Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
openanolis
dragonwell8_jdk
提交
b51dd8fc
D
dragonwell8_jdk
项目概览
openanolis
/
dragonwell8_jdk
通知
4
Star
2
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
D
dragonwell8_jdk
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
提交
b51dd8fc
编写于
14年前
作者:
W
weijun
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
6890876: jarsigner can add CRL info into signed jar
Reviewed-by: mullan
上级
726b88f9
master
8.0-preview
v8.2.2-GA
v8.1.1-GA
v8.0.0_GA
v8.0.0-GA
jdk8u252-b06
jdk8u252-b05
jdk8u252-b04
jdk8u252-b03
jdk8u252-b02
jdk8u252-b01
jdk8u252-b00
jdk8u242-ga
jdk8u242-b08
jdk8u242-b07
jdk8u242-b06
jdk8u242-b05
jdk8u242-b04
jdk8u242-b03
jdk8u242-b02
jdk8u242-b01
jdk8u242-b00
jdk8u232-ga
jdk8u232-b09
jdk8u232-b08
jdk8u232-b07
jdk8u232-b06
jdk8u232-b05
jdk8u232-b04
jdk8u232-b03
jdk8u232-b02
jdk8u232-b01
jdk8u232-b00
jdk8u222-ga
jdk8u222-b10
jdk8u222-b09
jdk8u222-b08
jdk8u222-b07
jdk8u222-b06
jdk8u222-b05
jdk8u222-b04
jdk8u222-b03
jdk8u222-b02
jdk8u222-b01
jdk8u222-b00
jdk8u212-ga
jdk8u212-b04
jdk8u212-b03
jdk8u212-b02
jdk8u212-b01
jdk8u212-b00
jdk8u202-ga
jdk8u202-b26
jdk8u202-b25
jdk8u202-b08
jdk8u202-b07
jdk8u202-b06
jdk8u202-b05
jdk8u202-b04
jdk8u202-b03
jdk8u202-b02
jdk8u202-b01
jdk8u202-b00
jdk8u201-ga
jdk8u201-b79
jdk8u201-b77
jdk8u201-b76
jdk8u201-b75
jdk8u201-b74
jdk8u201-b26
jdk8u201-b25
jdk8u201-b09
jdk8u201-b08
jdk8u201-b07
jdk8u201-b06
jdk8u201-b05
jdk8u201-b04
jdk8u201-b03
jdk8u201-b02
jdk8u201-b01
jdk8u201-b00
jdk8u192-b26
jdk8u192-b25
jdk8u192-b12
jdk8u192-b11
jdk8u192-b10
jdk8u192-b09
jdk8u192-b08
jdk8u192-b07
jdk8u192-b06
jdk8u192-b05
jdk8u192-b04
jdk8u192-b03
jdk8u192-b02
jdk8u192-b01
jdk8u192-b00
jdk8u191-b26
jdk8u191-b25
jdk8u191-b12
jdk8u191-b11
jdk8u191-b10
jdk8u191-b09
jdk8u191-b08
jdk8u191-b07
jdk8u191-b06
jdk8u191-b05
jdk8u191-b04
jdk8u191-b03
jdk8u191-b02
jdk8u191-b01
jdk8u191-b00
jdk8u182-b00
jdk8u181-b37
jdk8u181-b36
jdk8u181-b35
jdk8u181-b34
jdk8u181-b33
jdk8u181-b32
jdk8u181-b31
jdk8u181-b13
jdk8u181-b12
jdk8u181-b11
jdk8u181-b10
jdk8u181-b09
jdk8u181-b08
jdk8u181-b07
jdk8u181-b06
jdk8u181-b05
jdk8u181-b04
jdk8u181-b03
jdk8u181-b02
jdk8u181-b01
jdk8u181-b00
jdk8u172-b37
jdk8u172-b36
jdk8u172-b35
jdk8u172-b34
jdk8u172-b33
jdk8u172-b32
jdk8u172-b31
jdk8u172-b11
jdk8u172-b10
jdk8u172-b09
jdk8u172-b08
jdk8u172-b07
jdk8u172-b06
jdk8u172-b05
jdk8u172-b04
jdk8u172-b03
jdk8u172-b02
jdk8u172-b01
jdk8u172-b00
jdk8u171-b11
jdk8u171-b10
jdk8u171-b09
jdk8u171-b08
jdk8u171-b07
jdk8u171-b06
jdk8u171-b05
jdk8u171-b04
jdk8u171-b03
jdk8u171-b02
jdk8u171-b01
jdk8u171-b00
jdk8u162-b38
jdk8u162-b37
jdk8u162-b36
jdk8u162-b35
jdk8u162-b34
jdk8u162-b33
jdk8u162-b32
jdk8u162-b31
jdk8u162-b12
jdk8u162-b11
jdk8u162-b10
jdk8u162-b09
jdk8u162-b08
jdk8u162-b07
jdk8u162-b06
jdk8u162-b05
jdk8u162-b04
jdk8u162-b03
jdk8u162-b02
jdk8u162-b01
jdk8u162-b00
jdk8u161-b12
jdk8u161-b11
jdk8u161-b10
jdk8u161-b09
jdk8u161-b08
jdk8u161-b07
jdk8u161-b06
jdk8u161-b05
jdk8u161-b04
jdk8u161-b03
jdk8u161-b02
jdk8u161-b01
jdk8u161-b00
jdk8u152-b35
jdk8u152-b34
jdk8u152-b33
jdk8u152-b32
jdk8u152-b31
jdk8u152-b16
jdk8u152-b15
jdk8u152-b14
jdk8u152-b13
jdk8u152-b12
jdk8u152-b11
jdk8u152-b10
jdk8u152-b09
jdk8u152-b08
jdk8u152-b07
jdk8u152-b06
jdk8u152-b05
jdk8u152-b04
jdk8u152-b03
jdk8u152-b02
jdk8u152-b01
jdk8u152-b00
jdk8u151-b12
jdk8u151-b11
jdk8u151-b10
jdk8u151-b09
jdk8u151-b08
jdk8u151-b07
jdk8u151-b06
jdk8u151-b05
jdk8u151-b04
jdk8u151-b03
jdk8u151-b02
jdk8u151-b01
jdk8u151-b00
jdk8u144-b34
jdk8u144-b33
jdk8u144-b32
jdk8u144-b31
jdk8u144-b01
jdk8u144-b00
jdk8u141-b32
jdk8u141-b31
jdk8u141-b15
jdk8u141-b14
jdk8u141-b13
jdk8u141-b12
jdk8u141-b11
jdk8u141-b10
jdk8u141-b09
jdk8u141-b08
jdk8u141-b07
jdk8u141-b06
jdk8u141-b05
jdk8u141-b04
jdk8u141-b03
jdk8u141-b02
jdk8u141-b01
jdk8u141-b00
jdk8u132-b00
jdk8u131-b34
jdk8u131-b33
jdk8u131-b32
jdk8u131-b31
jdk8u131-b11
jdk8u131-b10
jdk8u131-b09
jdk8u131-b08
jdk8u131-b07
jdk8u131-b06
jdk8u131-b05
jdk8u131-b04
jdk8u131-b03
jdk8u131-b02
jdk8u131-b01
jdk8u131-b00
jdk8u122-b04
jdk8u122-b03
jdk8u122-b02
jdk8u122-b01
jdk8u122-b00
jdk8u121-b36
jdk8u121-b35
jdk8u121-b34
jdk8u121-b33
jdk8u121-b32
jdk8u121-b31
jdk8u121-b13
jdk8u121-b12
jdk8u121-b11
jdk8u121-b10
jdk8u121-b09
jdk8u121-b08
jdk8u121-b07
jdk8u121-b06
jdk8u121-b05
jdk8u121-b04
jdk8u121-b03
jdk8u121-b02
jdk8u121-b01
jdk8u121-b00
jdk8u112-b33
jdk8u112-b32
jdk8u112-b31
jdk8u112-b16
jdk8u112-b15
jdk8u112-b14
jdk8u112-b13
jdk8u112-b12
jdk8u112-b11
jdk8u112-b10
jdk8u112-b09
jdk8u112-b08
jdk8u112-b07
jdk8u112-b06
jdk8u112-b04
jdk8u112-b03
jdk8u112-b02
jdk8u112-b01
jdk8u112-b00
jdk8u111-b14
jdk8u111-b13
jdk8u111-b12
jdk8u111-b11
jdk8u111-b10
jdk8u111-b09
jdk8u111-b08
jdk8u111-b07
jdk8u111-b06
jdk8u111-b05
jdk8u111-b04
jdk8u111-b03
jdk8u111-b02
jdk8u111-b01
jdk8u111-b00
jdk8u102-b35
jdk8u102-b34
jdk8u102-b33
jdk8u102-b32
jdk8u102-b31
jdk8u102-b14
jdk8u102-b13
jdk8u102-b12
jdk8u102-b11
jdk8u102-b10
jdk8u102-b09
jdk8u102-b08
jdk8u102-b07
jdk8u102-b06
jdk8u102-b05
jdk8u102-b04
jdk8u102-b03
jdk8u102-b02
jdk8u102-b01
jdk8u102-b00
jdk8u101-b13
jdk8u101-b12
jdk8u101-b11
jdk8u101-b10
jdk8u101-b09
jdk8u101-b08
jdk8u101-b07
jdk8u101-b06
jdk8u101-b05
jdk8u101-b04
jdk8u101-b03
jdk8u101-b02
jdk8u101-b01
jdk8u101-b00
jdk8u92-b34
jdk8u92-b33
jdk8u92-b32
jdk8u92-b31
jdk8u92-b14
jdk8u92-b13
jdk8u92-b00
jdk8u91-b15
jdk8u91-b14
jdk8u91-b13
jdk8u91-b00
jdk8u82-b00
jdk8u81-b00
jdk8u77-b31
jdk8u77-b03
jdk8u77-b02
jdk8u77-b01
jdk8u77-b00
jdk8u76-b12
jdk8u76-b11
jdk8u76-b10
jdk8u76-b09
jdk8u76-b08
jdk8u76-b07
jdk8u76-b06
jdk8u76-b05
jdk8u76-b04
jdk8u76-b03
jdk8u76-b02
jdk8u76-b01
jdk8u76-b00
jdk8u75-b12
jdk8u75-b10
jdk8u75-b09
jdk8u75-b08
jdk8u75-b07
jdk8u75-b06
jdk8u75-b05
jdk8u75-b04
jdk8u75-b03
jdk8u75-b02
jdk8u75-b01
jdk8u75-b00
jdk8u74-b32
jdk8u74-b31
jdk8u74-b02
jdk8u74-b01
jdk8u74-b00
jdk8u73-b02
jdk8u73-b01
jdk8u73-b00
jdk8u72-b31
jdk8u72-b15
jdk8u72-b14
jdk8u72-b13
jdk8u72-b12
jdk8u72-b11
jdk8u72-b10
jdk8u72-b09
jdk8u72-b08
jdk8u72-b07
jdk8u72-b06
jdk8u72-b05
jdk8u72-b04
jdk8u72-b03
jdk8u72-b02
jdk8u72-b01
jdk8u72-b00
jdk8u71-b15
jdk8u71-b14
jdk8u71-b13
jdk8u71-b12
jdk8u71-b11
jdk8u71-b10
jdk8u71-b09
jdk8u71-b08
jdk8u71-b07
jdk8u71-b06
jdk8u71-b05
jdk8u71-b04
jdk8u71-b03
jdk8u71-b02
jdk8u71-b01
jdk8u71-b00
jdk8u66-b36
jdk8u66-b35
jdk8u66-b34
jdk8u66-b33
jdk8u66-b32
jdk8u66-b31
jdk8u66-b18
jdk8u66-b17
jdk8u66-b16
jdk8u66-b15
jdk8u66-b14
jdk8u66-b13
jdk8u66-b12
jdk8u66-b11
jdk8u66-b10
jdk8u66-b09
jdk8u66-b08
jdk8u66-b07
jdk8u66-b02
jdk8u66-b01
jdk8u66-b00
jdk8u65-b17
jdk8u65-b16
jdk8u65-b15
jdk8u65-b14
jdk8u65-b13
jdk8u65-b12
jdk8u65-b11
jdk8u65-b10
jdk8u65-b09
jdk8u65-b08
jdk8u65-b07
jdk8u65-b06
jdk8u65-b05
jdk8u65-b04
jdk8u65-b03
jdk8u65-b02
jdk8u65-b01
jdk8u65-b00
jdk8u60-b32
jdk8u60-b31
jdk8u60-b27
jdk8u60-b26
jdk8u60-b25
jdk8u60-b24
jdk8u60-b23
jdk8u60-b22
jdk8u60-b21
jdk8u60-b20
jdk8u60-b19
jdk8u60-b18
jdk8u60-b17
jdk8u60-b16
jdk8u60-b15
jdk8u60-b14
jdk8u60-b13
jdk8u60-b12
jdk8u60-b11
jdk8u60-b10
jdk8u60-b09
jdk8u60-b08
jdk8u60-b07
jdk8u60-b06
jdk8u60-b05
jdk8u60-b04
jdk8u60-b03
jdk8u60-b02
jdk8u60-b01
jdk8u60-b00
jdk8u51-b34
jdk8u51-b33
jdk8u51-b32
jdk8u51-b31
jdk8u51-b16
jdk8u51-b15
jdk8u51-b14
jdk8u51-b13
jdk8u51-b12
jdk8u51-b11
jdk8u51-b10
jdk8u51-b09
jdk8u51-b08
jdk8u51-b07
jdk8u51-b06
jdk8u51-b05
jdk8u51-b04
jdk8u51-b03
jdk8u51-b02
jdk8u51-b01
jdk8u51-b00
jdk8u45-b37
jdk8u45-b36
jdk8u45-b35
jdk8u45-b34
jdk8u45-b33
jdk8u45-b32
jdk8u45-b31
jdk8u45-b15
jdk8u45-b14
jdk8u45-b13
jdk8u45-b12
jdk8u45-b11
jdk8u45-b10
jdk8u45-b09
jdk8u45-b08
jdk8u45-b07
jdk8u45-b06
jdk8u45-b05
jdk8u45-b04
jdk8u45-b03
jdk8u45-b02
jdk8u45-b01
jdk8u45-b00
jdk8u40-b33
jdk8u40-b32
jdk8u40-b31
jdk8u40-b27
jdk8u40-b26
jdk8u40-b25
jdk8u40-b24
jdk8u40-b23
jdk8u40-b22
jdk8u40-b21
jdk8u40-b20
jdk8u40-b19
jdk8u40-b18
jdk8u40-b17
jdk8u40-b16
jdk8u40-b15
jdk8u40-b14
jdk8u40-b13
jdk8u40-b12
jdk8u40-b11
jdk8u40-b10
jdk8u40-b09
jdk8u40-b08
jdk8u40-b07
jdk8u40-b06
jdk8u40-b05
jdk8u40-b04
jdk8u40-b03
jdk8u40-b02
jdk8u40-b01
jdk8u40-b00
jdk8u31-b34
jdk8u31-b33
jdk8u31-b32
jdk8u31-b31
jdk8u31-b15
jdk8u31-b14
jdk8u31-b13
jdk8u31-b12
jdk8u31-b11
jdk8u31-b10
jdk8u31-b09
jdk8u31-b08
jdk8u31-b07
jdk8u31-b06
jdk8u31-b05
jdk8u31-b04
jdk8u31-b03
jdk8u31-b02
jdk8u31-b01
jdk8u31-b00
jdk8u25-b33
jdk8u25-b32
jdk8u25-b31
jdk8u25-b18
jdk8u25-b17
jdk8u25-b16
jdk8u25-b15
jdk8u25-b14
jdk8u25-b13
jdk8u25-b12
jdk8u25-b11
jdk8u25-b10
jdk8u25-b09
jdk8u25-b08
jdk8u25-b07
jdk8u25-b06
jdk8u25-b05
jdk8u25-b04
jdk8u25-b03
jdk8u25-b02
jdk8u25-b01
jdk8u25-b00
jdk8u20-b32
jdk8u20-b31
jdk8u20-b26
jdk8u20-b25
jdk8u20-b24
jdk8u20-b23
jdk8u20-b22
jdk8u20-b21
jdk8u20-b20
jdk8u20-b19
jdk8u20-b18
jdk8u20-b17
jdk8u20-b16
jdk8u20-b15
jdk8u20-b14
jdk8u20-b13
jdk8u20-b12
jdk8u20-b11
jdk8u20-b10
jdk8u20-b09
jdk8u20-b08
jdk8u20-b07
jdk8u20-b06
jdk8u20-b05
jdk8u20-b04
jdk8u20-b03
jdk8u20-b02
jdk8u20-b01
jdk8u20-b00
jdk8u11-b31
jdk8u11-b12
jdk8u11-b11
jdk8u11-b10
jdk8u11-b09
jdk8u11-b08
jdk8u11-b07
jdk8u11-b06
jdk8u11-b05
jdk8u11-b04
jdk8u11-b03
jdk8u11-b02
jdk8u11-b01
jdk8u11-b00
jdk8u5-b31
jdk8u5-b13
jdk8u5-b12
jdk8u5-b11
jdk8u5-b10
jdk8u5-b09
jdk8u5-b08
jdk8u5-b07
jdk8u5-b06
jdk8u5-b05
jdk8u5-b04
jdk8u5-b03
jdk8u5-b02
jdk8u5-b01
jdk8-b132
jdk8-b131
jdk8-b130
jdk8-b129
jdk8-b128
jdk8-b127
jdk8-b126
jdk8-b125
jdk8-b124
jdk8-b123
jdk8-b122
jdk8-b121
jdk8-b120
jdk8-b119
jdk8-b118
jdk8-b117
jdk8-b116
jdk8-b115
jdk8-b114
jdk8-b113
jdk8-b112
jdk8-b111
jdk8-b110
jdk8-b109
jdk8-b108
jdk8-b107
jdk8-b106
jdk8-b105
jdk8-b104
jdk8-b103
jdk8-b102
jdk8-b101
jdk8-b100
jdk8-b99
jdk8-b98
jdk8-b97
jdk8-b96
jdk8-b95
jdk8-b94
jdk8-b93
jdk8-b92
jdk8-b91
jdk8-b90
jdk8-b89
jdk8-b88
jdk8-b87
jdk8-b86
jdk8-b85
jdk8-b84
jdk8-b83
jdk8-b82
jdk8-b81
jdk8-b80
jdk8-b79
jdk8-b78
jdk8-b77
jdk8-b76
jdk8-b75
jdk8-b74
jdk8-b73
jdk8-b72
jdk8-b71
jdk8-b70
jdk8-b69
jdk8-b68
jdk8-b67
jdk8-b66
jdk8-b65
jdk8-b64
jdk8-b63
jdk8-b62
jdk8-b61
jdk8-b60
jdk8-b59
jdk8-b58
jdk8-b57
jdk8-b56
jdk8-b55
jdk8-b54
jdk8-b53
jdk8-b52
jdk8-b51
jdk8-b50
jdk8-b49
jdk8-b48
jdk8-b47
jdk8-b46
jdk8-b45
jdk8-b44
jdk8-b43
jdk8-b42
jdk8-b41
jdk8-b40
jdk8-b39
jdk8-b38
jdk8-b37
jdk8-b36
jdk8-b35
jdk8-b34
jdk8-b33
jdk8-b32
jdk8-b31
jdk8-b30
jdk8-b29
jdk8-b28
jdk8-b27
jdk8-b26
jdk8-b25
jdk8-b24
jdk8-b23
jdk8-b22
jdk8-b21
jdk8-b20
jdk8-b19
jdk8-b18
jdk8-b17
jdk8-b16
jdk8-b15
jdk8-b14
jdk8-b13
jdk8-b12
jdk8-b11
jdk8-b10
jdk8-b09
jdk8-b08
jdk8-b07
jdk8-b06
jdk8-b05
jdk8-b04
jdk8-b03
jdk8-b02
jdk8-b01
jdk7-b147
jdk7-b146
jdk7-b145
jdk7-b144
jdk7-b143
jdk7-b142
jdk7-b141
jdk7-b140
jdk7-b139
jdk7-b138
jdk7-b137
jdk7-b136
jdk7-b135
jdk7-b134
jdk7-b133
jdk7-b132
jdk7-b131
jdk7-b130
jdk7-b129
jdk7-b128
jdk7-b127
jdk7-b126
jdk7-b125
jdk7-b124
jdk7-b123
jdk7-b122
jdk7-b121
jdk7-b120
jdk7-b119
jdk7-b118
jdk7-b117
jdk7-b116
jdk7-b115
jdk7-b114
jdk7-b113
jdk7-b112
jdk7-b111
jdk7-b110
jdk7-b109
jdk7-b108
jdk7-b107
jdk7-b106
jdk7-b105
jdk7-b104
jdk7-b103
jdk7-b102
jdk7-b101
jdk7-b100
jdk7-b99
jdk7-b98
jdk7-b97
jdk7-b96
jdk7-b95
jdk7-b94
dragonwell-8.4.4_jdk8u262-ga
dragonwell-8.4.4_jdk8u262-b10
dragonwell-8.3.3-GA
无相关合并请求
变更
14
展开全部
隐藏空白更改
内联
并排
Showing
14 changed file
with
683 addition
and
57 deletion
+683
-57
src/share/classes/com/sun/jarsigner/ContentSignerParameters.java
...re/classes/com/sun/jarsigner/ContentSignerParameters.java
+10
-1
src/share/classes/java/security/CodeSigner.java
src/share/classes/java/security/CodeSigner.java
+43
-1
src/share/classes/java/util/jar/JarVerifier.java
src/share/classes/java/util/jar/JarVerifier.java
+1
-2
src/share/classes/sun/misc/JavaSecurityCodeSignerAccess.java
src/share/classes/sun/misc/JavaSecurityCodeSignerAccess.java
+33
-0
src/share/classes/sun/misc/SharedSecrets.java
src/share/classes/sun/misc/SharedSecrets.java
+14
-1
src/share/classes/sun/security/pkcs/PKCS7.java
src/share/classes/sun/security/pkcs/PKCS7.java
+36
-4
src/share/classes/sun/security/tools/JarSigner.java
src/share/classes/sun/security/tools/JarSigner.java
+73
-6
src/share/classes/sun/security/tools/JarSignerResources.java
src/share/classes/sun/security/tools/JarSignerResources.java
+4
-1
src/share/classes/sun/security/tools/KeyTool.java
src/share/classes/sun/security/tools/KeyTool.java
+351
-33
src/share/classes/sun/security/tools/TimestampedSigner.java
src/share/classes/sun/security/tools/TimestampedSigner.java
+2
-1
src/share/classes/sun/security/util/Resources.java
src/share/classes/sun/security/util/Resources.java
+8
-1
src/share/classes/sun/security/util/SignatureFileVerifier.java
...hare/classes/sun/security/util/SignatureFileVerifier.java
+8
-4
src/share/classes/sun/security/x509/X509CRLImpl.java
src/share/classes/sun/security/x509/X509CRLImpl.java
+9
-2
test/sun/security/tools/jarsigner/crl.sh
test/sun/security/tools/jarsigner/crl.sh
+91
-0
未找到文件。
src/share/classes/com/sun/jarsigner/ContentSignerParameters.java
浏览文件 @
b51dd8fc
/*
* Copyright 2003 Sun Microsystems, Inc. All Rights Reserved.
* Copyright 2003
-2010
Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
...
...
@@ -26,7 +26,9 @@
package
com.sun.jarsigner
;
import
java.net.URI
;
import
java.security.cert.X509CRL
;
import
java.security.cert.X509Certificate
;
import
java.util.Set
;
import
java.util.zip.ZipFile
;
/**
...
...
@@ -80,6 +82,13 @@ public interface ContentSignerParameters {
*/
public
X509Certificate
[]
getSignerCertificateChain
();
/**
* Retrieves the signer's X.509 CRLs.
*
* @return An unmodifiable set of X.509 CRLs (never <code>null</code>)
*/
public
Set
<
X509CRL
>
getCRLs
();
/**
* Retrieves the content that was signed.
* The content is the JAR file's signature file.
...
...
This diff is collapsed.
Click to expand it.
src/share/classes/java/security/CodeSigner.java
浏览文件 @
b51dd8fc
/*
* Copyright 2003-20
04
Sun Microsystems, Inc. All Rights Reserved.
* Copyright 2003-20
10
Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
...
...
@@ -26,7 +26,10 @@
package
java.security
;
import
java.io.Serializable
;
import
java.security.cert.CRL
;
import
java.security.cert.CertPath
;
import
sun.misc.JavaSecurityCodeSignerAccess
;
import
sun.misc.SharedSecrets
;
/**
* This class encapsulates information about a code signer.
...
...
@@ -163,4 +166,43 @@ public final class CodeSigner implements Serializable {
sb
.
append
(
")"
);
return
sb
.
toString
();
}
// A private attribute attached to this CodeSigner object. Can be accessed
// through SharedSecrets.getJavaSecurityCodeSignerAccess().[g|s]etCRLs
//
// Currently called in SignatureFileVerifier.getSigners
private
transient
CRL
[]
crls
;
/**
* Sets the CRLs attached
* @param crls, null to clear
*/
void
setCRLs
(
CRL
[]
crls
)
{
this
.
crls
=
crls
;
}
/**
* Returns the CRLs attached
* @return the crls, initially null
*/
CRL
[]
getCRLs
()
{
return
crls
;
}
// Set up JavaSecurityCodeSignerAccess in SharedSecrets
static
{
SharedSecrets
.
setJavaSecurityCodeSignerAccess
(
new
JavaSecurityCodeSignerAccess
()
{
@Override
public
void
setCRLs
(
CodeSigner
signer
,
CRL
[]
crls
)
{
signer
.
setCRLs
(
crls
);
}
@Override
public
CRL
[]
getCRLs
(
CodeSigner
signer
)
{
return
signer
.
getCRLs
();
}
});
}
}
This diff is collapsed.
Click to expand it.
src/share/classes/java/util/jar/JarVerifier.java
浏览文件 @
b51dd8fc
/*
* Copyright 1997-20
09
Sun Microsystems, Inc. All Rights Reserved.
* Copyright 1997-20
10
Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
...
...
@@ -27,7 +27,6 @@ package java.util.jar;
import
java.io.*
;
import
java.util.*
;
import
java.util.zip.*
;
import
java.security.*
;
import
java.security.cert.CertificateException
;
...
...
This diff is collapsed.
Click to expand it.
src/share/classes/sun/misc/JavaSecurityCodeSignerAccess.java
0 → 100644
浏览文件 @
b51dd8fc
/*
* Copyright 2010 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Sun designates this
* particular file as subject to the "Classpath" exception as provided
* by Sun in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
* CA 95054 USA or visit www.sun.com if you need additional information or
* have any questions.
*/
package
sun.misc
;
import
java.security.CodeSigner
;
import
java.security.cert.CRL
;
public
interface
JavaSecurityCodeSignerAccess
{
void
setCRLs
(
CodeSigner
signer
,
CRL
[]
crls
);
CRL
[]
getCRLs
(
CodeSigner
signer
);
}
This diff is collapsed.
Click to expand it.
src/share/classes/sun/misc/SharedSecrets.java
浏览文件 @
b51dd8fc
...
...
@@ -27,8 +27,8 @@ package sun.misc;
import
java.util.jar.JarFile
;
import
java.io.Console
;
import
java.io.File
;
import
java.io.FileDescriptor
;
import
java.security.CodeSigner
;
import
java.security.ProtectionDomain
;
/** A repository of "shared secrets", which are a mechanism for
...
...
@@ -49,6 +49,7 @@ public class SharedSecrets {
private
static
JavaNioAccess
javaNioAccess
;
private
static
JavaIOFileDescriptorAccess
javaIOFileDescriptorAccess
;
private
static
JavaSecurityProtectionDomainAccess
javaSecurityProtectionDomainAccess
;
private
static
JavaSecurityCodeSignerAccess
javaSecurityCodeSignerAccess
;
public
static
JavaUtilJarAccess
javaUtilJarAccess
()
{
if
(
javaUtilJarAccess
==
null
)
{
...
...
@@ -126,4 +127,16 @@ public class SharedSecrets {
unsafe
.
ensureClassInitialized
(
ProtectionDomain
.
class
);
return
javaSecurityProtectionDomainAccess
;
}
public
static
void
setJavaSecurityCodeSignerAccess
(
JavaSecurityCodeSignerAccess
jscsa
)
{
javaSecurityCodeSignerAccess
=
jscsa
;
}
public
static
JavaSecurityCodeSignerAccess
getJavaSecurityCodeSignerAccess
()
{
if
(
javaSecurityCodeSignerAccess
==
null
)
unsafe
.
ensureClassInitialized
(
CodeSigner
.
class
);
return
javaSecurityCodeSignerAccess
;
}
}
This diff is collapsed.
Click to expand it.
src/share/classes/sun/security/pkcs/PKCS7.java
浏览文件 @
b51dd8fc
/*
* Copyright 1996-20
06
Sun Microsystems, Inc. All Rights Reserved.
* Copyright 1996-20
10
Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
...
...
@@ -28,7 +28,6 @@ package sun.security.pkcs;
import
java.io.*
;
import
java.math.BigInteger
;
import
java.util.*
;
import
java.security.cert.Certificate
;
import
java.security.cert.X509Certificate
;
import
java.security.cert.CertificateException
;
import
java.security.cert.X509CRL
;
...
...
@@ -173,20 +172,30 @@ public class PKCS7 {
* @param digestAlgorithmIds the message digest algorithm identifiers.
* @param contentInfo the content information.
* @param certificates an array of X.509 certificates.
* @param crls an array of CRLs
* @param signerInfos an array of signer information.
*/
public
PKCS7
(
AlgorithmId
[]
digestAlgorithmIds
,
ContentInfo
contentInfo
,
X509Certificate
[]
certificates
,
X509CRL
[]
crls
,
SignerInfo
[]
signerInfos
)
{
version
=
BigInteger
.
ONE
;
this
.
digestAlgorithmIds
=
digestAlgorithmIds
;
this
.
contentInfo
=
contentInfo
;
this
.
certificates
=
certificates
;
this
.
crls
=
crls
;
this
.
signerInfos
=
signerInfos
;
}
public
PKCS7
(
AlgorithmId
[]
digestAlgorithmIds
,
ContentInfo
contentInfo
,
X509Certificate
[]
certificates
,
SignerInfo
[]
signerInfos
)
{
this
(
digestAlgorithmIds
,
contentInfo
,
certificates
,
null
,
signerInfos
);
}
private
void
parseNetscapeCertChain
(
DerValue
val
)
throws
ParsingException
,
IOException
{
DerInputStream
dis
=
new
DerInputStream
(
val
.
toByteArray
());
...
...
@@ -312,7 +321,7 @@ public class PKCS7 {
ByteArrayInputStream
bais
=
null
;
try
{
if
(
certfac
==
null
)
crls
[
i
]
=
(
X509CRL
)
new
X509CRLImpl
(
crlVals
[
i
]);
crls
[
i
]
=
new
X509CRLImpl
(
crlVals
[
i
]);
else
{
byte
[]
encoded
=
crlVals
[
i
].
toByteArray
();
bais
=
new
ByteArrayInputStream
(
encoded
);
...
...
@@ -480,7 +489,30 @@ public class PKCS7 {
signedData
.
putOrderedSetOf
((
byte
)
0xA0
,
implCerts
);
}
// no crls (OPTIONAL field)
// CRLs (optional)
if
(
crls
!=
null
&&
crls
.
length
!=
0
)
{
// cast to X509CRLImpl[] since X509CRLImpl implements DerEncoder
Set
<
X509CRLImpl
>
implCRLs
=
new
HashSet
<
X509CRLImpl
>(
crls
.
length
);
for
(
X509CRL
crl:
crls
)
{
if
(
crl
instanceof
X509CRLImpl
)
implCRLs
.
add
((
X509CRLImpl
)
crl
);
else
{
try
{
byte
[]
encoded
=
crl
.
getEncoded
();
implCRLs
.
add
(
new
X509CRLImpl
(
encoded
));
}
catch
(
CRLException
ce
)
{
IOException
ie
=
new
IOException
(
ce
.
getMessage
());
ie
.
initCause
(
ce
);
throw
ie
;
}
}
}
// Add the CRL set (tagged with [1] IMPLICIT)
// to the signed data
signedData
.
putOrderedSetOf
((
byte
)
0xA1
,
implCRLs
.
toArray
(
new
X509CRLImpl
[
implCRLs
.
size
()]));
}
// signerInfos
signedData
.
putOrderedSetOf
(
DerValue
.
tag_Set
,
signerInfos
);
...
...
This diff is collapsed.
Click to expand it.
src/share/classes/sun/security/tools/JarSigner.java
浏览文件 @
b51dd8fc
...
...
@@ -26,6 +26,7 @@
package
sun.security.tools
;
import
java.io.*
;
import
java.security.cert.X509CRL
;
import
java.util.*
;
import
java.util.zip.*
;
import
java.util.jar.*
;
...
...
@@ -35,6 +36,7 @@ import java.net.URISyntaxException;
import
java.text.Collator
;
import
java.text.MessageFormat
;
import
java.security.cert.Certificate
;
import
java.security.cert.CRL
;
import
java.security.cert.X509Certificate
;
import
java.security.cert.CertificateException
;
import
java.security.*
;
...
...
@@ -56,6 +58,7 @@ import java.util.Map.Entry;
import
sun.security.x509.*
;
import
sun.security.util.*
;
import
sun.misc.BASE64Encoder
;
import
sun.misc.SharedSecrets
;
/**
...
...
@@ -114,14 +117,16 @@ public class JarSigner {
static
final
int
SIGNED_BY_ALIAS
=
0x08
;
// signer is in alias list
X509Certificate
[]
certChain
;
// signer's cert chain (when composing)
Set
<
X509CRL
>
crls
;
// signer provided CRLs
PrivateKey
privateKey
;
// private key
KeyStore
store
;
// the keystore specified by -keystore
// or the default keystore, never null
String
keystore
;
// key store file
List
<
String
>
crlfiles
=
new
ArrayList
<
String
>();
// CRL files to add
boolean
nullStream
=
false
;
// null keystore input stream (NONE)
boolean
token
=
false
;
// token-based keystore
String
jarfile
;
// jar file to sign or verify
String
jarfile
;
// jar file
s
to sign or verify
String
alias
;
// alias to sign jar with
List
<
String
>
ckaliases
=
new
ArrayList
<
String
>();
// aliases in -verify
char
[]
storepass
;
// keystore password
...
...
@@ -146,6 +151,7 @@ public class JarSigner {
boolean
signManifest
=
true
;
// "sign" the whole manifest
boolean
externalSF
=
true
;
// leave the .SF out of the PKCS7 block
boolean
strict
=
false
;
// treat warnings as error
boolean
autoCRL
=
false
;
// Automatcially add CRL defined in cert
// read zip entry raw bytes
private
ByteArrayOutputStream
baos
=
new
ByteArrayOutputStream
(
2048
);
...
...
@@ -226,6 +232,29 @@ public class JarSigner {
}
else
{
loadKeyStore
(
keystore
,
true
);
getAliasInfo
(
alias
);
crls
=
new
HashSet
<
X509CRL
>();
if
(
crlfiles
.
size
()
>
0
||
autoCRL
)
{
CertificateFactory
fac
=
CertificateFactory
.
getInstance
(
"X509"
);
List
<
CRL
>
list
=
new
ArrayList
<
CRL
>();
for
(
String
file:
crlfiles
)
{
Collection
<?
extends
CRL
>
tmp
=
KeyTool
.
loadCRLs
(
file
);
for
(
CRL
crl:
tmp
)
{
if
(
crl
instanceof
X509CRL
)
{
crls
.
add
((
X509CRL
)
crl
);
}
}
}
if
(
autoCRL
)
{
List
<
CRL
>
crlsFromCert
=
KeyTool
.
readCRLsFromCert
(
certChain
[
0
]);
for
(
CRL
crl:
crlsFromCert
)
{
if
(
crl
instanceof
X509CRL
)
{
crls
.
add
((
X509CRL
)
crl
);
}
}
}
}
// load the alternative signing mechanism
if
(
altSignerClass
!=
null
)
{
...
...
@@ -367,6 +396,13 @@ public class JarSigner {
}
else
if
(
collator
.
compare
(
flags
,
"-digestalg"
)
==
0
)
{
if
(++
n
==
args
.
length
)
usageNoArg
();
digestalg
=
args
[
n
];
}
else
if
(
collator
.
compare
(
flags
,
"-crl"
)
==
0
)
{
if
(
"auto"
.
equals
(
modifier
))
{
autoCRL
=
true
;
}
else
{
if
(++
n
==
args
.
length
)
usageNoArg
();
crlfiles
.
add
(
args
[
n
]);
}
}
else
if
(
collator
.
compare
(
flags
,
"-certs"
)
==
0
)
{
showcerts
=
true
;
}
else
if
(
collator
.
compare
(
flags
,
"-strict"
)
==
0
)
{
...
...
@@ -515,6 +551,9 @@ public class JarSigner {
System
.
out
.
println
(
rb
.
getString
(
"[-sigalg <algorithm>] name of signature algorithm"
));
System
.
out
.
println
();
System
.
out
.
println
(
rb
.
getString
(
"[-crl[:auto| <file>] include CRL in signed jar"
));
System
.
out
.
println
();
System
.
out
.
println
(
rb
.
getString
(
"[-verify] verify a signed JAR file"
));
System
.
out
.
println
();
...
...
@@ -654,6 +693,20 @@ public class JarSigner {
if
(
showcerts
)
{
sb
.
append
(
si
);
sb
.
append
(
'\n'
);
CRL
[]
crls
=
SharedSecrets
.
getJavaSecurityCodeSignerAccess
()
.
getCRLs
(
signer
);
if
(
crls
!=
null
)
{
for
(
CRL
crl:
crls
)
{
if
(
crl
instanceof
X509CRLImpl
)
{
sb
.
append
(
tab
).
append
(
"["
);
sb
.
append
(
String
.
format
(
rb
.
getString
(
"with a CRL including %d entries"
),
((
X509CRLImpl
)
crl
).
getRevokedCertificates
().
size
()))
.
append
(
"]\n"
);
}
}
}
}
}
}
else
if
(
showcerts
&&
!
verbose
.
equals
(
"all"
))
{
...
...
@@ -1233,7 +1286,7 @@ public class JarSigner {
try
{
block
=
sf
.
generateBlock
(
privateKey
,
sigalg
,
certChain
,
sf
.
generateBlock
(
privateKey
,
sigalg
,
certChain
,
crls
,
externalSF
,
tsaUrl
,
tsaCert
,
signingMechanism
,
args
,
zipFile
);
}
catch
(
SocketTimeoutException
e
)
{
...
...
@@ -2197,6 +2250,7 @@ class SignatureFile {
public
Block
generateBlock
(
PrivateKey
privateKey
,
String
sigalg
,
X509Certificate
[]
certChain
,
Set
<
X509CRL
>
crls
,
boolean
externalSF
,
String
tsaUrl
,
X509Certificate
tsaCert
,
ContentSigner
signingMechanism
,
...
...
@@ -2204,7 +2258,7 @@ class SignatureFile {
throws
NoSuchAlgorithmException
,
InvalidKeyException
,
IOException
,
SignatureException
,
CertificateException
{
return
new
Block
(
this
,
privateKey
,
sigalg
,
certChain
,
externalSF
,
return
new
Block
(
this
,
privateKey
,
sigalg
,
certChain
,
crls
,
externalSF
,
tsaUrl
,
tsaCert
,
signingMechanism
,
args
,
zipFile
);
}
...
...
@@ -2218,7 +2272,8 @@ class SignatureFile {
* Construct a new signature block.
*/
Block
(
SignatureFile
sfg
,
PrivateKey
privateKey
,
String
sigalg
,
X509Certificate
[]
certChain
,
boolean
externalSF
,
String
tsaUrl
,
X509Certificate
[]
certChain
,
Set
<
X509CRL
>
crls
,
boolean
externalSF
,
String
tsaUrl
,
X509Certificate
tsaCert
,
ContentSigner
signingMechanism
,
String
[]
args
,
ZipFile
zipFile
)
throws
NoSuchAlgorithmException
,
InvalidKeyException
,
IOException
,
...
...
@@ -2305,7 +2360,7 @@ class SignatureFile {
// Assemble parameters for the signing mechanism
ContentSignerParameters
params
=
new
JarSignerParameters
(
args
,
tsaUri
,
tsaCert
,
signature
,
signatureAlgorithm
,
certChain
,
content
,
zipFile
);
signatureAlgorithm
,
certChain
,
c
rls
,
c
ontent
,
zipFile
);
// Generate the signature block
block
=
signingMechanism
.
generateSignedData
(
...
...
@@ -2346,6 +2401,7 @@ class JarSignerParameters implements ContentSignerParameters {
private
byte
[]
signature
;
private
String
signatureAlgorithm
;
private
X509Certificate
[]
signerCertificateChain
;
private
Set
<
X509CRL
>
crls
;
private
byte
[]
content
;
private
ZipFile
source
;
...
...
@@ -2354,7 +2410,8 @@ class JarSignerParameters implements ContentSignerParameters {
*/
JarSignerParameters
(
String
[]
args
,
URI
tsa
,
X509Certificate
tsaCertificate
,
byte
[]
signature
,
String
signatureAlgorithm
,
X509Certificate
[]
signerCertificateChain
,
byte
[]
content
,
X509Certificate
[]
signerCertificateChain
,
Set
<
X509CRL
>
crls
,
byte
[]
content
,
ZipFile
source
)
{
if
(
signature
==
null
||
signatureAlgorithm
==
null
||
...
...
@@ -2367,6 +2424,7 @@ class JarSignerParameters implements ContentSignerParameters {
this
.
signature
=
signature
;
this
.
signatureAlgorithm
=
signatureAlgorithm
;
this
.
signerCertificateChain
=
signerCertificateChain
;
this
.
crls
=
crls
;
this
.
content
=
content
;
this
.
source
=
source
;
}
...
...
@@ -2442,4 +2500,13 @@ class JarSignerParameters implements ContentSignerParameters {
public
ZipFile
getSource
()
{
return
source
;
}
@Override
public
Set
<
X509CRL
>
getCRLs
()
{
if
(
crls
==
null
)
{
return
Collections
.
emptySet
();
}
else
{
return
Collections
.
unmodifiableSet
(
crls
);
}
}
}
This diff is collapsed.
Click to expand it.
src/share/classes/sun/security/tools/JarSignerResources.java
浏览文件 @
b51dd8fc
/*
* Copyright 2000-20
09
Sun Microsystems, Inc. All Rights Reserved.
* Copyright 2000-20
10
Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
...
...
@@ -74,6 +74,8 @@ public class JarSignerResources extends java.util.ListResourceBundle {
"[-digestalg <algorithm>] name of digest algorithm"
},
{
"[-sigalg <algorithm>] name of signature algorithm"
,
"[-sigalg <algorithm>] name of signature algorithm"
},
{
"[-crl[:auto| <file>] include CRL in signed jar"
,
"[-crl[:auto| <file>] include CRL in signed jar"
},
{
"[-verify] verify a signed JAR file"
,
"[-verify] verify a signed JAR file"
},
{
"[-verbose[:suboptions]] verbose output when signing/verifying."
,
...
...
@@ -191,6 +193,7 @@ public class JarSignerResources extends java.util.ListResourceBundle {
{
"using an alternative signing mechanism"
,
"using an alternative signing mechanism"
},
{
"entry was signed on"
,
"entry was signed on {0}"
},
{
"with a CRL including %d entries"
,
"with a CRL including %d entries"
},
{
"Warning: "
,
"Warning: "
},
{
"This jar contains unsigned entries which have not been integrity-checked. "
,
"This jar contains unsigned entries which have not been integrity-checked. "
},
...
...
This diff is collapsed.
Click to expand it.
src/share/classes/sun/security/tools/KeyTool.java
浏览文件 @
b51dd8fc
此差异已折叠。
点击以展开。
src/share/classes/sun/security/tools/TimestampedSigner.java
浏览文件 @
b51dd8fc
...
...
@@ -38,6 +38,7 @@ import java.security.cert.X509Certificate;
import
java.util.List
;
import
com.sun.jarsigner.*
;
import
java.security.cert.X509CRL
;
import
java.util.Arrays
;
import
sun.security.pkcs.*
;
import
sun.security.timestamp.*
;
...
...
@@ -239,7 +240,7 @@ public final class TimestampedSigner extends ContentSigner {
// Create the PKCS #7 signed data message
PKCS7
p7
=
new
PKCS7
(
algorithms
,
contentInfo
,
signerCertificateChain
,
signerInfos
);
parameters
.
getCRLs
().
toArray
(
new
X509CRL
[
parameters
.
getCRLs
().
size
()]),
signerInfos
);
ByteArrayOutputStream
p7out
=
new
ByteArrayOutputStream
();
p7
.
encodeSignedData
(
p7out
);
...
...
This diff is collapsed.
Click to expand it.
src/share/classes/sun/security/util/Resources.java
浏览文件 @
b51dd8fc
/*
* Copyright 2000-20
09
Sun Microsystems, Inc. All Rights Reserved.
* Copyright 2000-20
10
Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
...
...
@@ -71,6 +71,7 @@ public class Resources extends java.util.ListResourceBundle {
"Generates a secret key"
},
//-genseckey
{
"Generates certificate from a certificate request"
,
"Generates certificate from a certificate request"
},
//-gencert
{
"Generates CRL"
,
"Generates CRL"
},
//-gencrl
{
"Imports entries from a JDK 1.1.x-style identity database"
,
"Imports entries from a JDK 1.1.x-style identity database"
},
//-identitydb
{
"Imports a certificate or a certificate chain"
,
...
...
@@ -87,6 +88,8 @@ public class Resources extends java.util.ListResourceBundle {
"Prints the content of a certificate"
},
//-printcert
{
"Prints the content of a certificate request"
,
"Prints the content of a certificate request"
},
//-printcertreq
{
"Prints the content of a CRL file"
,
"Prints the content of a CRL file"
},
//-printcrl
{
"Generates a self-signed certificate"
,
"Generates a self-signed certificate"
},
//-selfcert
{
"Changes the store password of a keystore"
,
...
...
@@ -176,6 +179,8 @@ public class Resources extends java.util.ListResourceBundle {
"verbose output"
},
//-v
{
"validity number of days"
,
"validity number of days"
},
//-validity
{
"Serial ID of cert to revoke"
,
"Serial ID of cert to revoke"
},
//-id
// keytool: Running part
{
"keytool error: "
,
"keytool error: "
},
{
"Illegal option: "
,
"Illegal option: "
},
...
...
@@ -375,6 +380,7 @@ public class Resources extends java.util.ListResourceBundle {
{
"Signer #%d:"
,
"Signer #%d:"
},
{
"Timestamp:"
,
"Timestamp:"
},
{
"Signature:"
,
"Signature:"
},
{
"CRLs:"
,
"CRLs:"
},
{
"Certificate owner: "
,
"Certificate owner: "
},
{
"Not a signed jar file"
,
"Not a signed jar file"
},
{
"No certificate from the SSL server"
,
...
...
@@ -433,6 +439,7 @@ public class Resources extends java.util.ListResourceBundle {
{
"This extension cannot be marked as critical. "
,
"This extension cannot be marked as critical. "
},
{
"Odd number of hex digits found: "
,
"Odd number of hex digits found: "
},
{
"Unknown extension type: "
,
"Unknown extension type: "
},
{
"command {0} is ambiguous:"
,
"command {0} is ambiguous:"
},
// policytool
...
...
This diff is collapsed.
Click to expand it.
src/share/classes/sun/security/util/SignatureFileVerifier.java
浏览文件 @
b51dd8fc
/*
* Copyright 1997-20
09
Sun Microsystems, Inc. All Rights Reserved.
* Copyright 1997-20
10
Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
...
...
@@ -25,7 +25,6 @@
package
sun.security.util
;
import
java.security.CodeSigner
;
import
java.security.cert.CertPath
;
import
java.security.cert.X509Certificate
;
import
java.security.cert.CertificateException
;
...
...
@@ -34,11 +33,11 @@ import java.security.*;
import
java.io.*
;
import
java.util.*
;
import
java.util.jar.*
;
import
java.io.ByteArrayOutputStream
;
import
sun.security.pkcs.*
;
import
sun.security.timestamp.TimestampToken
;
import
sun.misc.BASE64Decoder
;
import
sun.misc.SharedSecrets
;
import
sun.security.jca.Providers
;
...
...
@@ -479,7 +478,12 @@ public class SignatureFileVerifier {
signers
=
new
ArrayList
<
CodeSigner
>();
}
// Append the new code signer
signers
.
add
(
new
CodeSigner
(
certChain
,
getTimestamp
(
info
)));
CodeSigner
signer
=
new
CodeSigner
(
certChain
,
getTimestamp
(
info
));
if
(
block
.
getCRLs
()
!=
null
)
{
SharedSecrets
.
getJavaSecurityCodeSignerAccess
().
setCRLs
(
signer
,
block
.
getCRLs
());
}
signers
.
add
(
signer
);
if
(
debug
!=
null
)
{
debug
.
println
(
"Signature Block Certificate: "
+
...
...
This diff is collapsed.
Click to expand it.
src/share/classes/sun/security/x509/X509CRLImpl.java
浏览文件 @
b51dd8fc
/*
* Copyright 1997-20
07
Sun Microsystems, Inc. All Rights Reserved.
* Copyright 1997-20
10
Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
...
...
@@ -89,7 +89,7 @@ import sun.misc.HexDumpEncoder;
* @author Hemma Prafullchandra
* @see X509CRL
*/
public
class
X509CRLImpl
extends
X509CRL
{
public
class
X509CRLImpl
extends
X509CRL
implements
DerEncoder
{
// CRL data, and its envelope
private
byte
[]
signedCRL
=
null
;
// DER encoded crl
...
...
@@ -1189,6 +1189,13 @@ public class X509CRLImpl extends X509CRL {
}
}
@Override
public
void
derEncode
(
OutputStream
out
)
throws
IOException
{
if
(
signedCRL
==
null
)
throw
new
IOException
(
"Null CRL to encode"
);
out
.
write
(
signedCRL
.
clone
());
}
/**
* Immutable X.509 Certificate Issuer DN and serial number pair
*/
...
...
This diff is collapsed.
Click to expand it.
test/sun/security/tools/jarsigner/crl.sh
0 → 100644
浏览文件 @
b51dd8fc
#
# Copyright 2010 Sun Microsystems, Inc. All Rights Reserved.
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
#
# This code is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License version 2 only, as
# published by the Free Software Foundation.
#
# This code is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
# version 2 for more details (a copy is included in the LICENSE file that
# accompanied this code).
#
# You should have received a copy of the GNU General Public License version
# 2 along with this work; if not, write to the Free Software Foundation,
# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#
# Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
# CA 95054 USA or visit www.sun.com if you need additional information or
# have any questions.
#
# @test
# @bug 6890876
# @summary jarsigner can add CRL info into signed jar
#
if
[
"
${
TESTJAVA
}
"
=
""
]
;
then
JAVAC_CMD
=
`
which javac
`
TESTJAVA
=
`
dirname
$JAVAC_CMD
`
/..
fi
# set platform-dependent variables
# PF: platform name, say, solaris-sparc
PF
=
""
OS
=
`
uname
-s
`
case
"
$OS
"
in
Windows
*
)
FS
=
"
\\
"
;;
*
)
FS
=
"/"
;;
esac
KS
=
crl.jks
JFILE
=
crl.jar
KT
=
"
$TESTJAVA
${
FS
}
bin
${
FS
}
keytool -storepass changeit -keypass changeit -keystore
$KS
"
JAR
=
$TESTJAVA
${
FS
}
bin
${
FS
}
jar
JARSIGNER
=
$TESTJAVA
${
FS
}
bin
${
FS
}
jarsigner
rm
$KS
$JFILE
# Generates some crl files, each containing two entries
$KT
-alias
a
-dname
CN
=
a
-keyalg
rsa
-genkey
-validity
300
$KT
-alias
a
-gencrl
-id
1:1
-id
2:2
-file
crl1
$KT
-alias
a
-gencrl
-id
3:3
-id
4:4
-file
crl2
$KT
-alias
b
-dname
CN
=
b
-keyalg
rsa
-genkey
-validity
300
$KT
-alias
b
-gencrl
-id
5:1
-id
6:2
-file
crl3
$KT
-alias
c
-dname
CN
=
c
-keyalg
rsa
-genkey
-validity
300
\
-ext
crl
=
uri:file://
`
pwd
`
/crl1
echo
A
>
A
# Test -crl:auto, cRLDistributionPoints is a local file
$JAR
cvf
$JFILE
A
$JARSIGNER
-keystore
$KS
-storepass
changeit
$JFILE
c
\
-crl
:auto
||
exit
1
$JARSIGNER
-keystore
$KS
-verify
-debug
-strict
$JFILE
||
exit
6
$KT
-printcert
-jarfile
$JFILE
|
grep
CRLs
||
exit
7
# Test -crl <file>
$JAR
cvf
$JFILE
A
$JARSIGNER
-keystore
$KS
-storepass
changeit
$JFILE
a
\
-crl
crl1
-crl
crl2
||
exit
1
$JARSIGNER
-keystore
$KS
-storepass
changeit
$JFILE
b
\
-crl
crl3
-crl
crl2
||
exit
1
$JARSIGNER
-keystore
$KS
-verify
-debug
-strict
$JFILE
||
exit
3
$KT
-printcert
-jarfile
$JFILE
|
grep
CRLs
||
exit
4
CRLCOUNT
=
`
$KT
-printcert
-jarfile
$JFILE
|
grep
SerialNumber |
wc
-l
`
if
[
$CRLCOUNT
!=
8
]
;
then
exit
5
;
fi
exit
0
This diff is collapsed.
Click to expand it.
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录