Ok. Looks good. Xuelei
> On Jan 16, 2017, at 6:09 PM, Weijun Wang <weijun.w...@oracle.com> wrote: > > > >> On 01/17/2017 01:26 AM, Xuelei Fan wrote: >>> On 1/15/2017 5:42 PM, Weijun Wang wrote: >>> Sorry, wrong subject, resending. >>> >>>> On 01/16/2017 09:41 AM, Weijun Wang wrote: >>>> Please review the code change at >>>> >>>> http://cr.openjdk.java.net/~weijun/8172529/webrev.02 >>>> >>>> The validator is updated to be a PKIXValidator of the >>>> Validator.VAR_CODE_SIGNING variant. >> What's the variant used by plugin? Is it VAR_PLUGIN_CODE_SIGNING? > > Yes, it is. > >> I'm asking because the behaviors of VAR_PLUGIN_CODE_SIGNING and >> VAR_CODE_SIGNING is a little bit different (See the use of >> PKIXValidator.plugin variable). > > There is a small difference. If I read correctly, the different code allows > Plugin to validate a chain anyway (even if there is no trust anchor) and then > decide if the last cert can be trusted itself, most likely by showing a > dialog and asking the user to decide. > > In jarsigner, the certpath validation is used for showing warnings and the > jar file is signed anyway. The warning is enough to alert the user and I do > not intend to add a layer of user interaction here like in Plugin. > > The major purpose of the fix is to detect a cross-signed certificate in the > certchain. I should update the bug description. > > Thanks > Max > >> >> Xuelei >> >>>> In order to have the same output message and exit code as before, >>>> the ValidatorException thrown when validation fails is suppressed >>>> when there are existing error flags for several reasons. >>>> >>>> *jigsaw-dev*: The following change is made in >>>> java.base/module-info.java: >>>> >>>> + exports sun.security.validator to + jdk.jartool; >>>> >>>> Thanks Max