code review request: 7149012: jarsigner needs not warn about cert expiration if the jar has a TSA timestamp (original) (raw)
Xuelei Fan Xuelei.Fan at Oracle.COM
Wed Feb 29 15:32:46 UTC 2012
- Previous message (by thread): code review request: 7149012: jarsigner needs not warn about cert expiration if the jar has a TSA timestamp
- Next message (by thread): hg: jdk8/tl/jdk: 7110104: It should be possible to stop and start JMX Agent at runtime
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
So far, I only have a very minor comment:
The block from line 875 to 880 is a little overlapped with lines 884 to 889. Is it possible to improve the code?
I'm not sure whether it is better to not-show the warning for timestamped signatures with expired certificates. Need more time to understand the scenarios of time-stamping in JarSigner. Does the validity of TSA certificate is also checked?
Xuelei
On 2/27/2012 3:00 PM, Weijun Wang wrote:
Hi All
Please take a look at this code change: http://cr.openjdk.java.net/~weijun/7149012/webrev.00/ Jarsigner will not print a warning if the signer cert is expired but a timestamp shows the jar was signed before the expiration date. Another change is that the chainNotValidated flag now does not cover hasExpiredCert and notYetValidCert anymore. The result is that when trying to sign (or verify) with an expired cert, instead of the duplicated and somewhat confusing The signer certificate has expired. The signer's certificate chain is not validated. warnings, user will only see The signer certificate has expired. User will still see the chainNotValidated warning if the CertPath is not validated because of other reasons. On the other hand, since these 3 flags share the same exit code (4), users will not notice the exit code change when -strict is on. There is no regression test added to the openjdk repository because it's not easy to generate a timestamp with an old date. I have found an old signed jar with a timestamp and signed by a now-expired cert. I will include these binary files into the jdk/test/closed repository and the test is a simple "jarsigner -verify -strict" call. Thanks Max -------- Original Message -------- Change Request ID: 7149012 Synopsis: jarsigner needs not warn about cert expiration if the jar has a TSA timestamp === Description ============================================================ If the cert used to sign a jar is expired, jarsigner will print out a warning, and if -strict is specified, exits with an error. However, if there is a TSA timestamp attached to the jar (and the timestamp is shown to be before the expiration), it's completely valid and jarsigner should not report any warning or error.
- Previous message (by thread): code review request: 7149012: jarsigner needs not warn about cert expiration if the jar has a TSA timestamp
- Next message (by thread): hg: jdk8/tl/jdk: 7110104: It should be possible to stop and start JMX Agent at runtime
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]