RFR 8180289: jarsigner treats timestamped signed jar invalid after the signer cert expires
Weijun Wang
weijun.wang at oracle.com
Thu Oct 19 07:11:14 UTC 2017
Please review the fix at
http://cr.openjdk.java.net/~weijun/8180289/webrev.00/
The code change contains:
- Fix the bug by passing the timestamp to Validator::validate.
- CertPath validation on timestamp signer cert and related warning messages
- Output change: "chain not validated" -> "invalid chain". Otherwise it looks jarsigner has not validated them.
Thanks
Max
More information about the security-dev
mailing list