felix-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From sid19039 <sid19...@gmail.com>
Subject how to enable felix verify the contents of a signed bundle
Date Fri, 12 Aug 2016 13:42:03 GMT
Hello All,

I am trying to test that felix first verify the contents of a signed bundle
and then install it if verified successfully. To accomplish this , i
downloaded an org.apache.felix.framework.security bundle i.e
*org.apache.felix.framework.security-2.4.0.jar* which i read, is required to
be installed into felix framework to enable feature of signature
verification of an OSGi bundle.

i then created a *all.policy* file in felix framework home directory(on
windows) containing data as following:
*grant {
 permission java.security.AllPermission;
};*

I then tried to open the felix shell via following command on command
Prompt:
*java -Djava.security.policy=all.policy -Dorg.osgi.framework.security="osgi"
-jar bin/felix.jar*
shell was opened successfully.

I then tried to install the felix framework security bundle as following:
____________________________
Welcome to Apache Felix Gogo

g!
g!
g! install org.apache.felix.framework.security-2.4.0.jar
Bundle ID: 5
g!
g! start 5
g!

after installing , i tried to start it as shown above but its state was
still shown as Resolved,
*    5|Resolved   |    1|Apache Felix Security Provider (2.4.0)|2.4.0*

then i tried to install a sample corrupt jar file which was signed earliar
using jarsigner tool provided by jdk 6 present on my windows machine. *I was
expecting that this bundle won't install and some security exception would
appear on the shell.
But it was installed and a bundleid was allocated successfully as shown
below:*
g!
g! install my_tempered3.jar
Bundle ID: 6
g!

please tell , did i get wrong somewhere or missed some step ?
Or what are the steps to enable signature verification in felix framework?

i am a newbie here, please someone do share your view points.

Thanks
sid










--
View this message in context: http://apache-felix.18485.x6.nabble.com/how-to-enable-felix-verify-the-contents-of-a-signed-bundle-tp5018089.html
Sent from the Apache Felix - Users mailing list archive at Nabble.com.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@felix.apache.org
For additional commands, e-mail: users-help@felix.apache.org


Mime
View raw message