This is theoretically and practically impossible. The verification of jars occurs on the client side. Any cryptography is not presented to you in a verifiable fashion, and you trust that the client offers any crypto.
Even if you were to request arbitrary bytes from the jar file itself for verification, the evil user may configure for bytes to be taken from a good jar but presented by bad code.
You can use a cryptographic proof to ensure the other side has data, but making sure that it only has that copy/revision/version of that data is impossible. A determined attacker can feed you any lies as he can claim in any verification that he has the valid jar.
In short, presence of correct data does not imply exclusive presence of same.