Something that I'd like to share with you!

Thursday, July 28, 2011

Signing Java JAR Files

No comments :
From coderanch (http://www.coderanch.com/t/407490/java/java/why-jarsigner)

Signing a jar is basically used to verify a trusted source. When you sign a jar with your digital signature (based on your private key), you place a mark into the jar file that could not have been done by anyone but you.

The signature is also a checksum of the Jar file, so if the jar get corrupted or modified in transit, the signature is invalid.

On the other side, your public key is placed into the keystore of the system that trust you. This will be used to verify your signature.

Currently, I believe this is mainly used for applets. Using signed jar files, and setting security properties on client browsers, applets can have access to disk, network, and other stuff that they don't normally have access to.

Step 1 - Create Key
keytool -genkey -keystore <keystorefile> -alias <aliasname>
C:\folder>keytool -genkey -keystore mykeystore -alias myalias
Enter keystore password:
Re-enter new password:
What is your first and last name?
  [Unknown]:  MyName
What is the name of your organizational unit?
  [Unknown]:  MyOrg
What is the name of your organization?
  [Unknown]:  MyOrg
What is the name of your City or Locality?
  [Unknown]:  MyCity
What is the name of your State or Province?
  [Unknown]:  MyProvince
What is the two-letter country code for this unit?
  [Unknown]:  my
Is CN=MyName, OU=MyOrg, O=MyOrg, L=MyCity, ST=MyProvince, C=my correct?
  [no]:  yes

Enter key password for <myalias>
        (RETURN if same as keystore password):
Re-enter new password:

Step 2 - Export Cert
keytool -export -keystore <keyStoreFile> -alias <aliasName> > <certFile>
C:\folder>keytool -export -keystore mykeystore -alias mylias > mycert
Enter keystore password:  mypassword

Step 3 - Signing JAR
jarsigner -keystore <keyStoreFile> -storepass <password> <jarFile> <aliasName>
C:\folder>jarsigner -keystore mykeystore -storepass password my.jar myalias

The signer certificate will expire within six months.

Step 4 - Verify
jarsigner -verify -verbose -certs <jarFile>
C:\folder>jarsigner -verify -verbose -certs my.jar
sm       236 Sun Feb 06 21:57:00 SGT 2011 images/remove.png

      X.509, CN=MyName, OU=MyOrg, O=MyOrg, L=MyCity, ST=MyProvince, C=my
      [certificate will expire on 10/26/11 7:46 PM]
  s = signature was verified
  m = entry is listed in manifest
  k = at least one certificate was found in keystore
  i = at least one certificate was found in identity scope

jar verified.

This jar contains entries whose signer certificate will expire within six months.

Wednesday, July 20, 2011

Samsung LED TV Network Connection


Last week, I bought Samsung UA40D5000PR LED Backlit TV. It comes with wireless LAN adapter support but need to have Samsung LinkStick Wireless USB 2.0 Adapter in order for it to works. It also has an Ethernet port for wired network connection.

To utilize the network feature, I probably need to buy the LinkStick or lay a network cable from the TV along the way to my computer room.

So I'll go with the 3rd option, using old ADSL modem (Aztech DSL605EW) with built-in wireless and 4 Ethernet ports. This is the same modem that I used in previous blog post, broken ADSL circuit.

Reset the modem to factory default setting and set your wireless security accordingly.

Hook up the TV with the ADSL modem through an Ethernet cable. Set the TV network configuration; let the modem DHCP assign the IP.

At PC, download Samsung AllShare software, install it and follow the instruction to add video files to it's library.

Next is to connect from PC (from another floor) to the ADSL modem

It works. This would be my temporary method to link my TV to my PC.

My next step is to link the TV to not only my PC, but to my home network which linked to my Network Attached Storage that supports DLNA for media sharing. That would be fun.

I’m not planning to use WiFi since we have a lot of Wifi Hunter here. I’ll rather go with homeplug but not sure which model/speed to choose. I can see 85Mbps, 200Mbps, 500Mbps and 1000Mbps on the market. Any suggestion?