Talend Studio signs Jobs before they are deployed to Talend Cloud Management Console using Java Jar signing (https://docs.oracle.com/javase/8/docs/technotes/guides/jar/jar.html#Signed_JAR_File). You can enable Remote Engines for Job signature verification.
You can use a default signing key bundled with Studio or your custom signing key for this verification.
The META-INF folder of the zip file
contains a .SF file with the SHA-256 digests of every file
contained in the zip, as well as the digest of the manifest itself. The signing key itself is bundled with Talend Studio.
This signs the .SF file and outputs the signature into a
.RSA file in META-INF. The signature algorithm
used is RSA-SHA256.