Mercurial > hg > openjdk > jdk6 > jdk
changeset 1517:a3dbfca8bb8f
7030174: Jarsigner should accept TSACert with an HTTPS id-ad-timeStamping SIA
Reviewed-by: xuelei
author | weijun |
---|---|
date | Thu, 24 Mar 2011 16:16:22 +0800 |
parents | a46afd6fb2d3 |
children | 501b5d0a5fc5 |
files | src/share/classes/sun/security/tools/jarsigner/TimestampedSigner.java |
diffstat | 1 files changed, 4 insertions(+), 3 deletions(-) [+] |
line wrap: on
line diff
--- a/src/share/classes/sun/security/tools/jarsigner/TimestampedSigner.java Fri Apr 16 10:13:23 2010 +0800 +++ b/src/share/classes/sun/security/tools/jarsigner/TimestampedSigner.java Thu Mar 24 16:16:22 2011 +0800 @@ -251,10 +251,10 @@ * (<a href="http://www.ietf.org/rfc/rfc3280.txt">RFC 3280</a>). * The extension's <tt>accessMethod</tt> field should contain the object * identifier defined for timestamping: 1.3.6.1.5.5.7.48.3 and its - * <tt>accessLocation</tt> field should contain an HTTP URL. + * <tt>accessLocation</tt> field should contain an HTTP or HTTPS URL. * * @param tsaCertificate An X.509 certificate for the TSA. - * @return An HTTP URL or null if none was found. + * @return An HTTP or HTTPS URL or null if none was found. */ public static String getTimestampingUrl(X509Certificate tsaCertificate) { @@ -281,7 +281,8 @@ location = description.getAccessLocation(); if (location.getType() == GeneralNameInterface.NAME_URI) { uri = (URIName) location.getName(); - if (uri.getScheme().equalsIgnoreCase("http")) { + if (uri.getScheme().equalsIgnoreCase("http") || + uri.getScheme().equalsIgnoreCase("https")) { return uri.getName(); } }