BBS水木清华站∶精华区
发信人: rhythin (多米诺骨牌), 信区: Java
标 题: Re: 请教:有关在JAR文档中进行数字签名的问题
发信站: BBS 水木清华站 (Wed Apr 7 13:17:59 1999)
This is a webpage of java, in case you have no access to internet:
Unfortunately the JDK 1.1 signing and verification is not supported by the web browsers (Netscape's
and Microsoft's.) It is supported in HotJava, http://java.sun.com/products/hotjava and appletviewer.
You can use the Java Plug-in in the browsers to get access to more recent JDK technology,
http://java.sun.com/products/plugin. You can run 1.1.x signed applets with the Plug-in plugged into the
browsers.
We are working with the Java licensees to get the standard Java signing working for people in an
interoperable way.
You can also exercise this example by downloading these files
signedWriteFile.jar
signedWriteFile.html
Duke.x509
from the ftp.javasoft.com web site. You will be able to experiment with creating and using the identity
database, and you will be able to load the signed applet from your local net.
Running signed applets with the Java Plug-in
1.Get the latest version of the Java Plug-in
To follow this example, you'll need to download and install the Java Plug-in.
Full instructions for installing the Java Plug-in are on its download page. Briefly, on Solaris,
% chmod +x plugin-11-solaris2-sparc.bin
% /bin/sh plugin-11-solaris2-sparc.bin*
% mkdir -p ~/.netscape/java/lib
% touch ~/.netscape/java/lib/rt.jar
The mkdir and touch commands are needed to workaround a known bug that will be fixed in
the next release of the Java Plug-in.
On Windows, double-click on the file named plugin-11-win32.exe, and InstallShield will go
through the installation.
2.Observe the restrictions placed on applets by default
Downloaded applets are prevented from writing files to your hard disk.
Here's the source code for an applet that wants to do just that. It tries to write a file named
/tmp/foo (or a file named "tmpfoo" if you're on a Windows system.) This is not a malicious
applet, but it is trying to do something that the Java Applet Security Manager prevents it from
doing.
After you've installed the Plug-In, start the Plug-in Control Panel:
On Windows: From the Start menu, choose the Programs option. Then choose the Java
Plug-in Control Panel menu item.
On Solaris: You can run the Control Panel using the following command:
~/.netscape/java/ControlPanel
Once in the control panel, turn on the option to view the Java Console. Then visit this URL
http://java.sun.com/security/signExample/pluginEx.html
from your browser.
On the pluginEx.html page, the applet display should read "writeFile: caught security exception."
This is a good thing, and the expected behavior. A security exception doesn't mean that a security
violation occurred - it means exactly the opposite. It means that the system caught the applet
trying to escape the restrictions of the applet sandbox. To alert you to that fact, the system throws
an exception. This is programmer terminology for "the system set off a warning bell." When you
see a security exception on a Java system, you know that the system prevented the code from
violating security.
Note that the Java Console should have displayed some output, including the location of the User
home directory. This is important information that you should remember for the next step.
3.Set up your system to accept code signed by Duke
It turns out that Duke (our mascot) signed this applet and stored it in an archive named
signedWriteFile.jar. If you get a copy of Duke's certificate, import it into your system's identity
database and declare Duke to be a trusted entity, then you'll allow any applet signed by Duke to
have full authority on your system.
Here's the steps you need to take to accomplish that.
1.Get a copy of Duke's certificate and store it in a file named Duke.x509
2.Create the identity "Duke" in your JDK 1.1 identity database. By passing the parameter
"true", you're saying that you want Duke to be a trusted identity.
% javakey -c Duke true
3.Import Duke's certificate into your identity database, assuming you have a copy of Duke's
certifiate in the file named Duke.x509. Associate that certificate with the identity "Duke"
by using that nickname as the first argument to the javakey command.
% javakey -ic Duke Duke.x509
4.Make sure your identity database is in the directory where the Plug-in expects it to be. Your
identity database should be in the User home directory that was displayed as part of the
output in the Java Console. If your identity database does not already reside in this
directory, copy it there.
4.Exit and restart your browser
5.Run the applet signed by Duke
Now go ahead and run the applet signed by Duke. You'll notice that it can now create and write a
file on your local filesystem. Visit this URL from your browser, after you've installed the Plug-In,
and after you've imported Duke's certificate:
http://java.sun.com/security/signExample/signedPluginEx.html
You might wonder, what does the HTML tag look like, for a signed archive loaded by a plugin?
The HTML is complicated, but, you don't need to write this HTML by hand. When you
downloaded the Java Plug-In, you also could download a tool called the Java Plug-In HTML
Converter. It's very easy to run. Once you've installed it, go to the directory named
HTML_Converter and invoke the simple GUI tool:
% HTMLConverter &
Type in the name of the HTML file you need to convert so that it can be loaded by the Plug-In,
and click on the "Convert" button.
That's all there is to it. For more details on the object HTML tag, see the Java Plug-in HTML
Specification.
Running signed applets with appletviewer
1.Step 1 - Get the latest version of JDK 1.1.x
To follow this example, you'll need to download a copy of JDK 1.1.x.
Once you've downloaded JDK 1.1.x and installed the software on your client, we're ready to
go. Make sure that the JDK tools are accessible from your search path. We'll need to use
these tools:
javakey, the tool for generating keys and signing archives
jar, the tool for creating an archive
appletviewer, a stripped-down browser for viewing the applet
2.Step 2 - Observe the restrictions placed on applets by default
Downloaded applets are prevented from writing files to your hard disk.
Here's the source code for an applet that wants to do just that. It tries to write a file named
/tmp/foo (or a file named "tmpfoo" if you're on a Windows system.) This is not a malicious
applet, but it is trying to do something that the Java Applet Security Manager prevents it
from doing.
You can see what happens when you try to run this applet by typing this command in a shell
window (or in an MS-DOS prompt window:)
% appletviewer http://java.sun.com/security/signExample/writeFile.html
You should see that the system throws a security exception. This is a good thing, and the
expected behavior. A security exception doesn't mean that a security violation occurred - it
means exactly the opposite. It means that the system caught the applet trying to escape the
restrictions of the applet sandbox. To alert you to that fact, the system threw an exception.
This is programmer terminology for "the system set off a warning bell." When you see a
security exception on a Java system, you know that the system prevented the code from
violating security.
3.Step 3 - Set up your system to accept code signed by Duke
It turns out that Duke (our mascot) signed this applet and stored it in an archive named
signedWriteFile.jar. If you get a copy of Duke's certificate, import it into your system's
identity database and declare Duke to be a trusted entity, then you'll allow any applet signed
by Duke to have full authority on your system.
Here's the steps you need to take to accomplish that.
1.Get a copy of Duke's certificate and store it in a file named Duke.x509
2.Create the identity "Duke" in your JDK 1.1 identity database. By passing the
parameter "true", you're saying that you want Duke to be a trusted identity.
% javakey -c Duke true
3.Import Duke's certificate into your identity database, assuming you have a copy of
Duke's certifiate in the file named Duke.x509. Associate that certificate with the
identity "Duke" by using that nickname as the first argument to the javakey
command.
% javakey -ic Duke Duke.x509
4.Run the applet signed by Duke
Now go ahead and run the applet signed by Duke. You'll notice that it can now create and
write a file on your local filesystem.
% appletviewer http://java.sun.com/security/signExample/signedWriteFile.html
You might wonder, what does the HTML tag look like, for a signed archive?
<applet code=writeFile.class archive="signedWriteFile.jar" width=500 height=50>
</applet>
That's all there is to it. You simply tell the browser the name of the archive, using the
archive= attribute. For more details on the applet HTML tag, see the JAR Guide.
5.Do it yourself
Here's a script that encapsulates all the steps you need to take. Refer to it as an example, as
you experiment with the new features of JDK 1.1.x.
doit: a script that creates a Duke identity, keys, certificate, then creates an archive and signs
it. It prints out some diagnostic information, such as the contents of the signed archive, and
the contents of the identity database.
Here's links to all the files used in this example.
writeFile.html and writeFile.java
Duke.x509 certificate
cert_directive_Duke (template for generating a certificate)
sign_directive_Duke (template for signing an archive)
signedWriteFile.html and signedWriteFile.jar
For more information, refer to the documentation on our main security page,
http://java.sun.com/security. In particular you might be interested in a brief document
named Using Javakey.
【 在 nuaawlp (远方之恋) 的大作中提到: 】
∶ 在发行Java Applet文件时,为了扩展Applet对客户端访问的权限,在服务器
∶ 端将所有class文件打包成JAR文档并对它进行了数字签名,那么客户端的浏览器
∶ 如何利用公开密匙对该Applet进行安全审查呢?
∶ 非常感谢!
--
※ 来源:·BBS 水木清华站 bbs.net.tsinghua.edu.cn·[FROM: cascade.cs.ubc.]
BBS水木清华站∶精华区