I am trying to configure Felix 5.6.1 to only install bundles signed with a particular key. So far I have only been successful in detecting the compromised authenticity of bundles.
If am not mistaken this should be done using BundleSignerCondition
The example from "OSGi in action":
ALLOW {
[ org.osgi.service.condpermadmin.BundleSignerCondition "CN=core,O=baz,C=de" ]
( java.security.AllPermission "*" "*" )
} "Signed by core"
Do I presume correctly the service needs a specific configuration file, containing these permissions ?
Or should it be enforced programmatically, as shown in the book ?
[UPDATE - 11th January 2017]
I've installed the bundle security_policy_ch14-1.0.jar built by the code in Chapter 14 from https://github.com/mcculls/osgi-in-action. This is the Github repository of the book's source code. The bundle parses a policy file as described and puts the permissions in effect.
