1369 2019-04-03 05:54:06 +0200 SCC: Implement basic Secure Hash (SHA256) build time signatures & runtime validation 2019-04-03 22:11:57 +0200 1 1 3 JogAmp Gluegen core 2.4.0 All all RESOLVED FIXED P4 normal --- 1367 1368 1 sgothel sgothel FEATURE gluegen 00ad70b3bd7f8859c710039857aa7da17a29b3d7 gluegen 234bd58643e83aa7d34d752de3e98d6ae84cba3d gluegen 302599570c04bae0d96e3b20981fab1ffcaf61ae --- oldest_to_newest 6189 0 sgothel 2019-04-03 05:54:06 +0200 Part of: Source Certification Contract (SCC), see bug 1368. Previously we have added the git-commit-sha in the deployed Jar Manifest, allowing to identify the originating source of the build via our git repository. For full fledged SCC, we shall utilize a strong SHA256 signature over: 1) source tree inclusive make recipe (SHA256-Source) 2) all class files (SHA256-Classes) 3) all native libraries (SHA256-Natives) 4) the class files as deployed in the jar (SHA256-Classes-this) 5) the native libraries as deployed in the jar (SHA256-Natives-this) and drop all these SHA256 values in the deployed Jar file. This will allow SHA256 validation of (4) + (5) at runtime and further complete validation (1), (2) and (3) offline. Full SCC would now required (1) - (3) to be placed on a server for further validation. Optionally we may use GPG <https://gnupg.org/> or PGP to validate the build entity to implement the chain of trust <https://en.wikipedia.org/wiki/Chain_of_trust> The SHA256 runtime validation shall be proven via (a) unit test(s). 6190 1 sgothel 2019-04-03 06:09:29 +0200 Implemented in GlueGen as described. Tested on Linux, MacOSX and Windows. Computed SHA256 is cross platform universal. TODO: Adopt build-time and runtime test for JOAL, JOGL and JOCL 6192 2 sgothel 2019-04-03 22:11:57 +0200 Further fixes and cleaning up. Having the first module implementation as clean as possible shall reduce adaption work in our other modules. Hide SHA Algorithm bit size in literals of Specification - 234bd58643e83aa7d34d752de3e98d6ae84cba3d Clarify & fix build dependencies in build.xml - 302599570c04bae0d96e3b20981fab1ffcaf61ae