Introduction
The information in this article helps in answering the following questions:
- What are the tools needed to develop a signed applet?
- How to make a test certificate using Microsoft Sign Tool?
- How to read/write the local machine file system using a signed applet?
Summary
This article shows how to develop a signed applet using the Microsoft sign Tool.
Reading and writing file system through an applet is possible provided you have signed that applet using Microsoft Sign tool for Internet Explorer or Netscape sign tool for Netscape. The example that I showed here is just an example of how to create a test certificate. This is not recommended if you are going to publish your applet over the Web. In that case, you will have to get the certificate from Verisign or Thawte certificate for publishing. Unless the content in your applet is insecure, it may corrupt itself or corrupt other resources where it is playing.
Tools Required
- Microsoft Internet Explorer 3.0 or upgrade version
- Microsoft Sign tool which encompasses the following EXEs and DLLs
- signcode.exe
- setreg.exe
- ChkTrust.exe
- cert2spc.exe
- cabarc.exe
- javasign.dll
- signer.dll
- com package
More Information
Part I: Java Applet Read/Write File System using Applet
Part I provides the source code for the read/write applet.
import java.applet.*;
import com.ms.security.*;
import java.awt.*;
import java.io.*;
import java.lang.*;
import java.applet.*;
public class WriteFile extends Applet
{
String myFile = "G:\\test.foo";
File f = new File(myFile);
DataOutputStream dos;
public void paint(Graphics g)
{
try
{
dos = new DataOutputStream(new BufferedOutputStream
(new FileOutputStream(myFile),128));
dos.writeChars("Cats can hypnotize you when you least expect it\n");
dos.flush();
g.drawString("Successful attempt to write to " + myFile, 10, 10);
}
catch (SecurityException e)
{
g.drawString("writeFile: caught security exception", 10, 10);
}catch (IOException ioe)
{
g.drawString("writeFile: caught i/o exception", 10, 10);
}
}
}
Part II: How to Make Test Certificate using Microsoft Sign Tool
Part II provides step by step instructions on how to make a test certificate and embed with an applet in HTML.
To make a test certificate, follow the steps given below:
- Extract WriteFile.zip containing all sign tool components and two batch files for executing the EXEs.
- The sign.bat file looks like this:
makecert /sv "WriteFile.pvk" /n "CN=WriteFile" WriteFile.cer
cert2spc WriteFile.cer WriteFile.spc setreg 1 true
appsign c:\Test\SignedApplet\WriteFile WriteFile low
- Here you are going to create the
private
key named WriteFile.pvk and certificate name WriteFile.cer and you have to note where to create that certificate. Here I mentioned c:\test\signedapplet is the folder.
- The appsign.bat look like this:
ECHO OFF
SET CERT_FILE="c:\Test\SignedApplet\WriteFile.spc"
SET KEY_FILE="c:\Test\SignedApplet\WriteFile.pvk"
cabarc -s 6144 N WriteFile.cab WriteFile.class
signcode -j javasign.dll -jp %3 -spc %CERT_FILE% -v %KEY_FILE% -n %2 %1.cab
- Here you have mentioned the class files as an argument of
cabarc
. We are going to create a CAB file name called WriteFile.cab.
- First, compile WriteFile.java.
- Write sign in command prompt and enter.
- Sign tool will ask create
private
key password and confirm password. Write 'test' and 'test' and anything you wish and click ok.
- Again for
private
key password write 'test
'.
- Then it will ask for the publisher key password, write '
test
' or anything you wish.
- You will get the message in the command prompt like this:
"This file is signed, but not timestamped
"- leave the warning.
- Let's make an HTML file like this:
<html>
<body>
<applet code="WriteFile.class" width =200 height=200>
<param name="CABBASE" value="WriteFile.cab">
</applet>
</body>
</html>
- Open it in Internet Explorer. The file is signed and you can get the message in an applet as follows "
successful attempt to write to
" drive name (where you mentioned).
History
- 1st September, 2004: Initial post