diff options
author | Danesh Dadachanji <[email protected]> | 2012-04-02 11:23:18 -0400 |
---|---|---|
committer | Danesh Dadachanji <[email protected]> | 2012-04-02 11:23:18 -0400 |
commit | 9a53b5167e56106f4d225059262c124e929b7352 (patch) | |
tree | 603e764451b63f12aaec8442d7c3f15e27f2c1e9 /netx/net/sourceforge/jnlp/tools/JarSigner.java | |
parent | 554326d2e7207e1ecab10a6c5bdd8bde6bbf0307 (diff) |
Fixed check for a certificate whose start date has not yet been reached.
Diffstat (limited to 'netx/net/sourceforge/jnlp/tools/JarSigner.java')
-rw-r--r-- | netx/net/sourceforge/jnlp/tools/JarSigner.java | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/netx/net/sourceforge/jnlp/tools/JarSigner.java b/netx/net/sourceforge/jnlp/tools/JarSigner.java index 9ddbf6b..fbae6e2 100644 --- a/netx/net/sourceforge/jnlp/tools/JarSigner.java +++ b/netx/net/sourceforge/jnlp/tools/JarSigner.java @@ -297,9 +297,15 @@ public class JarSigner implements CertVerifier { if (cert instanceof X509Certificate) { checkCertUsage((X509Certificate) cert, null); if (!showcerts) { + long notBefore = ((X509Certificate) cert) + .getNotBefore().getTime(); long notAfter = ((X509Certificate) cert) .getNotAfter().getTime(); + if (now < notBefore) { + notYetValidCert = true; + } + if (notAfter < now) { hasExpiredCert = true; } else if (notAfter < now + SIX_MONTHS) { |