In a Java 2 environment, Derby can
detect digital signatures on jar files. When attempting to load a class from
a signed jar file stored in the database, Derby will
verify the validity of the signature.
Note: The Derby class loader
only validates the integrity of the signed jar file and that the certificate
has not expired. Derby cannot
ascertain whether the validity/identity of declared signer is correct. To
validate identity, use a Security Manager (i.e., an implementation of java.lang.SecurityManager).
When loading classes from an application jar file in a Java 2 environment, Derby behaves as follows:
- If the class is signed, Derby will:
- Verify that the jar was signed using a X.509 certificate (i.e., can be
represented by the class java.security.cert.X509Certificate). If not,
throw an exception.
- Verify that the digital signature matches the contents of the file. If
not, throw an exception.
- Check that the set of signing certificates are all valid for the current
date and time. If any certificate has expired or is not yet valid, throw an
exception.
- Pass the array of certificates to the setSigners() method of java.lang.ClassLoader.
This allows security managers to obtain the list of signers for a class (using java.lang.Class.getSigners)
and then validate the identity of the signers using the services of a Public
Key Infrastructure (PKI).
Note: Derby does not provide
a security manager.
For more information about signed jar files, see the Java 2 specifications
at http://java.sun.com.
For more information about Java 2 security, go to http://java.sun.com/security/.