IcedTea-Web
NetX

net.sourceforge.jnlp.tools
Class JarSigner

java.lang.Object
  extended by net.sourceforge.jnlp.tools.JarSigner
All Implemented Interfaces:
CertVerifier

public class JarSigner
extends java.lang.Object
implements CertVerifier

The jarsigner utility.


Constructor Summary
JarSigner()
           
 
Method Summary
 boolean allJarsSigned()
          Returns if all jars are signed.
 boolean anyJarsSigned()
           
 boolean getAlreadyTrustPublisher()
          Return if the publisher is already trusted
 java.security.cert.CertPath getCertPath()
          Return a valid certificate path to this certificate(s) being verified
 java.util.ArrayList<java.security.cert.CertPath> getCerts()
           
 java.util.ArrayList<java.lang.String> getDetails()
          Get the details regarding issue(s) with this certificate
 java.security.cert.Certificate getPublisher()
          Returns the application's publisher's certificate.
 java.security.cert.Certificate getRoot()
          Returns the application's root's certificate.
 boolean getRootInCacerts()
          Return if the root is in CA certs
 boolean hasSigningIssues()
          Return if there are signing issues with the certificate(s) being veried
 boolean isFullySignedByASingleCert()
          Returns whether or not all entries have a common signer.
 boolean noSigningIssues()
          Return if there are no signing issues with this cert (!hasSigningIssues())
 void verifyJars(java.util.List<JARDesc> jars, ResourceTracker tracker)
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

JarSigner

public JarSigner()
Method Detail

getAlreadyTrustPublisher

public boolean getAlreadyTrustPublisher()
Description copied from interface: CertVerifier
Return if the publisher is already trusted

Specified by:
getAlreadyTrustPublisher in interface CertVerifier

getRootInCacerts

public boolean getRootInCacerts()
Description copied from interface: CertVerifier
Return if the root is in CA certs

Specified by:
getRootInCacerts in interface CertVerifier

getCertPath

public java.security.cert.CertPath getCertPath()
Description copied from interface: CertVerifier
Return a valid certificate path to this certificate(s) being verified

Specified by:
getCertPath in interface CertVerifier
Returns:
The CertPath

hasSigningIssues

public boolean hasSigningIssues()
Description copied from interface: CertVerifier
Return if there are signing issues with the certificate(s) being veried

Specified by:
hasSigningIssues in interface CertVerifier

noSigningIssues

public boolean noSigningIssues()
Description copied from interface: CertVerifier
Return if there are no signing issues with this cert (!hasSigningIssues())

Specified by:
noSigningIssues in interface CertVerifier

anyJarsSigned

public boolean anyJarsSigned()

getDetails

public java.util.ArrayList<java.lang.String> getDetails()
Description copied from interface: CertVerifier
Get the details regarding issue(s) with this certificate

Specified by:
getDetails in interface CertVerifier

getCerts

public java.util.ArrayList<java.security.cert.CertPath> getCerts()

isFullySignedByASingleCert

public boolean isFullySignedByASingleCert()
Returns whether or not all entries have a common signer. It is possible to create jars where only some entries are signed. In such cases, we should not prompt the user to accept anything, as the whole application must be treated as unsigned. This method should be called by a caller before it is about to ask the user to accept a cert and determine whether the application is trusted or not.

Returns:
Whether or not all entries have a common signer

verifyJars

public void verifyJars(java.util.List<JARDesc> jars,
                       ResourceTracker tracker)
                throws java.lang.Exception
Throws:
java.lang.Exception

getPublisher

public java.security.cert.Certificate getPublisher()
Description copied from interface: CertVerifier
Returns the application's publisher's certificate.

Specified by:
getPublisher in interface CertVerifier

getRoot

public java.security.cert.Certificate getRoot()
Description copied from interface: CertVerifier
Returns the application's root's certificate. This may return the same certificate as getPublisher() in the event that the application is self signed.

Specified by:
getRoot in interface CertVerifier

allJarsSigned

public boolean allJarsSigned()
Returns if all jars are signed.

Returns:
True if all jars are signed, false if there are one or more unsigned jars

IcedTea-Web
NetX

Submit a bug or feature