All suggestions accepted. Here is an updated webrev. http://cr.openjdk.java.net/~weijun/8191438/webrev.01/
New test cases added. Other changes are: 1. noTimestamp == true at signing side means no TSA or timestamping failed. 2. New method certsAndTSInfo() used by both signing and verification to display signer/tsa info and set warning flags. Thanks Max > On Dec 7, 2017, at 5:01 AM, Sean Mullan <sean.mul...@oracle.com> wrote: > > When signing, I think we should always print when the timestamp will expire, > even if it is 10 years from now. For the warning, I would bump it up 6 months > to a year. (It could potentially be more than this - a fresh timestamp > ideally should be good for > 5 years in my opinion). Perhaps we don't warn > when signing - just make it informational. But only warn when verifying. > > Just some quick thoughts -- I'll think about it some more. > > --Sean > > > > On 12/5/17 4:35 AM, Weijun Wang wrote: >> Hi All >> Please take a look at http://cr.openjdk.java.net/~weijun/8191438/webrev.00/. >> Regression tests not added yet. I'd like to hear your comments on the output >> format. >> Major changes: >> 1. New flags hasExpiringTsaCert and hasExpiredTsaCert for TSA cert chain. >> They are set and used similar to flags for the signer cert chain. Note that >> there is no notYetValidTsaCert, which I think is not very useful, and it's >> already covered by CertPath validation. >> 2. No more validity check on trusted certs in printCert(), since CertPath >> validation also does not check validity of trust anchors. >> 3. Break getAliasInfo() into 2 parts: getAliasInfo() and showAliasInfo(). >> showAliasInfo() will set flags and show extra info if -verbose after jar is >> signed. >> The expiration date for all signer and TSA cert chains are shown when >> -verbose -certs are provided. Warning is only shown when expiration date >> (for either cert chain) is near. >> An example: >> $ jarsigner ... a.jar a -tsa >> http://localhost:8080/time=2017-11-20T00:00:00Z -verbose >> requesting a signature timestamp >> TSA location: http://localhost:8080/time=2017-11-20T00:00:00Z >> updating: META-INF/A.SF >> updating: META-INF/A.RSA >> signing: ks >>>>> Signer >> X.509, CN=a >> [certificate is valid from 11/5/17, 12:27 PM to 12/10/17, 12:27 PM] >> X.509, CN=ca >> [trusted certificate] >>>>> TSA >> X.509, CN=ts >> [certificate will expire on 12/15/17, 12:27 PM] >> X.509, CN=ca >> [trusted certificate] >> jar signed. >> Warning: >> The timestamp will expire within six months on 2017-12-15. >> c $ jarsigner ... a.jar -verify -verbose:grouped -certs >> s k 145 Tue Dec 05 10:23:46 CST 2017 META-INF/MANIFEST.MF >> [entry was signed on 11/20/17, 8:00 AM] >> >>> Signer >> X.509, CN=a (a) >> [certificate is valid from 11/5/17, 12:27 PM to 12/10/17, 12:27 PM] >> X.509, CN=ca (ca) >> [trusted certificate] >> >>> TSA >> X.509, CN=ts >> [certificate will expire on 12/15/17, 12:27 PM] >> X.509, CN=ca (ca) >> [trusted certificate] >> 307 Tue Dec 05 12:27:08 CST 2017 META-INF/A.SF >> 3811 Tue Dec 05 12:27:08 CST 2017 META-INF/A.RSA >> (Signature related entries) >> 0 Tue Dec 05 10:23:42 CST 2017 META-INF/ >> (Unsigned entries) >> smk 8364 Tue Dec 05 10:23:00 CST 2017 ks >> [entry was signed on 11/20/17, 8:00 AM] >> >>> Signer >> X.509, CN=a (a) >> [certificate is valid from 11/5/17, 12:27 PM to 12/10/17, 12:27 PM] >> X.509, CN=ca (ca) >> [trusted certificate] >> >>> TSA >> X.509, CN=ts >> [certificate will expire on 12/15/17, 12:27 PM] >> X.509, CN=ca (ca) >> [trusted certificate] >> s = signature was verified >> m = entry is listed in manifest >> k = at least one certificate was found in keystore >> - Signed by "CN=a" >> Digest algorithm: SHA-256 >> Signature algorithm: SHA256withRSA, 2048-bit key >> Timestamped by "CN=ts" on Mon Nov 20 00:00:00 UTC 2017 >> Timestamp digest algorithm: SHA-256 >> Timestamp signature algorithm: SHA256withRSA, 2048-bit key >> jar verified. >> Warning: >> The timestamp will expire within six months on 2017-12-15. >> Thanks >> Max
