RFR: 8330217: Spurious warning from jarsigner -verify when keystore with intermediate CA is used [v2]

[Weijun Wang]

> There is an error in `jarsigner` on the "This JAR contains signed entries that aren't signed by alias in this keystore" warning. The exit code is determined by [`notSignedByAlias`](https://github.com/openjdk/jdk/blob/0a60b0f99efb38d2cc97f3862ef95a0d26ba49a7/src/jdk.jartool/share/classes/sun/security/tools/jarsigner/Main.java#L344) but the warning message is controlled by [`allAliasesFound`](https://github.com/openjdk/jdk/blob/0a60b0f99efb38d2cc97f3862ef95a0d26ba49a7/src/jdk.jartool/share/classes/sun/security/tools/jarsigner/Main.java#L1183).
> 
> Also, inside the `inKeyStoreForOneSigner()` method, all certificates in a cert chain are used to determine whether the signer is in a keystore and if any is inside the JAR file is treated as being signed by an alias in this keystore. In fact, only the end-entity certificate (the first one in the chain) should be checked.
> 
> After the fix, the `allAliasesFound` field and the `SOME_ALIASES_NOT_FOUND` constant are useless and can be removed.

Weijun Wang has updated the pull request with a new target base due to a merge or a rebase. The incremental webrev excludes the unrelated changes brought in by the merge/rebase. The pull request contains three additional commits since the last revision:

 - Merge branch 'master' into 8330217
 - aliasNotInStore not severe
 - the fix

-------------

Changes:
  - all: https://git.openjdk.org/jdk/pull/19701/files
  - new: https://git.openjdk.org/jdk/pull/19701/files/0f3be953..718f7858

Webrevs:
 - full: https://webrevs.openjdk.org/?repo=jdk&pr=19701&range=01
 - incr: https://webrevs.openjdk.org/?repo=jdk&pr=19701&range=00-01

  Stats: 90223 lines in 2234 files changed: 57564 ins; 22609 del; 10050 mod
  Patch: https://git.openjdk.org/jdk/pull/19701.diff
  Fetch: git fetch https://git.openjdk.org/jdk.git pull/19701/head:pull/19701

PR: https://git.openjdk.org/jdk/pull/19701