Signed Classes

One of the primary applications of digital signatures in Java is to create and verify signed classes. Signed classes allow the expansion of Java’s sandbox in two different ways:

The policy file can insist that classes coming from a particular site be signed by a particular entity before the access controller will grant that particular set of permissions. In the policy file, such an entry contains a signedBy directive:
```
grant signedBy "sdo", codeBase "http://piccolo.East.Sun.COM/" {
		java.io.FilePermission "-", "read,write";
}
```
This entry allows classes that are loaded from piccolo.East.Sun.COM to read and write any local files under the current directory only if the classes have been signed by sdo.
The security manager can cooperate with the class loader in order to determine whether or not a particular class is signed; the security manager is then free to grant permissions to that class based on its own internal policy. This technique is far more important in Java 1.1, since most Java 1.2 security managers simply defer decisions to the access controller.

In this section, we’ll explore the necessary components behind this expansion of the Java sandbox. This example in the rest of the section fills in the remaining details of the JavaRunner program by showing us how to use a signed class.

There are three necessary ingredients to expand the Java sandbox with signed classes:

A method to create the signed class. The jarsigner utility is used for this (see Appendix A).
A class ...

Get Java Security now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Java Security by

Signed Classes

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly