RFR[15] JDK-8238452 : Keytool generates wrong expiration date if validity is set to 2050/01/01

Ravi Reddy ravi.k.reddy at oracle.com
Wed Feb 26 09:54:21 UTC 2020

Hello All,


Could you please review this patch. This patch fixes the "Keytool generates wrong expiration date if validity is set to 2050/01/01".


This Issue was introduced with fix for https://bugs.openjdk.java.net/browse/JDK-4086008 in jdk-1.2.

In the fix YR_2050 variable which is introduced to check if the date is JAN01 00:00 2050 GMT has been set to wrong value JAN01 00:00 2050 PST.

In certificate notBefore and notAfter time are set to either UTC or Generalized time depending on whether time is less than YR_2050 or greater. Since the value of YR_2050 is set wrongly , there is an issue in certificate time also.


Webrev: http://cr.openjdk.java.net/~pkoppula/ravire/8238452/webrev.00/

Issue: https://bugs.openjdk.java.net/browse/JDK-8238452




-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.java.net/pipermail/security-dev/attachments/20200226/f81bc259/attachment.htm>

More information about the security-dev mailing list