United StatesChange Country, Oracle Worldwide Web Sites Communities I am a... I want to...
Bug ID: 2191468 Jarsigner can't extract Extended Key Usage from Timestamp Reply currectly
2191468 : Jarsigner can't extract Extended Key Usage from Timestamp Reply currectly

Details
Type:
Backport
Submit Date:
2010-04-12
Status:
Closed
Updated Date:
2011-03-07
Project Name:
JDK
Resolved Date:
2011-03-07
Component:
security-libs
OS:
Sub-Component:
java.security
CPU:
Priority:
P4
Resolution:
Fixed
Affected Versions:
Fixed Versions:
7

Related Reports
Backport:
JDK-6939248 - Jarsigner can't extract Extended Key Usage from Timestamp Reply currectly

Sub Tasks

Description
PKCS #7 block includes a set of certificates and several signerinfos. To locate the certificate for a given signer, one should first look for a reference in the signerinfo, and then try to locate one in the certificates set.

Currently, jarsigner, when validating certificate for a timestamping service, simply looks for a non-CA cert inside the certificate set. This is not correct.

Comments
EVALUATION

http://hg.openjdk.java.net/jdk7/tl/jdk/rev/0d989dc383d3
2010-04-16


Hardware and Software, Engineered to Work Together