8172529: Use PKIXValidator in jarsigner
Xuelei Fan
Xuelei.Fan at Oracle.Com
Tue Jan 17 03:03:01 UTC 2017
Ok. Looks good.
Xuelei
> On Jan 16, 2017, at 6:09 PM, Weijun Wang <weijun.wang at oracle.com> wrote:
>
>
>
>> On 01/17/2017 01:26 AM, Xuelei Fan wrote:
>>> On 1/15/2017 5:42 PM, Weijun Wang wrote:
>>> Sorry, wrong subject, resending.
>>>
>>>> On 01/16/2017 09:41 AM, Weijun Wang wrote:
>>>> Please review the code change at
>>>>
>>>> http://cr.openjdk.java.net/~weijun/8172529/webrev.02
>>>>
>>>> The validator is updated to be a PKIXValidator of the
>>>> Validator.VAR_CODE_SIGNING variant.
>> What's the variant used by plugin? Is it VAR_PLUGIN_CODE_SIGNING?
>
> Yes, it is.
>
>> I'm asking because the behaviors of VAR_PLUGIN_CODE_SIGNING and
>> VAR_CODE_SIGNING is a little bit different (See the use of
>> PKIXValidator.plugin variable).
>
> There is a small difference. If I read correctly, the different code allows Plugin to validate a chain anyway (even if there is no trust anchor) and then decide if the last cert can be trusted itself, most likely by showing a dialog and asking the user to decide.
>
> In jarsigner, the certpath validation is used for showing warnings and the jar file is signed anyway. The warning is enough to alert the user and I do not intend to add a layer of user interaction here like in Plugin.
>
> The major purpose of the fix is to detect a cross-signed certificate in the certchain. I should update the bug description.
>
> Thanks
> Max
>
>>
>> Xuelei
>>
>>>> In order to have the same output message and exit code as before,
>>>> the ValidatorException thrown when validation fails is suppressed
>>>> when there are existing error flags for several reasons.
>>>>
>>>> *jigsaw-dev*: The following change is made in
>>>> java.base/module-info.java:
>>>>
>>>> + exports sun.security.validator to + jdk.jartool;
>>>>
>>>> Thanks Max
More information about the security-dev
mailing list