From 8887f99e55a15f4ec9dbb3498640a7497742a9e8 Mon Sep 17 00:00:00 2001 From: Weijun Wang Date: Thu, 24 Mar 2011 16:16:22 +0800 Subject: [PATCH] 7030174: Jarsigner should accept TSACert with an HTTPS id-ad-timeStamping SIA Reviewed-by: xuelei --- .../classes/sun/security/tools/TimestampedSigner.java | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/jdk/src/share/classes/sun/security/tools/TimestampedSigner.java b/jdk/src/share/classes/sun/security/tools/TimestampedSigner.java index 6d5eb63b7fd..349607af720 100644 --- a/jdk/src/share/classes/sun/security/tools/TimestampedSigner.java +++ b/jdk/src/share/classes/sun/security/tools/TimestampedSigner.java @@ -250,10 +250,10 @@ public final class TimestampedSigner extends ContentSigner { * (RFC 3280). * The extension's accessMethod field should contain the object * identifier defined for timestamping: 1.3.6.1.5.5.7.48.3 and its - * accessLocation field should contain an HTTP URL. + * accessLocation field should contain an HTTP or HTTPS URL. * * @param tsaCertificate An X.509 certificate for the TSA. - * @return An HTTP URL or null if none was found. + * @return An HTTP or HTTPS URL or null if none was found. */ public static String getTimestampingUrl(X509Certificate tsaCertificate) { @@ -279,7 +279,8 @@ public final class TimestampedSigner extends ContentSigner { location = description.getAccessLocation(); if (location.getType() == GeneralNameInterface.NAME_URI) { uri = (URIName) location.getName(); - if (uri.getScheme().equalsIgnoreCase("http")) { + if (uri.getScheme().equalsIgnoreCase("http") || + uri.getScheme().equalsIgnoreCase("https")) { return uri.getName(); } }