modules/jdk.packager/src/main/java/com/sun/javafx/tools/packager/JarSignature.java

Print this page




  63  * (Source copied from:
  64  *      com.sun.deploy.security.JarSignature in Deploy workspace)
  65  *
  66  * This class is an abstraction of signature that is currently used
  67  * for implementation of jar signing as BLOBs.
  68  *
  69  * There are 2 modes of use for this class - signing and validation
  70  * and same instance of JarSignature object can not be reused.
  71  *
  72  * Signing mode:
  73  *   - create new instance using JarSignature.create()
  74  *   - add entries you want to include into the signature using
  75  *      updateWithEntry(). (Note the order is important.)
  76  *   - use getEncoded() to get bytes for the result signature
  77  *
  78  * Validation mode:
  79  *   - create new instance using JarSignature.load()
  80  *   - add entries using updateWithEntry()
  81  *   - use isValid() to validate result
  82  *   - use getCodeSigners() to get list of code signers used


  83  */

  84 public class JarSignature {
  85     //name of jar manifest attribute that contains signature
  86     public static final String BLOB_SIGNATURE = "META-INF/SIGNATURE.BSF";
  87 
  88     private final Signature sig;
  89     private final X509Certificate certChain[]; // for singing scenarios only
  90     private final CodeSigner codeSigners[];    // for validation only
  91     private final SignerInfo signerInfos[];        // for validation only
  92 
  93     /**
  94      * Loads jar signature from given byte array.
  95      * If signature could not be reconstructed then exceptions are thrown.
  96      */
  97     public static JarSignature load(byte[] rawSignature) throws ParsingException,
  98             CertificateException, IOException, NoSuchAlgorithmException,
  99             InvalidKeyException, SignatureException
 100     {
 101         PKCS7 pkcs7 = new PKCS7(rawSignature);
 102         SignerInfo[] infos = pkcs7.getSignerInfos();
 103         if (infos == null || infos.length != 1) {




  63  * (Source copied from:
  64  *      com.sun.deploy.security.JarSignature in Deploy workspace)
  65  *
  66  * This class is an abstraction of signature that is currently used
  67  * for implementation of jar signing as BLOBs.
  68  *
  69  * There are 2 modes of use for this class - signing and validation
  70  * and same instance of JarSignature object can not be reused.
  71  *
  72  * Signing mode:
  73  *   - create new instance using JarSignature.create()
  74  *   - add entries you want to include into the signature using
  75  *      updateWithEntry(). (Note the order is important.)
  76  *   - use getEncoded() to get bytes for the result signature
  77  *
  78  * Validation mode:
  79  *   - create new instance using JarSignature.load()
  80  *   - add entries using updateWithEntry()
  81  *   - use isValid() to validate result
  82  *   - use getCodeSigners() to get list of code signers used
  83  * 
  84  * @deprecated use {@link ToolProvider} to locate the {@code "javapackager"} tool instead.
  85  */
  86 @Deprecated(since="10", forRemoval=true)
  87 public class JarSignature {
  88     //name of jar manifest attribute that contains signature
  89     public static final String BLOB_SIGNATURE = "META-INF/SIGNATURE.BSF";
  90 
  91     private final Signature sig;
  92     private final X509Certificate certChain[]; // for singing scenarios only
  93     private final CodeSigner codeSigners[];    // for validation only
  94     private final SignerInfo signerInfos[];        // for validation only
  95 
  96     /**
  97      * Loads jar signature from given byte array.
  98      * If signature could not be reconstructed then exceptions are thrown.
  99      */
 100     public static JarSignature load(byte[] rawSignature) throws ParsingException,
 101             CertificateException, IOException, NoSuchAlgorithmException,
 102             InvalidKeyException, SignatureException
 103     {
 104         PKCS7 pkcs7 = new PKCS7(rawSignature);
 105         SignerInfo[] infos = pkcs7.getSignerInfos();
 106         if (infos == null || infos.length != 1) {