diff options
Diffstat (limited to 'luni/src/main/java/java/util/jar/JarVerifier.java')
-rw-r--r-- | luni/src/main/java/java/util/jar/JarVerifier.java | 18 |
1 files changed, 16 insertions, 2 deletions
diff --git a/luni/src/main/java/java/util/jar/JarVerifier.java b/luni/src/main/java/java/util/jar/JarVerifier.java index ec0e088..640f13c 100644 --- a/luni/src/main/java/java/util/jar/JarVerifier.java +++ b/luni/src/main/java/java/util/jar/JarVerifier.java @@ -68,6 +68,9 @@ class JarVerifier { int mainAttributesEnd; + /** Whether or not to check certificate chain signatures. */ + private final boolean chainCheck; + /** * Stores and a hash and a message digest and verifies that massage digest * matches the hash. @@ -137,13 +140,23 @@ class JarVerifier { } /** + * Convenience constructor for backward compatibility. + */ + JarVerifier(String name) { + this(name, false); + } + + /** * Constructs and returns a new instance of {@code JarVerifier}. * * @param name * the name of the JAR file being verified. + * @param chainCheck + * whether to check the certificate chain signatures */ - JarVerifier(String name) { + JarVerifier(String name, boolean chainCheck) { jarName = name; + this.chainCheck = chainCheck; } /** @@ -288,7 +301,8 @@ class JarVerifier { try { Certificate[] signerCertChain = JarUtils.verifySignature( new ByteArrayInputStream(sfBytes), - new ByteArrayInputStream(sBlockBytes)); + new ByteArrayInputStream(sBlockBytes), + chainCheck); /* * Recursive call in loading security provider related class which * is in a signed JAR. |