From f8212436685f6355ba9e80a7c9e2f6b7915ec6ec Mon Sep 17 00:00:00 2001
From: "David M. Lloyd" <david.lloyd@redhat.com>
Date: Mon, 21 Oct 2024 12:49:02 -0500
Subject: [PATCH] Add resource method to list code signers

This allows for secure (spec-compliant) class loader implementation by allowing correct protection domains to be defined.
---
 .../io/smallrye/common/resource/JarFileResource.java  |  7 +++++++
 .../java/io/smallrye/common/resource/Resource.java    | 11 +++++++++++
 2 files changed, 18 insertions(+)

diff --git a/resource/src/main/java/io/smallrye/common/resource/JarFileResource.java b/resource/src/main/java/io/smallrye/common/resource/JarFileResource.java
index 777dbd1..b4d2b6e 100644
--- a/resource/src/main/java/io/smallrye/common/resource/JarFileResource.java
+++ b/resource/src/main/java/io/smallrye/common/resource/JarFileResource.java
@@ -8,10 +8,12 @@
 import java.net.URL;
 import java.nio.file.DirectoryStream;
 import java.nio.file.attribute.FileTime;
+import java.security.CodeSigner;
 import java.time.Instant;
 import java.util.Collections;
 import java.util.Enumeration;
 import java.util.Iterator;
+import java.util.List;
 import java.util.NoSuchElementException;
 import java.util.jar.JarEntry;
 import java.util.jar.JarFile;
@@ -116,6 +118,11 @@ public Instant modifiedTime() {
         return fileTime == null ? null : fileTime.toInstant();
     }
 
+    public List<CodeSigner> codeSigners() {
+        CodeSigner[] array = jarEntry.getCodeSigners();
+        return array == null ? List.of() : List.of(array);
+    }
+
     public InputStream openStream() throws IOException {
         return jarFile.getInputStream(jarEntry);
     }
diff --git a/resource/src/main/java/io/smallrye/common/resource/Resource.java b/resource/src/main/java/io/smallrye/common/resource/Resource.java
index 30691c9..436b735 100644
--- a/resource/src/main/java/io/smallrye/common/resource/Resource.java
+++ b/resource/src/main/java/io/smallrye/common/resource/Resource.java
@@ -14,8 +14,10 @@
 import java.nio.file.Path;
 import java.nio.file.StandardCopyOption;
 import java.nio.file.StandardOpenOption;
+import java.security.CodeSigner;
 import java.security.ProtectionDomain;
 import java.time.Instant;
+import java.util.List;
 import java.util.function.Function;
 
 import io.smallrye.common.constraint.Assert;
@@ -193,6 +195,15 @@ public Instant modifiedTime() {
         return null;
     }
 
+    /**
+     * {@return the list of code signers for this resource}
+     * The resource must have been fully read, or else consumed {@linkplain #asBuffer() as a buffer}.
+     * By default, the base implementation returns an empty list.
+     */
+    public List<CodeSigner> codeSigners() {
+        return List.of();
+    }
+
     /**
      * {@return the size of the resource, or <code>-1</code> if the size is not known}
      */