osgi security with signed war file -


can me?

i use osgi security in application. therefore wrote security bundle, grant bundles signed keystore. 1 of bundles war file (bundle10). if start server (glassfish felix) on deployed war bundle, java.lang.securityexception:

exception while processing web-inf/classes/com/xy/someclass.class inside  file:/tmp/osgiapp430591893594363740/web-inf/lib/bundle10.jar of size 2.111  java.lang.securityexception: invalid signature file digest manifest main attributes @ sun.security.util.signaturefileverifier.processimpl(signaturefileverifier.java:221) @ sun.security.util.signaturefileverifier.process(signaturefileverifier.java:176) @ java.util.jar.jarverifier.processentry(jarverifier.java:288) @ java.util.jar.jarverifier.update(jarverifier.java:199) @ java.util.jar.jarfile.initializeverifier(jarfile.java:327) @ java.util.jar.jarfile.getinputstream(jarfile.java:395) @ com.sun.enterprise.deployment.deploy.shared.inputjararchive.getentry(inputjararchive.java:244) @ com.sun.enterprise.v3.server.readablearchivescanneradapter.handleentry(readablearchivescanneradapter.java:166) @ com.sun.enterprise.v3.server.readablearchivescanneradapter.onselectedentries(readablearchivescanneradapter.java:133) @ org.glassfish.hk2.classmodel.reflect.parser.dojob(parser.java:348) @ org.glassfish.hk2.classmodel.reflect.parser.access$300(parser.java:70) @ org.glassfish.hk2.classmodel.reflect.parser$3.call(parser.java:307) @ org.glassfish.hk2.classmodel.reflect.parser$3.call(parser.java:296) @ java.util.concurrent.futuretask$sync.innerrun(futuretask.java:303) @ java.util.concurrent.futuretask.run(futuretask.java:138) @ java.util.concurrent.threadpoolexecutor$worker.runtask(threadpoolexecutor.java:895) @ java.util.concurrent.threadpoolexecutor$worker.run(threadpoolexecutor.java:918) @ java.lang.thread.run(thread.java:662)

i signed bundle maven jasigner plugin.

the exception tells digest in signers.sf manifest main section incorrect. section contains osgi metadata. looks war turned bundle after signed?

signing quite complicated. manifest contains 2 sections, main section , section per resource in jar. each of these resource sections start name: attribute identifying path resource. when want sign jar first create manifest , resource section each attribute, resource section contains 1 or more digests (sha, md5, etc) of resource.

you can have multiple signers have pick name each signature file. in signature file again have main section , number of resource sections. in main section must have 1 or more of the

x-digest-manifest-attributes: <x digest of manifest main section>

the x can again 1 of digest algorithms used. resource sections in manifest must contain digest of corresponding resource section in manifest (not resource!).

      manifest.mf               <>.sf       +--------------+    main |bundle-sym .. |    <---  x-digest-manifest-main-attributes: 345678...       |bundle-vers.. |          +--------------+   name |name: a.class |    <---  name: a.class       |x-digest: 56a5|          x-digest:  4789...       +--------------+       |name: b.class |    <---  name: b.class       |x-digest: ace |          x-digest:   65123...       +--------------+

in short, main manifest section not signed. either missing -digest-manifest-main-attributes in <>.sf file or (likely) calculated before calculated osgi headers.

if you're using bnd, can sign bundle directly bnd.


Comments

Post a Comment

Popular posts from this blog

java.util.scanner - How to read and add only numbers to array from a text file -

i'm learning java , have question regarding reading file want read numbers file contains strings well. here example of file: 66.56 "3 java 3-43 5-42 2.1 1 and here coding: public class test { public static void main (string [] args){ if (0 < args.length) { file x = new file(args[0]); try{ scanner in = new scanner( new fileinputstream(x)); arraylist<double> test = new arraylist<>(); while(in.hasnext()){ if(in.hasnextdouble()){ double f=in.nextdouble(); test.add(f);} else {in.next();} } catch(ioexception e) { system.err.println("exception during reading: " + e); } } my problem add 66.56,2.1 , 1 doesn't add 3 after "3 or ignores 3-43 , 5-42 can tell me how skip strings , add doubles here? thanks all said 3 ie; "3, 3-43 , 4-42 strings either u read string , split , check number @ " , - or put in space between characters , integers. jvm after compilation tre...
Read more

rewrite - Trouble with Wordpress multiple custom querystrings -

i'm working on adding multiple querystring , doesn't seem work. i've found codes seems work others might i'm missing something. i want like: http://mydomain.com/board/?getyear=2013&getsometext2=sometext to http://mydomain.com/board/2013/sometext/ i added code below functions.php file. doesn't seem work should though. this works. echoing querystring gets both variable without problem. http://mydomain.com/board/2013/sometext/ but doesn't. tested querystring vis isset() seems nothing being set/get http://mydomain.com/board/2013/ function add_query_vars($vars) { $vars[] = "getyear"; $vars[] = "getsometext2"; return $vars; } add_filter('query_vars', 'add_query_vars'); function add_rewrite_rules($arules) { $anewrules = array('board/([^/]+)/([^/]+)/?$' => 'index.php?pagename=board&getyear=$matches[1]&getsometext2=$matches[2]'); $arules = $a...
Read more