8172529: Use PKIXValidator in jarsigner
Weijun Wang
weijun.wang at oracle.com
Tue Jan 17 02:09:20 UTC 2017
On 01/17/2017 01:26 AM, Xuelei Fan wrote:
> On 1/15/2017 5:42 PM, Weijun Wang wrote:
>> Sorry, wrong subject, resending.
>>
>> On 01/16/2017 09:41 AM, Weijun Wang wrote:
>>> Please review the code change at
>>>
>>> http://cr.openjdk.java.net/~weijun/8172529/webrev.02
>>>
>>> The validator is updated to be a PKIXValidator of the
>>> Validator.VAR_CODE_SIGNING variant.
> What's the variant used by plugin? Is it VAR_PLUGIN_CODE_SIGNING?
Yes, it is.
> I'm asking because the behaviors of VAR_PLUGIN_CODE_SIGNING and
> VAR_CODE_SIGNING is a little bit different (See the use of
> PKIXValidator.plugin variable).
There is a small difference. If I read correctly, the different code
allows Plugin to validate a chain anyway (even if there is no trust
anchor) and then decide if the last cert can be trusted itself, most
likely by showing a dialog and asking the user to decide.
In jarsigner, the certpath validation is used for showing warnings and
the jar file is signed anyway. The warning is enough to alert the user
and I do not intend to add a layer of user interaction here like in Plugin.
The major purpose of the fix is to detect a cross-signed certificate in
the certchain. I should update the bug description.
Thanks
Max
>
> Xuelei
>
>>> In order to have the same output message and exit code as before,
>>> the ValidatorException thrown when validation fails is suppressed
>>> when there are existing error flags for several reasons.
>>>
>>> *jigsaw-dev*: The following change is made in
>>> java.base/module-info.java:
>>>
>>> + exports sun.security.validator to + jdk.jartool;
>>>
>>> Thanks Max
More information about the security-dev
mailing list