Skip to main content
IBM  
Shop Support Downloads
IBM Home Products Consulting Industries News About IBM
IBM developerWorks : Java : Education - Tutorials
Java security, Part 1: Crypto basics		ZIPPDF (letter)PDF (A4)e-mail
Main menuSection menuFeedbackPreviousNext
8. Trusting the code
  


Code signing example page 4 of 5


In this example, we first create a JAR file from a .class file and then sign it by specifying the alias for the certificate in the keystore that is used for the signing. We then run a verification check on the signed JAR file.


D:\IBM>jar cvf HelloWorld.jar HelloWorld.class
added manifest
adding: HelloWorld.class(in = 372) (out= 269)(deflated 27%)

D:\IBM>jarsigner HelloWorld.jar JoeUserKey
Enter Passphrase for keystore: password

D:\IBM>jarsigner -verify -verbose -certs HelloWorld.jar

         137 Mon Apr 15 12:38:38 CDT 2002 META-INF/MANIFEST.MF
         190 Mon Apr 15 12:38:38 CDT 2002 META-INF/JOEUSERK.SF
         938 Mon Apr 15 12:38:38 CDT 2002 META-INF/JOEUSERK.RSA
           0 Mon Apr 15 12:38:00 CDT 2002 META-INF/
smk      372 Mon Apr 15 12:33:02 CDT 2002 HelloWorld.class

      X.509, CN=Joe User, OU=Security, O="Company, Inc.", L=User City, 
      ST=MN, C=US (joeuserkey)


  s = signature was verified
  m = entry is listed in manifest
  k = at least one certificate was found in keystore
  i = at least one certificate was found in identity scope

jar verified.

Main menuSection menuFeedbackPreviousNext
About IBM | Privacy | Legal | Contact