgi.internal.verifier.SignedBundleHook.getVerifier(SignedBundleHook.java:177)
    at org.eclipse.ui.internal.about.AboutBundleData.isSigned(AboutBundleData.java:107)
    at org.eclipse.ui.internal.dialogs.AboutPluginsDialog$2.run(AboutPluginsDialog.java:105)
    at org.eclipse.core.internal.jobs.Worker.run(Worker.java:55)

    Show
    This happens only on the downloaded Workbench, runs fine from Eclipse. 1. On Windows XP, open Workbench 2. Open the About box and click Plug-in details and the following exception will be thrown: java.lang.SecurityException: Either the manfiest file or the signature file has been tampered in this bundle: F:\download\workbench\plugins\org.eclipse.core.runtime.compatibility.registry_3.2.100.v20070316.jar at org.eclipse.osgi.internal.verifier.SignedBundleFile.verifyManifestAndSingatureFile(SignedBundleFile.java:98) at org.eclipse.osgi.internal.verifier.SignedBundleFile.processSigner(SignedBundleFile.java:537) at org.eclipse.osgi.internal.verifier.SignedBundleFile.setBundleFile(SignedBundleFile.java:473) at org.eclipse.osgi.internal.verifier.SignedBundleHook.getVerifier(SignedBundleHook.java:165) at org.eclipse.osgi.internal.verifier.SignedBundleHook.getVerifier(SignedBundleHook.java:177) at org.eclipse.ui.internal.about.AboutBundleData.isSigned(AboutBundleData.java:107) at org.eclipse.ui.internal.dialogs.AboutPluginsDialog$2.run(AboutPluginsDialog.java:105) at org.eclipse.core.internal.jobs.Worker.run(Worker.java:55)

Activity

Ascending order - Click to sort in descending order
Hide
Permalink
Dawid Weiss added a comment - 20/Sep/08 01:24 PM

Seems like these JAR files indeed have incorrect signatures, mine shows:

D:_tmp>c:\java\sun-jdk-1.6.0_06\bin\jarsigner.exe -verify org.apache.ant_1.7.0.v200706080842.jar
jarsigner: java.lang.SecurityException: Invalid signature file digest for Manifest main attributes

Perhaps they are re-packed during the build or something?

Show
Dawid Weiss added a comment - 20/Sep/08 01:24 PM Seems like these JAR files indeed have incorrect signatures, mine shows: D:_tmp>c:\java\sun-jdk-1.6.0_06\bin\jarsigner.exe -verify org.apache.ant_1.7.0.v200706080842.jar jarsigner: java.lang.SecurityException: Invalid signature file digest for Manifest main attributes Perhaps they are re-packed during the build or something?
Hide
Permalink
Dawid Weiss added a comment - 21/Sep/08 01:34 PM

I think I know why this happens – it's because our feature definition declares pack="true" for certain plugins that come unpacked in the target platform definition. When these are packed, the signature is somehow mangled. I'm investigating.

Show
Dawid Weiss added a comment - 21/Sep/08 01:34 PM I think I know why this happens – it's because our feature definition declares pack="true" for certain plugins that come unpacked in the target platform definition. When these are packed, the signature is somehow mangled. I'm investigating.
Hide
Permalink
Dawid Weiss added a comment - 21/Sep/08 02:26 PM

Fixed in trunk.

Show
Dawid Weiss added a comment - 21/Sep/08 02:26 PM Fixed in trunk.

People

Dates

  • Created:
    26/Jul/08 12:24 AM
    Updated:
    21/Sep/08 02:26 PM
    Resolved:
    21/Sep/08 02:26 PM
Atlassian JIRA (v4.1#519) | Report a problem | Request a feature | Contact administrators
Powered by a free Atlassian JIRA open source license for Carrot2. Try JIRA - bug tracking software for your team.