Fix class signature verification error for multi-release jars. Closes #3

MinecraftForge · May 3, 2024 · 7af75d3 · 7af75d3
1 parent fb48e11
commit 7af75d3
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 1 deletion.
diff --git a/sm-test/src/test/java/net/minecraftforge/securemodules/test/TestClassLoader.java b/sm-test/src/test/java/net/minecraftforge/securemodules/test/TestClassLoader.java
@@ -175,7 +175,6 @@ public static void testTamperedBoot() throws Exception {
      * Make sure that we can validate the Multi-Release jar's contents
      */
     @Test // Multi-Release jar is signed
-    @Disabled
     void testMultiRelease() throws Exception {
         boot("testMultiReleaseBoot");
     }

diff --git a/src/main/java/cpw/mods/jarhandling/impl/Jar.java b/src/main/java/cpw/mods/jarhandling/impl/Jar.java
@@ -227,6 +227,9 @@ public synchronized CodeSigner[] verifyAndGetSigners(String name, byte[] bytes)
         if (!hasSecurityData())
             return null;
 
+        // If we're a multi-release jar we need to be sure to check the correct entry.
+        name = this.nameOverrides.getOrDefault(name, name);
+
         var data = statusData.get(name);
         if (data != null)
             return data.signers();