java, getting started with java code security, getting started with java document security, core java, j2se, introduction to code security, introduction to document security, java code and document security
3. ADVANCE JAVA
Author Profile
Ankit Desai
Ph.D. Scholar, IET, Ahmedabad University
Education: M. Tech. (C.E.), B. E. (I. T.)
Experience: 8 years (Academic and Research)
Research Interest: IoT, Big Data Analytics, Machine
Learning, Data Mining, Algorithms.
Classified e-Material 3
4. ADVANCE JAVA
Classified e-Material 4
DIGITAL SIGNATURE
Sign document using
private key keytool
Generate digital
signature jarsigner
Send document with
your public key
Receiver use the public
key to verify that your
document
5. ADVANCE JAVA
Classified e-Material 5
CERTIFICATE
A public key.
The "distinguished-name" information for entity
A digital signature.
The distinguished-name information for the signer
(issuer).
6. ADVANCE JAVA
Classified e-Material 6
SIGNING CODE AND GRANTING ITS PERMISSION
Count.java
javac
Count.class
jar
jarsigner
Count.jar
Keytool - genkey
susanstore
Priveate key
Public key certificate
Keytool -export
Susanjones.cer
sCount.jar
1
2
3
4
5
9. ADVANCE JAVA
Classified e-Material 9
EXPORT THE PUBLIC KEY CERTIFICATE
keytool -export -keystore susanstore -alias
signFiles -file SusanJones.cer
10. ADVANCE JAVA
Classified e-Material 10
STEPS FOR THE CODE RECIVER
sCount.jar from Susan
java
1
Security manager
Data file
Exception:
Count program doesn’t have
Permission to read the data file
Susan.cer from Susan
2
Keytool -import
raystore
Alias susan
Susan’s public key certificate
Java
Policy tool
Policy file ray policy
Granting code signed
By “susan” permission to
Read the data file
sCount.jar from susan
Security manager
Data file
3
4
11. ADVANCE JAVA
Classified e-Material 11
OBSERV THE RESTRICTED APPLICATION
java -cp sCount.jar Count C:TestDatadata
Exception in thread "main"
java.security.AccessControlException:
access denied (java.io.FilePermission C:TestDatadata
read)
at java.security.AccessControlContext.checkPermission(Compiled Code)
at java.security.AccessController.checkPermission(Compiled Code)
at java.lang.SecurityManager.checkPermission(Compiled Code) at
java.lang.SecurityManager.checkRead(Compiled Code)
at java.io.FileInputStream.(Compiled Code)
at Count.main(Compiled Code)
12. ADVANCE JAVA
Classified e-Material 12
IMPORT THE CERTIFICATE AS A TRUSTED CERTIFICATE
keytool -import -alias susan -file SusanJones.cer -
keystore raystore
13. ADVANCE JAVA
Classified e-Material 13
SET UP A POLICY FILE TO GRANT THE REQUIRED PERMISSION
Start Policy Tool
Specify the Keystore
Add a Policy Entry with a SignedBy Alias
Save the Policy File