felix-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Pierre Parrend <pierre.parr...@insa-lyon.fr>
Subject OSGi security layer for felix - bundle digital signature validation
Date Sat, 16 Jun 2007 15:17:31 GMT

 Hello everybody,

  I have set up (together with Stephane) a patch for the validation of digital
signature of bundles for Felix.
 To give a answer to earlier inquiries from Karl Pauls:
- the code can be executed with Java 1.3
- the new JarFile(fileName, true) call, that is supposed to checked jar
signature is not sufficient (for two reasons: 1) files are verified at class
loading, and not at installation; 2) behavior is not compliant with OSGI R4
specs).

The code is contained in one single class, and relies on the bouncycastle bcprov
and bcmail libraries.

I propose to create in the felix trunk 2 directories to support the patch,
sfelix.doc and sfelix.jarvalidation directories. The Bouncycastle libs could be
set in the 'commons' dir.

 Should I create an entry for this in the Jira ?

best regards,

Pierre

-- 
Pierre Parrend
doctorant, moniteur
laboratoire CITI, 21, Av. Jean Capelle
69621 Villeurbanne Cedex
pierre.parrend@insa-lyon.fr
www.rzo.free.fr

Mime
View raw message