security
Class SignUtils

java.lang.Object
  security.SignUtils

public class SignUtils
extends java.lang.Object

Constructor Summary

SignUtils()

Method Summary

static void	main(java.lang.String[] args)
static void	packSignAndVerify()
static void	packSignAndVerify(java.lang.String className, java.lang.String keystoreName, java.lang.String storepass, java.lang.String alias)
static void	resignJar(java.io.File file) This will unsign a jar file (even if it does not need to) and then will sign the jar file.
static void	resignJars()
static java.lang.String	runJarSigner(java.lang.String[] args, java.io.File workingDir) This runs the jar signer with the arguments in the args array
static void	signGui() This gui assumes the webstart bean has correct information and that the keystore has a correct certificate.
static boolean	signJar()
static void	signJar(java.io.File targetJarFile, WebStartBean wsb)
static java.lang.String	signJar(java.lang.String keystoreName, java.lang.String storepass, java.io.File jarFileName, java.lang.String alias) Assume that the keystore password and the certificate password are the same.
static void	signOneJarGui()
static void	testPackSignAndVerify()
static void	testVerifyJarVerbose()
static void	unsignJar(java.io.File inputJar) Makes a tmp directory where the jar is, unjars it.
static void	verifyJar(java.io.File jarFileName) This method causes the callers thread of execution to terminate after the run!
static void	verifyJarVerbose(java.io.File jarFile) Run the jarsigner with the verification and verbose commands.

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

SignUtils

public SignUtils()

Method Detail

main

public static void main(java.lang.String[] args)
                 throws java.lang.Exception

Throws:

java.lang.Exception

resignJars

public static void resignJars()
                       throws java.security.NoSuchAlgorithmException,
                              java.io.IOException,
                              java.security.cert.CertificateException,
                              java.security.KeyStoreException

Throws:

java.security.NoSuchAlgorithmException

java.io.IOException

java.security.cert.CertificateException

java.security.KeyStoreException

testVerifyJarVerbose

public static void testVerifyJarVerbose()

verifyJarVerbose

public static void verifyJarVerbose(java.io.File jarFile)

Run the jarsigner with the verification and verbose commands.

Parameters:

jarFile - a file that should be a jar file.

runJarSigner

public static java.lang.String runJarSigner(java.lang.String[] args,
                                            java.io.File workingDir)

This runs the jar signer with the arguments in the args array

Parameters:

args - arguments passed to the jar signer

workingDir - place where jar signer starts working

Returns:

the output from running the jar signer

signGui

public static void signGui()

This gui assumes the webstart bean has correct information and that the keystore has a correct certificate.

signOneJarGui

public static void signOneJarGui()

testPackSignAndVerify

public static void testPackSignAndVerify()

packSignAndVerify

public static void packSignAndVerify()

packSignAndVerify

public static void packSignAndVerify(java.lang.String className,
                                     java.lang.String keystoreName,
                                     java.lang.String storepass,
                                     java.lang.String alias)

signJar

public static java.lang.String signJar(java.lang.String keystoreName,
                                       java.lang.String storepass,
                                       java.io.File jarFileName,
                                       java.lang.String alias)

Assume that the keystore password and the certificate password are the same. If they are not, you will be prompted during normal jarsigner use to enter the certificate password. To change the password of the certificate in the keystore, use:

keytool -keypasswd -alias duke -keypass dukekeypasswd -new newpass

To change the password of the keystore, use:

jarsigner -keypass newDukeKeyPassword

Parameters:

keystoreName - fully qualified path to keystore.

storepass - certificate and store password

jarFileName - thing to be signed

alias - certificate name

Returns:

the output from the JarSigner command

verifyJar

public static void verifyJar(java.io.File jarFileName)

This method causes the callers thread of execution to terminate after the run!

Parameters:

jarFileName - verifys the jar files after signing

signJar

public static void signJar(java.io.File targetJarFile,
                           WebStartBean wsb)

signJar

public static boolean signJar()
                       throws java.security.NoSuchAlgorithmException,
                              java.io.IOException,
                              java.security.cert.CertificateException,
                              java.security.KeyStoreException

Throws:

java.security.NoSuchAlgorithmException

java.io.IOException

java.security.cert.CertificateException

java.security.KeyStoreException

resignJar

public static void resignJar(java.io.File file)
                      throws java.security.NoSuchAlgorithmException,
                             java.io.IOException,
                             java.security.cert.CertificateException,
                             java.security.KeyStoreException

This will unsign a jar file (even if it does not need to) and then will sign the jar file.

Parameters:

file - the file to be resigned.

Throws:

java.security.NoSuchAlgorithmException - if you can't find the RSA algorithm

java.io.IOException - if you can't restore the WebStartBean

java.security.cert.CertificateException - if you can restore the keystore bean

java.security.KeyStoreException - if you don't have access to the keystore

unsignJar

public static void unsignJar(java.io.File inputJar)

Makes a tmp directory where the jar is, unjars it. Deletes the META-INF. Rejars it and overwrites the original. Deletes the tmp directory when it is done.

Parameters:

inputJar - to be unsigned.