Message-Id: <199806112022.NAA23609@crypto.eng.sun.com>
Date: Thu, 11 Jun 1998 13:22:29 -0700 (PDT)
From: Roland Schemers <Roland.Schemers@Eng>
Subject: Re: getSigners()
To: java-security@web2.javasoft.com, Roland.Schemers@Eng, burati@pubweb.net
> X-Sender: burati@mail.pubweb.net
> Date: Thu, 11 Jun 1998 14:58:33 -0400
> To: java-security@web2.javasoft.com, Roland Schemers <Roland.Schemers@Eng>
> From: Mike Burati <burati@pubweb.net>
> Subject: Re: getSigners()
> Mime-Version: 1.0
>
>
> > In JDK 1.1.x, getSigners will return an array of Identity objects,
> > representing the identities that signed the class. In JDK 1.2beta4,
> > getSigners will return an array of java.security.cert.Certificate
> > objects.
>
> I didn't think that APIs were supposed to change between point releases
> (just major releases like 1.x -> 2.x)? Anyway, that's not the point
> of this email. The real question is below...
The API isn't changing, as getSigners still returns an array of
Objects. The only thing that is changing is those objects will now
be certificates instead of identities.
> There's amazingly little documentation for setSigners():
>
> "protected final void setSigners(Class cl,
> Object signers[])
> Sets the signers of a class. This is called after defining a class,
> by signature-aware class loading code."
>
> and getSigners():
>
> "public native Object[] getSigners()
> Get the signers of this class."
>
...
>
> Does *anybody* have more detailed info on how the above methods
> are supposed to be used (eg, what steps to take to grab the sig
> itself and the exact bytes used for the sig by javakey, from the
> jar file manifest; whether the classloader is supposed to do all
> the verification first and then call setSigners() with all that
> succeeded (or should the class loader fail if any failed...).....?
Basically, the class loader that is loading the classes is supposed
to verify the signatures in the .DSA/.RSA files against the
manifest file, and the hashes in the manifest file against the hashes
of the files in the jar. If that all verifies, the class loader then
calls defineClass to define the class, and finally should call
setSigners before returning the newly defined class.
As I mentioned, there are no public apis to do the verification yourself, it is
all buried in undocumented/unsupported sun.* classes.
roland