[ http://issues.apache.org/jira/browse/FELIX-22?page=comments#action_12430239 ] Karl Pauls commented on FELIX-22: ---------------------------------
As of revision 434393 support for digitally signed bundles is implemented. For the time being the idea is to have the framework starter pass in a collection of trustedCaCerts that are used to verify the certificates a bundle has been signed with. The dn matching is implemented in our version of org.osgi.framework.AdminPermission while the actual certificate extraction and verification is done in org.apache.felix.framework.cache.BundleRevision and it's subclasses. While part of this is still work in progress (i.e., needs cleaning-up and will likely be relocated) it is actually already working (but in need of testing). I'll start a usage document once we have PermissionAdmin working (in case someone would like to play around with it now, do not hesitate to ask for help on the dev-list). > Implement support for digitally signed bundles > ---------------------------------------------- > > Key: FELIX-22 > URL: http://issues.apache.org/jira/browse/FELIX-22 > Project: Felix > Issue Type: New Feature > Components: Specification compliance, Framework > Reporter: Richard S. Hall > Assigned To: Karl Pauls > > This issue relates to section 2 of the OSGi R4 specification. This issue is > somewhat difficult in general, but even more difficult if we hope to create a > solution that works easily on J2ME and constrained devices. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira