eoftedal · October 29, 2013 20:42
diff --git a/SelfVerify.java b/SelfVerify.java
 package no.posten.dpost.sosm;

 import java.io.ByteArrayInputStream;
 import java.io.IOException;
 import java.io.InputStream;
 import java.net.URL;
 import java.security.AccessController;
 import java.security.CodeSigner;
 import java.security.CodeSource;
 import java.security.PrivilegedAction;
 import java.security.cert.Certificate;
 import java.security.cert.CertificateFactory;
 import java.security.cert.X509Certificate;
 import java.util.Enumeration;
 import java.util.jar.JarEntry;
 import java.util.jar.JarFile;

 import org.bouncycastle.util.encoders.Base64;

 public class SelfVerify {
 	private static final String cert = "...base64 encoded cert...";

 	public static boolean verify() throws Exception {
 		URL providerURL = AccessController.doPrivileged(new PrivilegedAction<URL>() {
 			public URL run() {
 				CodeSource cs = SelfVerify.class.getProtectionDomain().getCodeSource();
 				return cs.getLocation();
 			}
 		});
 		CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
 		X509Certificate c = (X509Certificate)certFactory.generateCertificate(new ByteArrayInputStream(Base64.decode(cert)));

 		return verify(new JarFile(providerURL.getPath()), c);
 	}

 	private static boolean verify(final JarFile jar, final X509Certificate cert) throws IOException {
 		Enumeration<JarEntry> entries = jar.entries();
 		while (entries.hasMoreElements()) {
 			JarEntry entry = entries.nextElement();
 			try {
 				InputStream is = jar.getInputStream(entry);
 				boolean found = false;
 				System.out.println(entry.getCodeSigners());
 				for (CodeSigner signer : entry.getCodeSigners()) {
 					for (Certificate c : signer.getSignerCertPath().getCertificates()) {
 						System.out.println(((X509Certificate)c).getSubjectDN());
 					}
 					if (signer.getSignerCertPath().getCertificates().contains(cert)) {
 						found = true;
 						break;
 					}
 				}
 				return found;
 			} catch (SecurityException se) {
 				return false;
 			}
 		}
 		return true;
 	}
 }
	package no.posten.dpost.sosm;

	import java.io.ByteArrayInputStream;
	import java.io.IOException;
	import java.io.InputStream;
	import java.net.URL;
	import java.security.AccessController;
	import java.security.CodeSigner;
	import java.security.CodeSource;
	import java.security.PrivilegedAction;
	import java.security.cert.Certificate;
	import java.security.cert.CertificateFactory;
	import java.security.cert.X509Certificate;
	import java.util.Enumeration;
	import java.util.jar.JarEntry;
	import java.util.jar.JarFile;

	import org.bouncycastle.util.encoders.Base64;

	public class SelfVerify {
	private static final String cert = "...base64 encoded cert...";

	public static boolean verify() throws Exception {
	URL providerURL = AccessController.doPrivileged(new PrivilegedAction<URL>() {
	public URL run() {
	CodeSource cs = SelfVerify.class.getProtectionDomain().getCodeSource();
	return cs.getLocation();
	}
	});
	CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
	X509Certificate c = (X509Certificate)certFactory.generateCertificate(new ByteArrayInputStream(Base64.decode(cert)));

	return verify(new JarFile(providerURL.getPath()), c);
	}

	private static boolean verify(final JarFile jar, final X509Certificate cert) throws IOException {
	Enumeration<JarEntry> entries = jar.entries();
	while (entries.hasMoreElements()) {
	JarEntry entry = entries.nextElement();
	try {
	InputStream is = jar.getInputStream(entry);
	boolean found = false;
	System.out.println(entry.getCodeSigners());
	for (CodeSigner signer : entry.getCodeSigners()) {
	for (Certificate c : signer.getSignerCertPath().getCertificates()) {
	System.out.println(((X509Certificate)c).getSubjectDN());
	}
	if (signer.getSignerCertPath().getCertificates().contains(cert)) {
	found = true;
	break;
	}
	}
	return found;
	} catch (SecurityException se) {
	return false;
	}
	}
	return true;
	}
	}