getSigners() in java.lang.Class

Robert Penny (rpenny@gensym.com)
Thu, 21 May 1998 14:23:20 -0400

Message-Id: <35647118.507A234A@gensym.com>
Date: Thu, 21 May 1998 14:23:20 -0400
From: Robert Penny <rpenny@gensym.com>
To: java-security@web2.javasoft.com
Subject: getSigners() in java.lang.Class

What is the purpose and level of implementation of this method? The
javadoc is very scanty, and I could find no references to this method in
a 2-hr scan of jdk security documentation. I am currently running
jdk1.1.5 and developing an application using JNI and RMI. I have the
following problem: I wish to be able to ensure that certain licensing
checks in our application are not defeated by customers who might
decompile our java code and work around our licensing checks. I was
wondering if there would be some way from within the C code (harder to
decompile) that we could check that certain objects are from untampered
classes.

I looked at the idea of using getSystemResourceAsStream to check that
the bytes used to define the class were OK (would feel most secure if
the classes had been loaded by the system class loader), but since this
appears not to be allowed for class files (I got a security exception
along the way) I am researching whether or not I can use jar signing as
another form of security check. It seems on the surface that being able
to call obj.getClass().getSigners() or something from within native code
would be a good start: maybe we would be able to pass in a public key to
some object to ensure that it had the right private key, thus ensuring
that the class was loaded from our signed jar. Or something (I'm a
little new to this whole security field).

However (to avoid the possibility that I made a mistake in signing a jar
since I am new to javakey), I used the signedWriteFile.jar from
ftp://ftp.javasoft.com/docs/security/signExample/signedWriteFile.jar
and tried:

package security;

public class Test {
public static void main(String[] args) {
try {
Class clazz = Class.forName("writeFile");
System.out.println("class=" + clazz + ";signers=" +
clazz.getSigners());
} catch (Exception ex) {
ex.printStackTrace();
}
}
}

The output was:

c:\>java security.Test
java security.Test
class=class writeFile;signers=null

It appears that the SystemClassLoader does not call setSigners(), even
when loading from a signed jar. Even if we were to implement our own
class-loader and call setSigners() ourselves, how could we know that our
own class-loader hadn't been tampered with?

Lacking documentation that pointed a way to solving my particular
problem, I have tried the naive interpretation of what little
information I could find. That having failed (and the archives of this
list having nothing obvious on the subject), I am trying the more direct
approach of asking :-)

Thanks for your help,
-Robert