Explore Eclipse's plug-in signature mechanism

Subtitle: Learn how to create a signed plug-in with the Eclipse and IBM Lotus Expeditor

Introduction: Security is an important issue when installing plug-ins for the software. This article explores the signature technology used on the Eclipse platform to determine the reliability of the plug-in. Eclipse divides plug-ins into 5 categories: signed, unsigned, trustworthy, untrusted, expired. Learn how to create a signed plug-in in Eclipse and Ibm®lotus®expeditor (Eclipse-based products) through this article.

This article describes the Eclipse plug-in signature and its application. In addition, the test strategy used by the IBM Lotus Expeditor client provisioning system, which controls access to local or remote Eclipse update sites, is described.

Signatures are an indispensable mechanism for the Eclipse security feature. During a plug-in download, the Eclipse user can verify the signature of the JAR file published to the update site. This allows users to obtain reliable information about the code that will be installed. This feature enables users to identify the publisher of the Code and verify that it has been modified after uploading to the update site. IBM Lotus Expeditor/lotus notes® uses this security mechanism through its Update Manager component to provide a signature check for the user.

Prerequisite

To get the most out of this article, you need to use the Eclipse development environment and sample code. If you do not have Eclipse yet, please download:

Java 2 Standard Edition can obtain java®2 Standard Edition or newer versions from Sun Microsystems. Eclipse can find the Eclipse platform on Eclipse Foundation. If you want to use another test platform, download the IBM Lotus expeditor v6.1.x, but this is optional.

Background

The Eclipse plug-in is categorized according to the following 5 digital signatures:

Unsigned plug-ins by default, all Plug-ins generated by Eclipse are unsigned. After the signature plug-in has signed the unsigned plug-in, it becomes a signed plug-in. Trusted Plug-ins If a signed plug-in uses a trusted signature, the Eclipse runtime trusts the plug-in. Therefore, it is a trusted plug-in. Non-trusted plug-ins This signature plugin uses an unreliable signature. Expired plugins all signed plug-ins have an expiration date. The plug-in is encapsulated in a jar file with a signature, but the certificate used to sign the jar file has expired, which is called an expired plug-in. Figure 1. Classification of Plug-ins