creates a Duke identity, keys, certificate, then creates an

John Orendt (jorendt@ozemail.com.au)
Sat, 13 Dec 1997 17:22:22 +1100

Message-Id: <v03007800b0b7da1097ce@[202.12.88.146]>
Date: Sat, 13 Dec 1997 17:22:22 +1100
To: java-security@web2.javasoft.com
From: John Orendt <jorendt@ozemail.com.au>
Subject: creates a Duke identity, keys, certificate, then creates an

Hi

Thanks for your Netscape and IE URLs regarding applet security.

Now, I'm trying to follow the example on

http://java.sun.com/security/signExample/doit on a PC

which follows:

#! /bin/csh

# Step 1. Create the Duke identity, as a trusted identity

javakey -cs Duke true

# Step 2. Generate a keypair for Duke, and store the public key in a file
named
# Duke_pub and the private key in a file named Duke_priv

javakey -gk Duke DSA 512 Duke_pub Duke_priv

# Step 3. Generate an x509 certificate for Duke, and store it in the file
# named Duke.x509. This output file name is given in the directive file
# named cert_directive_Duke.

javakey -gc cert_directive_Duke

# Step 4. Create the archive.

***** John notes that one must also: javac writeFile.java to get
writeFile.class

jar cf signedWriteFile.jar writeFile.class writeFile.html

# Step 5. Sign the archive, using the parameters given in
sign_directive_Duke.

javakey -gs sign_directive_Duke signedWriteFile.jar

# Step 6. Move the signed archive to a file suffixed in .jar.

mv signedWriteFile.jar.sig signedWriteFile.jar

# Step 7. Show the contents of the signed archive.

echo " "
echo "Contents of the archive are: "
jar tvf signedWriteFile.jar

# Step 8 . Show the contents of the identity database.

echo " "
echo "Contents of the identity database are: "
javakey -ld

------------------------------------------------------------------

now here is my dos version of the same

javakey -cs Duke true
javakey -gk Duke DSA 512 Duke_pub Duke_priv
javakey -gc cert_directive_Duke
javac writeFile.java
jar cf signedWriteFile.jar writeFile.class writeFile.html
javakey -gs sign_directive_Duke signedWriteFile.jar
del signedWriteFile.jar
rename signedWriteFile.jar.sig signedWriteFile.jar
jar tvf signedWriteFile.jar

rem This process all seemed to work fine.

rem until

appletviewer signedWriteFile.html

rem which for me generated a security exception

-------------------------------------------------------

do I need a signature from a cerifiying authority?

Best

John

John Orendt jorendt@ozemail.com.au Sydney NSW Australia
Check out my home page: http://www.ozemail.com.au/~jorendt/
Home 61-2-9981-5890 Mobile 61-411-348700 PGP aware

John Orendt jorendt@ozemail.com.au Sydney NSW Australia
Check out my home page: http://www.ozemail.com.au/~jorendt
Home 61-2-9981-5890 Mobile 61-411-348700 PGP Aware