Mercurial > hg > openjdk > jdk6 > jdk

changeset 1517:a3dbfca8bb8f

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
7030174: Jarsigner should accept TSACert with an HTTPS id-ad-timeStamping SIA Reviewed-by: xuelei
author weijun
date Thu, 24 Mar 2011 16:16:22 +0800
parents a46afd6fb2d3
children 501b5d0a5fc5
files src/share/classes/sun/security/tools/jarsigner/TimestampedSigner.java
diffstat 1 files changed, 4 insertions(+), 3 deletions(-) [+]
line wrap: on
line diff
--- a/src/share/classes/sun/security/tools/jarsigner/TimestampedSigner.java	Fri Apr 16 10:13:23 2010 +0800
+++ b/src/share/classes/sun/security/tools/jarsigner/TimestampedSigner.java	Thu Mar 24 16:16:22 2011 +0800
@@ -251,10 +251,10 @@
      * (<a href="http://www.ietf.org/rfc/rfc3280.txt">RFC 3280</a>).
      * The extension's <tt>accessMethod</tt> field should contain the object
      * identifier defined for timestamping: 1.3.6.1.5.5.7.48.3 and its
-     * <tt>accessLocation</tt> field should contain an HTTP URL.
+     * <tt>accessLocation</tt> field should contain an HTTP or HTTPS URL.
      *
      * @param tsaCertificate An X.509 certificate for the TSA.
-     * @return An HTTP URL or null if none was found.
+     * @return An HTTP or HTTPS URL or null if none was found.
      */
     public static String getTimestampingUrl(X509Certificate tsaCertificate) {
 
@@ -281,7 +281,8 @@
                     location = description.getAccessLocation();
                     if (location.getType() == GeneralNameInterface.NAME_URI) {
                         uri = (URIName) location.getName();
-                        if (uri.getScheme().equalsIgnoreCase("http")) {
+                        if (uri.getScheme().equalsIgnoreCase("http") ||
+                                uri.getScheme().equalsIgnoreCase("https")) {
                             return uri.getName();
                         }
                     }