Package net.sourceforge.jnlp.security
Class PluginAppVerifier
- java.lang.Object
-
- net.sourceforge.jnlp.security.PluginAppVerifier
-
- All Implemented Interfaces:
AppVerifier
public class PluginAppVerifier extends java.lang.Object implements AppVerifier
-
-
Constructor Summary
Constructors Constructor Description PluginAppVerifier()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description java.util.List<java.security.cert.CertPath>
buildCertPathsList(JarCertVerifier jcv)
Build a list of all the CertPaths that were detected in the provided JCV, placing them in the most trusted possible order.void
checkTrustWithUser(JNLPClassLoader.SecurityDelegate securityDelegate, JarCertVerifier jcv, JNLPFile file)
Prompt the user with requests for trusting the certificates used by this appboolean
hasAlreadyTrustedPublisher(java.util.Map<java.security.cert.CertPath,CertInformation> certs, java.util.Map<java.lang.String,java.lang.Integer> signedJars)
Checks if the app has already found trust in its publisher(s).boolean
hasRootInCacerts(java.util.Map<java.security.cert.CertPath,CertInformation> certs, java.util.Map<java.lang.String,java.lang.Integer> signedJars)
Checks if the app has signer(s) whose certs along their chains are in CA certs.boolean
isFullySigned(java.util.Map<java.security.cert.CertPath,CertInformation> certs, java.util.Map<java.lang.String,java.lang.Integer> signedJars)
Checks if the app's jars are covered by the provided certificates, enough to consider the app fully signed.
-
-
-
Method Detail
-
hasAlreadyTrustedPublisher
public boolean hasAlreadyTrustedPublisher(java.util.Map<java.security.cert.CertPath,CertInformation> certs, java.util.Map<java.lang.String,java.lang.Integer> signedJars)
Description copied from interface:AppVerifier
Checks if the app has already found trust in its publisher(s).- Specified by:
hasAlreadyTrustedPublisher
in interfaceAppVerifier
- Parameters:
certs
- The certs to search through and their cert informationsignedJars
- A map of all the jars of this app and the number of signed entries each one has.- Returns:
- True if the app trusts its publishers.
-
hasRootInCacerts
public boolean hasRootInCacerts(java.util.Map<java.security.cert.CertPath,CertInformation> certs, java.util.Map<java.lang.String,java.lang.Integer> signedJars)
Description copied from interface:AppVerifier
Checks if the app has signer(s) whose certs along their chains are in CA certs.- Specified by:
hasRootInCacerts
in interfaceAppVerifier
- Parameters:
certs
- The certs to search through and their cert informationsignedJars
- A map of all the jars of this app and the number of signed entries each one has.- Returns:
- True if the app has a root in the CA certs store.
-
isFullySigned
public boolean isFullySigned(java.util.Map<java.security.cert.CertPath,CertInformation> certs, java.util.Map<java.lang.String,java.lang.Integer> signedJars)
Description copied from interface:AppVerifier
Checks if the app's jars are covered by the provided certificates, enough to consider the app fully signed.- Specified by:
isFullySigned
in interfaceAppVerifier
- Parameters:
certs
- Any possible signer and their respective information regarding this app.signedJars
- A map of all the jars of this app and the number of signed entries each one has.- Returns:
- true if jar is fully signed
-
checkTrustWithUser
public void checkTrustWithUser(JNLPClassLoader.SecurityDelegate securityDelegate, JarCertVerifier jcv, JNLPFile file) throws LaunchException
Description copied from interface:AppVerifier
Prompt the user with requests for trusting the certificates used by this app- Specified by:
checkTrustWithUser
in interfaceAppVerifier
- Parameters:
securityDelegate
- parental securityjcv
- jar verifierfile
- jnlp fiel to provide information- Throws:
LaunchException
- if it fails to verify
-
buildCertPathsList
public java.util.List<java.security.cert.CertPath> buildCertPathsList(JarCertVerifier jcv)
Build a list of all the CertPaths that were detected in the provided JCV, placing them in the most trusted possible order.- Parameters:
jcv
- The verifier containing the CertPaths to examine.- Returns:
- A list of CertPaths sorted in the following order: Signers with 1. Already trusted publishers 2. Roots in the CA store and have no signing issues 3. Roots in the CA store but have signing issues 4. Everything else
-
-