gpt4 book ai didi

java - 如何验证签名的 jar 是否包含时间戳?

转载 作者:太空狗 更新时间:2023-10-29 22:32:48 28 4
gpt4 key购买 nike

在对 jar 进行签名并使用 -tsa 选项后,我如何验证时间戳是否包含在内?我试过:

jarsigner -verify -verbose -certs myApp.jar

但是输出没有指定任何关于时间戳的信息。我问是因为即使我在 -tsa URL 路径中有拼写错误,jarsigner 也会成功。这是 GlobalSign TSA URL:http://timestamp.globalsign.com/scripts/timstamp.dll它背后的服务器显然接受任何路径(即 timestamp.globalsign.com/foobar),所以最后我不确定我的 jar 是否带有时间戳。

最佳答案

来自 https://blogs.oracle.com/mullan/entry/how_to_determine_if_a :

You can use the jarsigner utility to determine if a signed JAR has been timestamped as follows:

jarsigner -verify -verbose -certs signed.jar

where signed.jar is the name of your signed JAR. If it is timestamped, the output will include lines of the following indicating the time it was signed:

[entry was signed on 8/2/13 3:48 PM]

If the JAR is not timestamped, the output will not include those lines.

关于java - 如何验证签名的 jar 是否包含时间戳?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/1647759/

28 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com