Examples with SignedContent - org.eclipse.osgi.signedcontent.SignedContent

Example 1 with SignedContent

use of org.eclipse.osgi.signedcontent.SignedContent in project rt.equinox.framework by eclipse.

the class EquinoxBundle method getSignerCertificates.

@Override
public Map<X509Certificate, List<X509Certificate>> getSignerCertificates(int signersType) {
    SignedContentFactory factory = equinoxContainer.getSignedContentFactory();
    if (factory == null) {
        return Collections.emptyMap();
    }
    try {
        SignerInfo[] infos = signerInfos;
        if (infos == null) {
            SignedContent signedContent = factory.getSignedContent(this);
            infos = signedContent.getSignerInfos();
            signerInfos = infos;
        }
        if (infos.length == 0)
            return Collections.emptyMap();
        Map<X509Certificate, List<X509Certificate>> results = new HashMap<>(infos.length);
        for (int i = 0; i < infos.length; i++) {
            if (signersType == SIGNERS_TRUSTED && !infos[i].isTrusted())
                continue;
            Certificate[] certs = infos[i].getCertificateChain();
            if (certs == null || certs.length == 0)
                continue;
            List<X509Certificate> certChain = new ArrayList<>();
            for (int j = 0; j < certs.length; j++) certChain.add((X509Certificate) certs[j]);
            results.put((X509Certificate) certs[0], certChain);
        }
        return results;
    } catch (Exception e) {
        return Collections.emptyMap();
    }
}

Also used : HashMap(java.util.HashMap) SignedContentFactory(org.eclipse.osgi.signedcontent.SignedContentFactory) ArrayList(java.util.ArrayList) X509Certificate(java.security.cert.X509Certificate) BundleException(org.osgi.framework.BundleException) IOException(java.io.IOException) SignerInfo(org.eclipse.osgi.signedcontent.SignerInfo) SignedContent(org.eclipse.osgi.signedcontent.SignedContent) List(java.util.List) ArrayList(java.util.ArrayList) X509Certificate(java.security.cert.X509Certificate) Certificate(java.security.cert.Certificate)

Example 2 with SignedContent

use of org.eclipse.osgi.signedcontent.SignedContent in project rt.equinox.framework by eclipse.

the class ModuleClassLoader method createProtectionDomain.

/**
 * Creates a ProtectionDomain which uses specified BundleFile and the permissions of the baseDomain
 * @param bundlefile The source bundlefile the domain is for.
 * @param domainGeneration the source generation for the domain
 * @return a ProtectionDomain which uses specified BundleFile and the permissions of the baseDomain
 */
@SuppressWarnings("deprecation")
protected ProtectionDomain createProtectionDomain(BundleFile bundlefile, Generation domainGeneration) {
    // create a protection domain which knows about the codesource for this classpath entry (bug 89904)
    ProtectionDomain baseDomain = domainGeneration.getDomain();
    try {
        // use the permissions supplied by the domain passed in from the framework
        PermissionCollection permissions;
        if (baseDomain != null) {
            permissions = baseDomain.getPermissions();
        } else {
            // no domain specified.  Better use a collection that has all permissions
            // this is done just incase someone sets the security manager later
            permissions = ALLPERMISSIONS;
        }
        Certificate[] certs = null;
        SignedContent signedContent = null;
        if (bundlefile instanceof BundleFileWrapperChain) {
            BundleFileWrapperChain wrapper = (BundleFileWrapperChain) bundlefile;
            while (wrapper != null && (!(wrapper.getWrapped() instanceof SignedContent))) wrapper = wrapper.getNext();
            signedContent = wrapper == null ? null : (SignedContent) wrapper.getWrapped();
        }
        if (getConfiguration().CLASS_CERTIFICATE && signedContent != null && signedContent.isSigned()) {
            SignerInfo[] signers = signedContent.getSignerInfos();
            if (signers.length > 0)
                certs = signers[0].getCertificateChain();
        }
        File file = bundlefile.getBaseFile();
        // Bug 477787: file will be null when the osgi.framework configuration property contains an invalid value.
        return new GenerationProtectionDomain(file == null ? null : new CodeSource(file.toURL(), certs), permissions, getGeneration());
    // return new ProtectionDomain(new CodeSource(bundlefile.getBaseFile().toURL(), certs), permissions);
    } catch (MalformedURLException e) {
        // Failed to create our own domain; just return the baseDomain
        return baseDomain;
    }
}

Also used : BundleFileWrapperChain(org.eclipse.osgi.storage.bundlefile.BundleFileWrapperChain) SignedContent(org.eclipse.osgi.signedcontent.SignedContent) SignerInfo(org.eclipse.osgi.signedcontent.SignerInfo) MalformedURLException(java.net.MalformedURLException) File(java.io.File) BundleFile(org.eclipse.osgi.storage.bundlefile.BundleFile) Certificate(java.security.cert.Certificate)

Aggregations

Certificate (java.security.cert.Certificate)2 SignedContent (org.eclipse.osgi.signedcontent.SignedContent)2 SignerInfo (org.eclipse.osgi.signedcontent.SignerInfo)2 File (java.io.File)1 IOException (java.io.IOException)1 MalformedURLException (java.net.MalformedURLException)1 X509Certificate (java.security.cert.X509Certificate)1 ArrayList (java.util.ArrayList)1 HashMap (java.util.HashMap)1 List (java.util.List)1 SignedContentFactory (org.eclipse.osgi.signedcontent.SignedContentFactory)1 BundleFile (org.eclipse.osgi.storage.bundlefile.BundleFile)1 BundleFileWrapperChain (org.eclipse.osgi.storage.bundlefile.BundleFileWrapperChain)1 BundleException (org.osgi.framework.BundleException)1