HomeDigital EditionSys-Con RadioSearch Java Cd
Advanced Java AWT Book Reviews/Excerpts Client Server Corba Editorials Embedded Java Enterprise Java IDE's Industry Watch Integration Interviews Java Applet Java & Databases Java & Web Services Java Fundamentals Java Native Interface Java Servlets Java Beans J2ME Libraries .NET Object Orientation Observations/IMHO Product Reviews Scalability & Performance Security Server Side Source Code Straight Talking Swing Threads Using Java with others Wireless XML

"Java Security: Beyond Code Safety"
Vol. 2, Issue 12, p. 22


Listing 1: Creating a signed applet. 

ambrosia[1] -> javakey -cs OpenHorizon true 
created identity [Signer]OpenHorizon[uninitialized][trusted] 

ambrosia[2]-> javakey -gk OpenHorizon DSA 1024 oh.pub oh.priv 
Generated DSA keys for OpenHorizon (strength: 1024). 
Saved public key to oh.pub. 
Saved private key to oh.priv. 

ambrosia[3]-> cat oh.certDir 
subject.name=Open Horizon 
subject.real.name=Open Horizon, Inc. 
subject.org.unit=Software Development 
subject.org=Open Horizon 
start.date=10 April 1997 
end.date= 10 April 1998 
ambrosia[4]-> javakey -gc oh.certDir  
Generated certificate from directive file oh.certDir 

ambrosia[5]-> jar cf AmbrosiaSamples.jar *.class 

ambrosia[6]-> cat oh.signDir 

ambrosia[7]-> javakey -gs oh.signDir AmbrosiaSamples.jar 
Creating entry: META-INF/OHSIG.SF 
Creating entry: META-INF/OHSIG.DSA 
Adding entry: ohsub.class 
Adding entry: ohpub.class 
Signed JAR file AmbrosiaSamples.jar using directive file oh.signDir 

ambrosia[8]-> mv AmbrosiaSamples.jar.sig AmbrosiaSamples.jar 

Listing 2: HTML file for deploying on the Web server. 

<TITLE> Open Horizon Publishing Application</TITLE> 
<APPLET    code = ohpub.class 
          archive = AmbrosiaSamples.jar 
          width  = 200 
          height = 300> 

Listing 3: Setting up the client to verify a signed applet. 

ambrosia[9]->  javakey -c OpenHorizon true 
Created identity OpenHorizon[uninitialized][trusted] 

ambrosia[10]-> javakey -ic OpenHorizon oh.cert 
Imported certificate from oh.cert for OpenHorizon 

Listing 4: Producing a Digital Signature. 

1    import java.security 
2    import java.security.interfaces 
3    byte toBeSigned []; 
4    byte signedData []; 
5   . . . . . . . 
6    // priv must be initialized with a copy of the 
7    // private key. Not shown here. 
8    PrivateKey priv; 
9    Signature sig = Signature.getInstance(“DSA”); 
10   sig.initSign(priv); 
11   sig.update(toBeSigned); 
12   signedData = sig.sign(); 

Listing 5: Verifying the Digital Signature. 

1    import java.security 
2    import java.security.interfaces 
3    byte toBeVerified []; 
4    byte theSignature []; 
5   boolean isValid; 
6   . . . . . . . 
7    // pub must be initialized with a copy of the 
8    // public key. Not shown here. 
9    PublicKey pub; 
10    Signature sig = Signature.getInstance(“DSA”); 
11   sig.initVerify(pub); 
12   sig.update(toBeVerified); 
13   isValid = sig.verify(theSignature);


All Rights Reserved
Copyright ©  2004 SYS-CON Media, Inc.
  E-mail: [email protected]

Java and Java-based marks are trademarks or registered trademarks of Sun Microsystems, Inc. in the United States and other countries. SYS-CON Publications, Inc. is independent of Sun Microsystems, Inc.