Comparison with Previous Releases
There are few changes to the
Signature
class itself between Java 1.1 and Java 2.
In Java 1.1, there is no
SignatureSpi
class and the
Signature
class extends the
Object
class instead; the
setParameter( )
method that requires an algorithm
parameter spec does not exist in 1.1. In 1.1 and Java 2, version 1.2,
the default security provider supports only
DSA signatures; to get RSA
signatures you must either install a third-party security provider or
upgrade to 1.3. The
SignedObject
class is only available in Java 2.
There are significant changes to the way in which
signed classes are handled between Java
1.1. and Java 2. In Java 1.1, there is no
jarsigner
tool; the equivalent tool is called
javakey
,
and it creates signatures using the 1.1 identity scope (rather than a
keystore). We will discuss this in Appendix C.
Since Java 1.1 does not have code sources, reading a signed
jar file is also different. In fact, since
the
java.util.jar
package does not exist in that release,
the classes required to read a standard
PKCS7
signature block are unavailable to us. More important, the
security manager
must handle signed classes differently: the class loader we presented here must be
modified to associate the
certificates with the class using the
setSigners( )
method of the
Class
class, and the security manager must
retrieve those certificates with the getSigners( )
method. In general, the security manager and the class loader must be more tightly-coupled ...
Get Java Security, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.