/**
  * Retrieve the FML signing certificates, if any. Validate these against the published FML
  * certificates in your mod, if you wish.
  *
  * <p>Deprecated because mods should <b>NOT</b> trust this code. Rather they should copy this, or
  * something like this, into their own mods.
  *
  * @return Certificates used to sign FML and Forge
  */
 @Deprecated
 public Certificate[] getFMLSigningCertificates() {
   CodeSource codeSource =
       getClass().getClassLoader().getParent().getClass().getProtectionDomain().getCodeSource();
   Certificate[] certs = codeSource.getCertificates();
   if (certs == null) {
     return new Certificate[0];
   } else {
     return certs;
   }
 }
Beispiel #2
0
 /**
  * Loads protection domain for specified jar. The domain is not loaded from the jar itself but it
  * is derived from parent protection domain.
  *
  * @param aURL jar url
  * @return
  */
 protected ProtectionDomain getProtectionDomain(URL aURL) {
   ProtectionDomain parentDomain = getClass().getProtectionDomain();
   CodeSource csParent = parentDomain.getCodeSource();
   Certificate[] certParent = csParent.getCertificates();
   CodeSource csChild =
       (certParent == null
           ? new CodeSource(aURL, csParent.getCodeSigners())
           : new CodeSource(aURL, certParent));
   ProtectionDomain pdChild =
       new ProtectionDomain(
           csChild,
           parentDomain.getPermissions(),
           parentDomain.getClassLoader(),
           parentDomain.getPrincipals());
   return pdChild;
 }