Introduction to digital signature technology of applets

Source: Internet
Author: User
Tags log4j

Here first say sorry to everyone, after all, 2 years ago I wanted to write this article, but because they are too lazy has not written, but also to leave something for themselves, some days ago my boss let me do this thing found that I did not stay, and by their own impressions from the new, but found that the online writing is really some superficial, Really say just go, after all, we are the program ape, not the students, how also point more to think of something oh, so the sum of their own things to write down, left to the beginning of the learning of the people some inspiration well, by learning the content you will have full access to the local client through the server ability, No matter what permissions are not affected, (very many articles are written need to change the client local policy file, in fact, is not necessary, just to the client point our digital signature, we can do anything) ~oo~

Simply say what the applet digital signature is all about: The applet uses the tools in the JDK $JAVA _home/bin a bunch of EXE files below the server to access the security signature of the local client. Suppose you want to allow customers to really trust your applet signature and spend hundreds of dollars to buy a trusted signing certificate from a CA-owned versign company.

This article is mainly about Tomcat as the middleware, the detailed signature steps, $JAVA _home for the JDK installation folder, $TOMCAT _home for the installation folder Tomcat

Implementing the signing process for applets such as the following:

1. Set the environment variable $JAVA _home (easy to use under the Windows system, regardless of the folder can be directly used $JAVA _home/bin EXE command, the EXE contains Keytool.exe,jarsigner.exe and HtmlConverter.exe).

2. Make a copy of the root folder of the _home folder under the $TOMCAT WebApps, and delete the junk that is not practical and change it to your Web app name. For example: Webapplet copy the jar that needs to be signed into the $TOMCAT _home/webapps/webapplet, it is important to note that the signature jar package will have to sign the jar packages involved in the entire project reference, or you can sign one less You can't do it!

3. Create a test-based HTML page applet.html

CODEBASE = "."
CODE = "Com.aspire.reportPlatform.webagent.WebAgentApplet.class"
ARCHIVE = "Applet.jar"
NAME = "Testapplet"
WIDTH = 400
HEIGHT = 300
hspace = 0
vspace = 0
ALIGN = Middle
>

4. Open the cmd command prompt and execute htmlconverter under $tomcat_home/webapps/webapplet

For example: F:/applettomcat/webapps/webapplet>htmlconverter

Pop up a form, enter the HTML file that needs to be converted in the form like I just wrote the applet.html, the conversion of things to write JSP also the same applies.

After the conversion, see the following example:

<!--"Converted_applet"-
<!--HTML CONVERTER--
<object
ClassID = "Clsid:8ad9c840-044e-11d1-b3e9-00805f499d93"
codebase = "http://java.sun.com/update/1.5.0/jinstall-1_5-windows-i586.cab#Version=5,0,0,1"
WIDTH = HEIGHT = + NAME = "Testapplet" ALIGN = middle Vspace = 0 hspace = 0 >
<param NAME = CODE VALUE = "Com.aspire.reportPlatform.webagent.WebAgentApplet.class" >
<param NAME = CODEBASE VALUE = "." >
<param NAME = ARCHIVE VALUE = "Applet.jar,commons-codec-1.3.jar,commons-httpclient-3.1.jar,commons-logging.jar, Dom4j.jar,flowmetadata.jar,ibatis-2.3.2.715.jar,jgraph.jar,log4j-1.2.9.jar,metadatamanage.jar,ojdbc14.jar, Rdpcommon.jar,swing-layout-1.0.jar,ws-commons-util-1.0.1.jar,xmlrpc-client-3.1.jar,xmlrpc-common-3.1.jar ">
<param name = Name VALUE = "Testapplet" >
<param name = "type" value = "application/x-java-applet;version=1.5" >
<param name = "scriptable" value = "false" >

<comment>
<embed
Type = "application/x-java-applet;version=1.5"/
CODE = "Com.aspire.reportPlatform.webagent.WebAgentApplet.class"/
Java_codebase = "."/
ARCHIVE = "Applet.jar"/
NAME = "Testapplet"/
WIDTH = 400/
HEIGHT = 300/
ALIGN = middle/
vspace = 0/
hspace = 0
scriptable = False
pluginspage = "Http://java.sun.com/products/plugin/index.html#download" >
<noembed>

</noembed>
</embed>
</comment>
</object>

<!--
<applet CODE = "Com.aspire.reportPlatform.webagent.WebAgentApplet.class" java_codebase = "." ARCHIVE = "Applet.jar" WIDTH = HEIGHT = + NAME = "Testapplet" ALIGN = middle Vspace = 0 hspace = 0>


</APPLET>
-
<!--"End_converted_applet"-

Here is a thing to note that has a write <param NAME = ARCHIVE VALUE = "Applet.jar. That piece, the normal conversion will only write to Applet.jar, the back is I directly to the applet need to refer to the jar package directly add to, again and again remind: here also need to sign the association of all jar package write up, otherwise naught!

6. To write a bat file to play, to sign, for example, I wrote the Applet.bat

The contents are as follows:

Keytool-genkey-keystore pepper.store-alias Pepper keytool-export-keystore pepper.store-alias pepper-file pepper.c ert Jarsigner-keystore pepper.store applet.jar pepperjarsigner-keystore pepper.store Commons-codec-1.3.jar pepperjars Igner-keystore pepper.store Commons-httpclient-3.1.jar pepperjarsigner-keystore pepper.store Commons-logging.jar Pepperjarsigner-keystore pepper.store Dom4j.jar pepperjarsigner-keystore pepper.store FlowMetaData.jar Pepperjarsigner-keystore pepper.store Ibatis-2.3.2.715.jar pepperjarsigner-keystore pepper.store Jgraph.jar Pepperjarsigner-keystore pepper.store Log4j-1.2.9.jar pepperjarsigner-keystore pepper.store MetaDataManage.jar Pepperjarsigner-keystore pepper.store Ojdbc14.jar pepperjarsigner-keystore pepper.store RDPCommon.jar Pepperjarsigner-keystore Pepper.store Swing-layout-1.0.jar Pepperjarsigner-keystore pepper.store Ws-commons-util-1.0.1.jar Pepperjarsigner-keystore Pepper.store Xmlrpc-client-3.1.jar pepperjarsigner-keystorE Pepper.store Xmlrpc-common-3.1.jar Pepper 

The meaning of the commentary:

Keytool-genkey-keystore pepper.store-alias Pepper #创建pepper. Store KeyStore file, this keystore alias is pepper

Input above that paragraph, will prompt input password jdk Changeit, this password can change, how to change please check on the Internet, I do not remember the column, but the proposal does not change, because sometimes because of change password jdk1.4 will be bizarre bad use ...

Password after the loss, enter some corresponding signature information,

F:/applettomcat/webapps/applet>keytool-genkey-keystore Pepper.store-alias Pepper
Input Keystorepassword:changeit
What is your first and last name?
[Unknown]: LEe
What is the name of your organizational unit?
[Unknown]: Aspire
What is your organization's name?
[Unknown]: Aspire
What is the name of your city or region?
[Unknown]: SZ
What is the name of your state or province?
[Unknown]: GD
What is the two-letter country code for this unit?
[Unknown]: CN
Cn=lee, Ou=aspire, O=aspire, L=sz, ST=GD, C=CN right?
[No]: Y

Main password of input <pepper>
(assuming the same as KeyStore password, press ENTER):

Enter the password library to export the certificate password, in order to lazy above that I directly press ENTER column ...

Keytool-export-keystore pepper.store-alias pepper-file Pepper.cert export Pepper.cert certificate based on the generated keystore, enter password Changeit, Say that this piece can be entered step up you set the Password Library export certificate password (assuming not changeit)

Jarsigner-keystore pepper.store Applet.jar Pepper for Applet.jar signature, enter the certificate password I can write Changeit, the following jar packages are repeated input here not much to say   , Over! Write to everyone should be able to play their own signature, I also have a read file experience: That is originally written in the application of good things to the applet is not good use, because the applet loading mechanism is to download the server signed jar packages are downloaded to  In the client's temporary folder, the dissemble have been changed ... This temporary folder like mine: C:/Documents and Settings/x_lixin_a/application Data/sun/java/deployment/cache/javapi/v1.0/jar

So I've been reading the files and downloaded the config file to the client locally, more than

System.getproperty ("Java.io.tmpdir") folder below, to read here will not be a problem column, log sometimes problems, it is recommended to write ***.log directly, so that in the execution of the generated log files will be thrown to the desktop, in fact, do not advocate a log , after all, users see this thing uncomfortable ...

By the way I write the applet to let everyone see it,

Idea: 1. Download the configuration file that you need to read locally.  2. Execute main class, run application.
Test: In IE input http://localhost:8080/webapplet see an applet pop-up a box click to execute, by the way: Check the error can notice the bottom right corner of the taskbar appears in the Big teapot icon, perform a        Pplet will start this thing, right-click to see the option to open the main console, click this option, pop up a dialog box, this dialog will be able to see your signature where the problem, with SYSTEM.OUT.PRINTLN () can hit the console, but it is recommended to first in the local   Eclipse Project executes through the interview on the Get. PostScript: Write here everyone should know how to implement the digital signature of the applet, if there is any doubt can be directly in csdn grabbed me, or send mail to [email protected], I hope there is log logs that block configuration better solution must tell me Satan, to communicate with each other wow, think I wrote this article can also friends hope to help me top up, I hope a year later I will not be in the Internet to read the article of the garbage (now that the article is written in any of the articles, it can not solve the problem!) ) ~oo~

The code is as follows:

Package Com.aspire.reportplatform.webagent;import Java.applet.applet;import Java.awt.color;import Java.awt.container;import Java.io.bufferedoutputstream;import Java.io.file;import Java.io.FileInputStream;import Java.io.fileoutputstream;import Java.io.ioexception;import Java.net.url;import Java.net.URLConnection;import Java.util.zip.zipentry;import Java.util.zip.zipinputstream;import Javax.swing.japplet;import Com.aspire.rdp.flowdesinger.logondialog;public class Webagentapplet extends JApplet {public static Applet m_ Runningapplet = null;protected char m_osprefix;//private octetseqholder resp = null;private Container ContentPane = null;p Ublic static string agentid;private static Long agentlongid;//private static final String dllfolderpath= System.getproper Ty ("User.dir")//;//private static final string//dllfolderpath=system.getproperty ("Java.home") +file.separator+ "Lib "+file.separator+" ext ";p rivate static final String Dllfolderpath = System.getproperty (" java.home ") + File.separator +" Bin"; String Temp_dir = System.getproperty ("Java.io.tmpdir");p rivate int result = 1;private int count = 0;public static String C Erterip = null;private string nickname = Null;public static string serverfulladdress;/** * @throws Java.lang.AbstractM Ethoderror */public void init () {Certerip = GetParameter ("centeraddress"); Certerip = new String ("192.168.168.1 11 "); System.err.println ("Centerip is" + Certerip); System.out.println ("User.dir =" + System.getproperty ("User.dir")); nickname = GetParameter ("nickname"); serverfulladdress = string.valueof (GetCodeBase ()), M_osprefix = System.getproperty ("Os.name"). ToLowerCase (). CharAt ( 0);//installlibraries ();D irectoryvo directoryvoarray[] = createdirectories (); for (int i=0;i< directoryvoarray.length;i++) {installconfigresources (directoryvoarray[i]);} Drawpane (); Logondialog Logondialog = new Logondialog (); logondialog.setvisible (true); try {//Add (panel); if (m_runningapplet! = NULL) {statuspanel.getstatuspanelinstance (). SetStatus ((Byte)11);} else {M_runningapplet = This;//webagent = new Webagent ();//initializecommunication (webagent); Statuspanel.getstatuspanelinstance (). SetStatus ((byte) one);//if (result = = 0) {//statuspanel.getstatuspanelinstance ( )//.setstatus ((byte) 0);/} else {//statuspanel.getstatuspanelinstance ()//.setstatus ((byte) 8);//}//Heartbeatinfo = New Heartbeatinfo ();//New Thread (Heartbeatinfo). Start ();//webagent.initialize (webagent, this);//sendheartinfo ();} } catch (Exception _ex) {//logfile.getinstance (). Print (0, "webagentapplet.init ()",//"Applet initial Failed!"); /_ex.printstacktrace ();        Statuspanel.getstatuspanelinstance (). SetStatus ((byte) 8); _ex.printstacktrace ();//destroy ();}}    Private directoryvo[] Createdirectories () {directoryvo[] Directoryvoarray = new Directoryvo[3];        Directoryvo Directoryvo = new Directoryvo (); String config = temp_dir+ "RDP"; File configfile=new file (config), if (!configfile.exists ()) {Configfile.mkdir ();} String plugins = config + file.separator + "Plugins "; File pluginsfile= new file (plugins), if (!pluginsfile.exists ()) {Pluginsfile.mkdir ();} String email = plugins + file.separator + "email"; File emailfile= new file (email), if (!emailfile.exists ()) {Emailfile.mkdir ();} Directoryvo.setpathname (email);d irectoryvo.setzipname ("Emailplugins.zip");d irectoryvoarray[0] = DirectoryVO; String images = config + file.separator + "images"; File Imagesfile = new file (images), if (!imagesfile.exists ()) {Imagesfile.mkdir ();} String cfg = config + file.separator + "cfg"; File Cfgfile = new file (CFG), if (!cfgfile.exists ()) {Cfgfile.mkdir ();} Directoryvo directoryVO1 = new Directoryvo ();d irectoryvo1.setzipname ("Images.zip");d irectoryvo1.setpathname (Images );d irectoryvoarray[1] = Directoryvo1;directoryvo directoryVO2 = new Directoryvo ();d irectoryvo2.setzipname ("Cfg.zip")    ;d irectoryvo2.setpathname (CFG);d irectoryvoarray[2] = directoryVO2;    return directoryvoarray; } private void Installconfigresources (Directoryvo directoryvo) {String Archivepath = string.valueof (GetCodeBase ()) + "native" + "/" + directoryvo.getzipname (); System.out.println ("Archivepath =" + Archivepath); Zipinputstream zis = null; ZipEntry entry = null; URLConnection con = null;try {con = (new URL (Archivepath)). OpenConnection (); con.setusecaches (false); Con.connect (); ZiS = New Zipinputstream (Con.getinputstream ()); while ((Entry = Zis.getnextentry ()) = null) {Installconfigresource (ZiS, Entry.getname (), Directoryvo.getpathname ());}} catch (IOException IoE) {statuspanel.getstatuspanelinstance (). SetStatus ((byte) 8); Ioe.printstacktrace ();// Logfile.getinstance (). Print (0,//"webagentapplet.installlibraries ()",//"Install has IOException");} catch (Exception e) {e.printstacktrace ();}    finally {con = null;try {zis.close ();} catch (IOException e) {//TODO self-generated catch block E.printstacktrace ();}} } private void Installconfigresource (Zipinputstream archive, String configresourcename,string path) {Buffere Doutputstream out = null;byte buffer[] = new byte[1024]; int count = 0; String configfullpathname = path + File.separator + configresourcename;try {out = new Bufferedoutputstream (New fileoutputs Tream (Configfullpathname)), while ((count = archive.read (buffer)) > 0) out.write (buffer, 0, count); Out.close ();} catch (IOException e) {e.printstacktrace ();} catch (Exception e) {e.printstacktrace ();}    Finally{try {out.close ();} catch (IOException E1) {//TODO self-generated catch block E1.printstacktrace ();}} The public void Drawpane () {ContentPane = Getcontentpane (); Contentpane.setbackground (Color.White); Contentpane.add ( Statuspanel.getstatuspanelinstance ());} public void Destroy () {try {if (M_runningapplet = = this) {//webagent.testmanagermodule.close ();// Statuscontrol.getstatuscontrolinstance (). Notifytocenter (Statuscontrolmoduleconstant.agent_down_success, Agentlongid);//appletcommunicatemodule.stop ();}} catch (Exception e) {//logfile.getinstance (). Print (0, "Webagentapplet.destroy ()",//"Unknownhostexception:cannot             Destory applet "); E.printstacktRace ();} finally {system.exit (0); System.err.println ("in applet close!!!!");}} private void Installlibraries () {String Archivepath = string.valueof (GetCodeBase ()) + "native";    System.err.println (GetCodeBase ()); Zipinputstream zis = null; ZipEntry entry = null; URLConnection con = null; String Archivename;switch (m_osprefix) {case 119://&apos;w&apos;archivename = "Winlib.zip"; Break;case 108://& Amp;apos;l&apos;archivename = "Linuxlib.zip"; Break;case://&apos;s&apos;archivename = " Solarislib.zip "; break;default:archivename =" winlib.zip "; break;} try {con = (new URL (Archivepath + "/" + Archivename)). OpenConnection (); con.setusecaches (false); Con.connect (); zis = new Zi Pinputstream (Con.getinputstream ()); while ((Entry = Zis.getnextentry ()) = null) {installlibrary (ZiS, Entry.getname ()) ;}} catch (IOException IoE) {statuspanel.getstatuspanelinstance (). SetStatus ((byte) 8); Ioe.printstacktrace ();// Logfile.getinstance (). Print (0,//"webagentapplet.installlibraries ()",//"InstallHave IOException ");} catch (Exception e) {e.printstacktrace ();} finally {con = null;try {zis.close ();} catch (IOException e) {//TODO self-generated catch block E.printstacktrace ();}}} private void Installlibrary (Zipinputstream archive, String dllName) {bufferedoutputstream out = null;byte buffer[] = new B Yte[1024];int count = 0; String dllfullpathname = dllfolderpath + File.separator + dllName; System.out.println ("dllfullpathname =" + dllfullpathname); try {out = new Bufferedoutputstream (New FileOutputStream (DLL Fullpathname), while ((count = archive.read (buffer)) > 0) out.write (buffer, 0, count); Out.close ();/if (m_ospre fix = &apos;w&apos;)//Commandlineutility.runcommand ("chmod 0775" + dllfullpathname);} catch (IOException e) {e.printstacktrace ();//logfile.getinstance (). Print (0, "webagentapplet.installlibrary ()",//" Install single Library failed ");//Exitduetoexception (E," Copying a native Library file into jre//directory ");} catch (Exception e) {E.priNtstacktrace ();} Finally{try {out.close ();} catch (IOException E1) {//TODO self-generated catch block E1.printstacktrace ();}}} private void Installlogfile () {//try {//string//logproperties=system.getproperty ("Java.home") +file.separator+ " Bin "+file.separator+" log4j.properties ";//file f=new File (logproperties);//f.createnewfile ();//fileoutputstream Fopt=new FileOutputStream (f);//string firstparagraph=new String ("# #LOGGERS ##/r/n#define a logger named//seamislogger /r/nlog4j.rootlogger=info,file/r/n/r/n ");//fopt.write (Firstparagraph.getbytes ());//string senondParagraph=new String ("# #APPENDERS ##/r/n#define an appender//named File,which are set to being a//rollingfileappender/r/ nlog4j.appender.file=org.apache.log4j.rollingfileappender/r/n "+" log4j.appender.file.file= "+System.getProperty ( "Java.home") +file.separator+ "bin" +file.separator+ "agentlog.txt" + "/r/n/r/n");//Fopt.write ( Senondparagraph.getbytes ());//string thirdparagraph=new String ("# #LAYOUTS ##/r/n#assign a simplelayout//to file// Appender/r/nlog4j.appender.file.layout=org.apache.log4j.simplelayout/r/n ");//fopt.write (Thirdparagraph.getbytes ());//  Fopt.close ();/} catch (FileNotFoundException e) {////TODO self-generated catch block//e.printstacktrace ();/} catch (IOException e) {////TODO self-generated catch block//e.printstacktrace ();//}//}}

Introduction to digital signature technology for applets

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.