[icedtea-web] RFC: PR771: IcedTea-Web certificate verification code does not use the right API
Danesh Dadachanji
ddadacha at redhat.com
Tue Aug 9 14:27:35 PDT 2011
Hi,
Looks good to me. Tested it with a few JNLPs from the IcedTea-Web-Tests
wiki page too.
Okay for HEAD.
Regards,
Danesh
On 09/08/11 05:18 PM, Deepak Bhole wrote:
> Hi,
>
> Attached patch fixes an issue Danesh found whereby certificates using
> a different signature algorithm than the certificate in the store are
> marked untrusted even when they shouldn't be.
>
> Okay for HEAD?
>
> ChangeLog:
> 2011-08-09 Deepak Bhole<dbhole at redhat.com>
>
> PR771: IcedTea-Web certificate verification code does not use the right
> API
> * netx/net/sourceforge/jnlp/security/CertificateUtils.java
> (inKeyStores): Use Certificate.verify to correctly verify a certificate
> against a public key in the store.
>
> Cheers,
> Deepak
More information about the distro-pkg-dev
mailing list