[security-dev 00610]: RFC for jarsigner: more warning, more concise output

[Max (Weijun) Wang]

Hi All

Looking at this bug now:
    jarsigner needs enhanced cert validation(options)
    http://bugs.sun.com/view_bug.do?bug_id=6802846

I've exchanged some emails with the bug reporter (BCC'ed :) ).  
Basically we found these problems with the current jarsigner:

1. Does not care much about warnings. The exit code is almost always 0
2. Too verbose output, esp when there're many entries in the jar

Therefore, I'm suggesting these enhancements:

1. Add -check option, which means "treat warning as error". The exit  
code will be 0:OK, -1:verify error, or, OR-value of various 2^n  
(n=0,1,..) which maps to predefined warnings. More warnings will be  
added for the criteria proposed by the bug reporter.

2. Refine output. Group entries with the same signer info, and, in the  
simplest mode, only output a summary.

Precisely, before the fix, the output for -verify is --

    1) When there's no more option:

       Jar verified

    2) When there's -verbose -certs

       smk   A.class

       Certificate A (CN=A, OU=B)
       Fingerprint 90:90:90:90:90:90:90:90:90:90:90:90:90:90:90:90:90:90

       smk   B.class

       Certificate A (CN=A, OU=B)
       Fingerprint 90:90:90:90:90:90:90:90:90:90:90:90:90:90:90:90:90:90
       ...

After the fix --

    1) When there's no more option, we add a summary:

       smk   A.class (and 1 more)

       Jar verified

    2) When there's -verbose -certs, we groups entries:

       smk   A.class
       smk   B.class
       ...

       Certificate A (CN=A, OU=B)
       Fingerprint 90:90:90:90:90:90:90:90:90:90:90:90:90:90:90:90:90:90

    3) When there's -certs (not available in the old version), we have

       smk   A.class (and 1 more)

       Certificate A (CN=A, OU=B)
       Fingerprint 90:90:90:90:90:90:90:90:90:90:90:90:90:90:90:90:90:90

Here, I guess the 3)rd option would be the more useful one.

Any suggestions?

Thanks
Max