aboutsummaryrefslogtreecommitdiffstats
path: root/netx/net/sourceforge/jnlp/tools/JarSigner.java
diff options
context:
space:
mode:
authorDanesh Dadachanji <[email protected]>2012-04-02 11:23:18 -0400
committerDanesh Dadachanji <[email protected]>2012-04-02 11:23:18 -0400
commit9a53b5167e56106f4d225059262c124e929b7352 (patch)
tree603e764451b63f12aaec8442d7c3f15e27f2c1e9 /netx/net/sourceforge/jnlp/tools/JarSigner.java
parent554326d2e7207e1ecab10a6c5bdd8bde6bbf0307 (diff)
Fixed check for a certificate whose start date has not yet been reached.
Diffstat (limited to 'netx/net/sourceforge/jnlp/tools/JarSigner.java')
-rw-r--r--netx/net/sourceforge/jnlp/tools/JarSigner.java6
1 files changed, 6 insertions, 0 deletions
diff --git a/netx/net/sourceforge/jnlp/tools/JarSigner.java b/netx/net/sourceforge/jnlp/tools/JarSigner.java
index 9ddbf6b..fbae6e2 100644
--- a/netx/net/sourceforge/jnlp/tools/JarSigner.java
+++ b/netx/net/sourceforge/jnlp/tools/JarSigner.java
@@ -297,9 +297,15 @@ public class JarSigner implements CertVerifier {
if (cert instanceof X509Certificate) {
checkCertUsage((X509Certificate) cert, null);
if (!showcerts) {
+ long notBefore = ((X509Certificate) cert)
+ .getNotBefore().getTime();
long notAfter = ((X509Certificate) cert)
.getNotAfter().getTime();
+ if (now < notBefore) {
+ notYetValidCert = true;
+ }
+
if (notAfter < now) {
hasExpiredCert = true;
} else if (notAfter < now + SIX_MONTHS) {