archive/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2025-08-26 22:34:27 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

8180289: jarsigner treats timestamped signed jar invalid after the signer cert expires

Browse source 
Reviewed-by: mullan
This commit is contained in:
Weijun Wang 2017-10-27 21:11:15 +08:00
parent 2dfe7fb8ab
commit 69db146335
10 changed files with 484 additions and 209 deletions
Download patch file Download diff file Expand all files Collapse all files

3
src/java.base/share/classes/sun/security/util/SignatureFileVerifier.java
View file

@ -724,7 +724,8 @@ public class SignatureFileVerifier {
if (signers == null) {
signers = new ArrayList<>();
}
// Append the new code signer
// Append the new code signer. If timestamp is invalid, this
// jar will be treated as unsigned.
signers.add(new CodeSigner(certChain, info.getTimestamp()));
if (debug != null) {