final class: JarVerifier
This class verifies JAR files (and any supporting JAR files), and
determines whether they may be used in this implementation.
The JCE in OpenJDK has an open cryptographic interface, meaning it
does not restrict which providers can be used. Compliance with
United States export controls and with local law governing the
import/export of products incorporating the JCE in the OpenJDK is
the responsibility of the licensee.
Creates a JarVerifier object to verify the given URL.
jarURL - the JAR file to be verified.
savePerms - if true, save the permissions allowed by the
|Methods from java.lang.Object:|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait|
|Method from javax.crypto.JarVerifier Detail:|
Returns the permissions which are bundled with the JAR file,
aka the "cryptoperms" file.
NOTE: if this JarVerifier instance is constructed with "savePerms"
equal to false, then this method would always return null.
void verify() throws JarException, IOException
Verify the JAR file is signed by an entity which has a certificate
issued by a trusted CA.
In OpenJDK, we just need to examine the "cryptoperms" file to see
if any permissions were bundled together with this jar file.
static void verifyPolicySigned(Certificate certs) throws Exception
Verify that the provided certs include the
framework signing certificate.