From e150560769232e18fa516609933649dab002f358 Mon Sep 17 00:00:00 2001 From: Danesh Dadachanji Date: Mon, 22 Oct 2012 11:02:38 -0400 Subject: Major rework of JarCertVerifier certificate management. This is a long-planned rework of JarCertVerifier, allowing it to handle multiple certificates. The algorithms used to verify jars with multiple certificates vary between JNLPs and Applets. --- .../sourceforge/jnlp/security/CertVerifier.java | 30 +++++++++------------- 1 file changed, 12 insertions(+), 18 deletions(-) (limited to 'netx/net/sourceforge/jnlp/security/CertVerifier.java') diff --git a/netx/net/sourceforge/jnlp/security/CertVerifier.java b/netx/net/sourceforge/jnlp/security/CertVerifier.java index 842a865..7769884 100644 --- a/netx/net/sourceforge/jnlp/security/CertVerifier.java +++ b/netx/net/sourceforge/jnlp/security/CertVerifier.java @@ -1,5 +1,5 @@ /* CertVerifier.java - Copyright (C) 2009 Red Hat, Inc. + Copyright (C) 2012 Red Hat, Inc. This file is part of IcedTea. @@ -39,10 +39,10 @@ package net.sourceforge.jnlp.security; import java.security.cert.CertPath; import java.security.cert.Certificate; -import java.util.ArrayList; +import java.util.List; /** - * An interface that provides various details about a certificate + * An interface that provides various details about certificates of an app. */ public interface CertVerifier { @@ -58,36 +58,30 @@ public interface CertVerifier { public boolean getRootInCacerts(); /** - * Return if there are signing issues with the certificate(s) being veried + * Return if there are signing issues with the certificate being verified */ - public boolean hasSigningIssues(); + public boolean hasSigningIssues(CertPath certPath); /** - * Return if there are no signing issues with this cert (!hasSigningIssues()) + * Get the details regarding issue with this certificate */ - public boolean noSigningIssues(); + public List getDetails(CertPath certPath); /** - * Get the details regarding issue(s) with this certificate - */ - public ArrayList getDetails(); - - /** - * Return a valid certificate path to this certificate(s) being verified + * Return a valid certificate path to this certificate being verified * @return The CertPath */ - public CertPath getCertPath(); + public CertPath getCertPath(CertPath certPath); /** * Returns the application's publisher's certificate. */ - public abstract Certificate getPublisher(); + public abstract Certificate getPublisher(CertPath certPath); /** * Returns the application's root's certificate. This - * may return the same certificate as getPublisher() in + * may return the same certificate as getPublisher(CertPath certPath) in * the event that the application is self signed. */ - public abstract Certificate getRoot(); - + public abstract Certificate getRoot(CertPath certPath); } -- cgit v1.2.3