On 01/17/2017 01:26 AM, Xuelei Fan wrote:
On 1/15/2017 5:42 PM, Weijun Wang wrote:
Sorry, wrong subject, resending.
On 01/16/2017 09:41 AM, Weijun Wang wrote:
Please review the code change at
http://cr.openjdk.java.net/~weijun/8172529/webrev.02
The validator is updated to be a PKIXValidator of the
Validator.VAR_CODE_SIGNING variant.
What's the variant used by plugin? Is it VAR_PLUGIN_CODE_SIGNING?
Yes, it is.
I'm asking because the behaviors of VAR_PLUGIN_CODE_SIGNING and
VAR_CODE_SIGNING is a little bit different (See the use of
PKIXValidator.plugin variable).
There is a small difference. If I read correctly, the different code
allows Plugin to validate a chain anyway (even if there is no trust
anchor) and then decide if the last cert can be trusted itself, most
likely by showing a dialog and asking the user to decide.
In jarsigner, the certpath validation is used for showing warnings and
the jar file is signed anyway. The warning is enough to alert the user
and I do not intend to add a layer of user interaction here like in Plugin.
The major purpose of the fix is to detect a cross-signed certificate in
the certchain. I should update the bug description.
Thanks
Max
Xuelei
In order to have the same output message and exit code as before,
the ValidatorException thrown when validation fails is suppressed
when there are existing error flags for several reasons.
*jigsaw-dev*: The following change is made in
java.base/module-info.java:
+ exports sun.security.validator to + jdk.jartool;
Thanks Max
