summaryrefslogtreecommitdiffstats
path: root/make/Manifest-rt-alt
Commit message (Collapse)AuthorAgeFilesLines
* Bug 1369: SCC: Hide SHA Algorithm bit size in literals of SpecificationSven Gothel2019-04-031-5/+5
| | | | | Implementation currently uses 256 bit Secure Hash (SHA) algorithm, but this may change in the future. Hence only use 'SHA' in the names, not 'SHA256'.
* Bug 1369: Source Certification Contract (SCC): Initial SHA256 fingerprint & ↵Sven Gothel2019-04-031-0/+5
| | | | | | | | | | | | | | | | | | | | | runtime validation This change implements a strong SHA256 signature over: 1) source tree inclusive make recipe (SHA256-Source) 2) all class files (SHA256-Classes) 3) all native libraries (SHA256-Natives) 4) the class files as deployed in the jar (SHA256-Classes-this) 5) the native libraries as deployed in the jar (SHA256-Natives-this) and drops all of these in the deployed Jar file. This allows SHA256 validation of (4) + (5) at runtime and further complete validation (1), (2) and (3) offline. Full SCC would now required (1) - (3) to be placed on a server for further validation. Optionally we may use GPG <https://gnupg.org/> or PGP to validate the build entity to implement the chain of trust <https://en.wikipedia.org/wiki/Chain_of_trust> The SHA256 runtime validation is tested via: com.jogamp.common.util.TestVersionInfo
* build/test: Add ant-junit4.jar to classpath; Add experimental gluegen-rt-alt ↵Sven Gothel2014-05-091-0/+19
recipe (inactive); Misc ..