Technical Support
Discussion Forum
Online Training
Read About Java
Java In-Depth
Product Discounts
Membership Information JDC Resources DukeDollars Early Access

Java Cup Logo

JDC Applets
(chat, newsreader, calendar)

Log Out

Online Training
shadowSearchFAQFeedback

Course Notes Table of Contents
Exercises | Online Training Index

Signing Declarations with John Hancock
MageLang Institute
[Help | Solution | API Docs | Behavior | Course Notes | Exercises]

Prerequisites

If you sell a Bean that requires it to be trusted when downloaded over the Internet, you need to digitally sign it. Then, for each and every user, they need to identify you as trusted and install your public X.509 key, into their Java key database. (Code signing is only one way of limiting access in Java. See the Java Security API Overview for more.)

This exercise takes you through the steps to sign an applet that uses the results from the Reflective Programming with Freud exercise.

Perform the following tasks:

  1. Execute the following statement to make sure that "John Hancock" is not a known identity to your system. 
    javakey -r "John Hancock"

  2. Once removed, we can run the program unsigned to see what happens. Unpack the AllHancock.jar file and run appletviewer with the Declaration.html file.

  3. Now, press the 'Introspect' button while there is nothing in the 'Enter class name' text field. The applet is able to reflect on itself with no security problems.

  4. Then try to inspect a system class like java.lang.String. When you press the 'Introspect' button with java.lang.String in the text field, you will see a lengthy security exception message on the display. This basically is saying that the applet is untrusted by you, so cannot access restricted things. In order to be trusted, it must be signed by someone. Then, the user of the applet must tell their system that they trust that someone AND install their public key into their system.

  5. In order for our applet to be trusted, we need to generate a certificate, create a jar file, sign it, and tell our .html file to use it. To generate the certificate, involves four steps:

    Identify signer and state that you 'trust' them
    javakey -cs "John Hancock" true
    • javakey is key security program
    • -c means to create an identity
    • -s means we are creating a code 'signer'
    • "John Hancock" is signer
    • true signifies we trust "John Hancock"
    Generate a public-private key pair for signer
    javakey -gk "John Hancock" DSA 512 Hancock_pub Hancock_priv
    • -gk means to generate key pair
    • "John Hancock" is identity
    • DSA is algorithm
    • 512 is key size
    • Hancock_pub / Hancock_priv are key pair files.
    Setup a signer profile file
    This file is a bunch of key-value pairs identifying who the signer is, how long the key is good for, and what the output file is.
    For purposes of this exercise, just use the Hancock.cert file provided.
    Generate a certificate
    javakey -gc Hancock.cert
    • -gc means to generate a certificate
    • Hancock.cert is the certificate profile file
    • The command creates the file Hancock.x509 because the out.file directive provided that name.

  6. Now we can sign our code. First, we need to package our code up to be signed. The Freud.class file is the only one that has to be signed. If we include our general applet code in the signed package and the user does not trust the signer, they will get an empty screen on startup and will think they did something wrong. By not packaging the front-end, this won't happen. The command to place the Freud class in a jar file is: 
    jar cf Freud.jar Freud.class

  7. Now we need to sign the .jar file. This requires a signing directive file similar to the signer profile file earlier. For purposes of this exercise, just use the Hancock.sign file provided. Once the directives file is setup, execute: 
    javakey -gs Hancock.sign Freud.jar
    to create the file Freud.jar.sig. Rename Freud.jar.sig to be signedFreud.jar. 
    ren Freud.jar.sig signedFreud.jar

  8. Finally, create an html file that uses the signed file and test it. In the <APPLET> tag, include an archive=signedFreud.jar parameter. Then test it.

  9. Okay, now that you have this. What is necessary for a user to use it as trusted? Basically, only three steps. First, you need to provide the user with the Hancock.x509 file you created earlier. Then, they need to identify the signer as trusted on their system. Finally, they need to import the certificate file into their system.

    In order for us to make believe we don't know who the signer is, we need to remove their identity from our database first.
    javakey -r "John Hancock"
    Deliver Hancock.x509 to user somehow.
    Register "John Hancock" as trusted
    javakey -c "John Hancock" true
    • There isn't a '-s' flag because John Hancock doesn't need to create certificates on the user's system.
    Import the Hancock.x509 certificate file
    javakey -ic "John Hancock" Hancock.x509
    • There is no magic in the filename or extension.
    Run the signed applet.
    appletviewer signedDeclaration.html
    If you try introspecting classes like java.lang.String, you will see no security exceptions thrown.

The task numbers above are linked to the step-by-step help page. Also available is a complete solution to the problem, and expected behavior, to demonstrate it.


Copyright © 1997 MageLang Institute. All Rights Reserved
May-97 Copyright © 1996, 1997 Sun Microsystems Inc. All Rights Reserved