diff --git a/src/jdk.jpackage/macosx/classes/jdk/jpackage/internal/SigningIdentityBuilder.java b/src/jdk.jpackage/macosx/classes/jdk/jpackage/internal/SigningIdentityBuilder.java index 119d7797453..bf8f1519fe1 100644 --- a/src/jdk.jpackage/macosx/classes/jdk/jpackage/internal/SigningIdentityBuilder.java +++ b/src/jdk.jpackage/macosx/classes/jdk/jpackage/internal/SigningIdentityBuilder.java @@ -113,14 +113,16 @@ final class SigningIdentityBuilder { final var signingIdentityNames = certificateSelector.signingIdentities(); + // Look up for the exact match. var matchingCertificates = mappedCertficates.stream().filter(e -> { return signingIdentityNames.contains(e.getKey()); }).map(Map.Entry::getValue).toList(); if (matchingCertificates.isEmpty()) { + // No exact matches found, look up for substrings. matchingCertificates = mappedCertficates.stream().filter(e -> { return signingIdentityNames.stream().anyMatch(filter -> { - return filter.startsWith(e.getKey()); + return e.getKey().startsWith(filter); }); }).map(Map.Entry::getValue).toList(); } diff --git a/test/jdk/tools/jpackage/macosx/MacSignTest.java b/test/jdk/tools/jpackage/macosx/MacSignTest.java index f5f8b3825cc..014fbc84548 100644 --- a/test/jdk/tools/jpackage/macosx/MacSignTest.java +++ b/test/jdk/tools/jpackage/macosx/MacSignTest.java @@ -184,6 +184,7 @@ public class MacSignTest { @Test @ParameterSupplier + @ParameterSupplier("testSelectSigningIdentity_JDK_8371094") public static void testSelectSigningIdentity(String signingKeyUserName, CertificateRequest certRequest) { MacSign.withKeychain(keychain -> { @@ -207,6 +208,12 @@ public class MacSignTest { }).toList(); } + public static Collection testSelectSigningIdentity_JDK_8371094() { + return List.of(new Object[] { + "ACME Technologies Limited", SigningBase.StandardCertificateRequest.CODESIGN_ACME_TECH_LTD.spec() + }); + } + enum SignOption { EXPIRED_SIGNING_KEY_USER_NAME("--mac-signing-key-user-name", SigningBase.StandardCertificateRequest.CODESIGN_EXPIRED.spec(), true, false), EXPIRED_SIGNING_KEY_USER_NAME_PKG("--mac-signing-key-user-name", SigningBase.StandardCertificateRequest.PKG_EXPIRED.spec(), true, false), diff --git a/test/jdk/tools/jpackage/macosx/base/SigningBase.java b/test/jdk/tools/jpackage/macosx/base/SigningBase.java index 1e38f9b0c29..b1a709c9cf0 100644 --- a/test/jdk/tools/jpackage/macosx/base/SigningBase.java +++ b/test/jdk/tools/jpackage/macosx/base/SigningBase.java @@ -68,6 +68,7 @@ public class SigningBase { public enum StandardCertificateRequest { CODESIGN(cert().userName(DEV_NAMES[CertIndex.ASCII_INDEX.value()])), CODESIGN_COPY(cert().days(100).userName(DEV_NAMES[CertIndex.ASCII_INDEX.value()])), + CODESIGN_ACME_TECH_LTD(cert().days(100).userName("ACME Technologies Limited (ABC12345)")), PKG(cert().type(CertificateType.INSTALLER).userName(DEV_NAMES[CertIndex.ASCII_INDEX.value()])), PKG_COPY(cert().type(CertificateType.INSTALLER).days(100).userName(DEV_NAMES[CertIndex.ASCII_INDEX.value()])), CODESIGN_UNICODE(cert().userName(DEV_NAMES[CertIndex.UNICODE_INDEX.value()])), @@ -101,7 +102,8 @@ public class SigningBase { StandardCertificateRequest.CODESIGN, StandardCertificateRequest.PKG, StandardCertificateRequest.CODESIGN_UNICODE, - StandardCertificateRequest.PKG_UNICODE), + StandardCertificateRequest.PKG_UNICODE, + StandardCertificateRequest.CODESIGN_ACME_TECH_LTD), /** * A keychain with some good and some expired certificates. */