2-1
import java.awt.*;
import java.io.*;
import java.lang.*;
import java.applet.*;
public class AppletWriteFileTest extends Applet
{
File f = new File("test.txt");
DataOutputStream dos;
public void init() {
System.out.println("AppletWriteFileTest init ;");
}
public void paint(Graphics g){
try {
//向本地写一个文件
dos = new DataOutputStream(new BufferedOutputStream
(new FileOutputStream(f)));
dos.writeChars("hello , this is something test!!!");
dos.flush();
//如果成功显示成功信息
g.drawString("test successfully !!!!!", 10, 10);
}
catch (SecurityException e){
//输出异常栈
e.printStackTrace();
g.drawString("security exception: " + e, 10, 10);
}
catch (IOException ioe){
g.drawString("i/o exception", 10, 10);
}
}
}
AppletWriteFileTest.html文件如下:
2-2
import java.security.*;
class getSysProp
{
public static void main(String[] args){
String s;
try{
//默认返回字串为not specified
//得到系统名称
s = System.getProperty("os.name", "not specified");
System.out.println(" The name of your operating system is: " + s);
//得到Java虚拟机版本号
s = System.getProperty("java.version", "not specified");
System.out.println(" The version of the JVM you are running is: " + s);
//得到用户路径
s = System.getProperty("user.home", "not specified");
System.out.println(" Your user home directory is: " + s);
//得到Java_home
s = System.getProperty("java.home", "not specified");
System.out.println(" Your JRE installation directory is: " + s);
}
catch (Exception e){
e.printStackTrace();
}
}
}
2-3
java.policy
grant codeBase "file:${java.home}/lib/ext/*" {
permission java.security.AllPermission;
};
// default permissions granted to all domains
grant {
permission java.lang.RuntimePermission "stopThread";
permission java.net.SocketPermission "localhost:1024-", "listen";
permission java.util.PropertyPermission "java.version", "read";
permission java.util.PropertyPermission "java.vendor", "read";
permission java.util.PropertyPermission "java.vendor.url", "read";
permission java.util.PropertyPermission "java.class.version", "read";
permission java.util.PropertyPermission "os.name", "read";
permission java.util.PropertyPermission "os.version", "read";
permission java.util.PropertyPermission "os.arch", "read";
permission java.util.PropertyPermission "file.separator", "read";
permission java.util.PropertyPermission "path.separator", "read";
permission java.util.PropertyPermission "line.separator", "read";
permission java.util.PropertyPermission "java.specification.version", "read";
permission java.util.PropertyPermission "java.specification.vendor", "read";
permission java.util.PropertyPermission "java.specification.name", "read";
permission java.util.PropertyPermission "java.vm.specification.version", "read";
permission java.util.PropertyPermission "java.vm.specification.vendor", "read";
permission java.util.PropertyPermission "java.vm.specification.name", "read";
permission java.util.PropertyPermission "java.vm.version", "read";
permission java.util.PropertyPermission "java.vm.vendor", "read";
permission java.util.PropertyPermission "java.vm.name", "read";
};
2-4
import java.io.*;
public class ApplicationWriteFileTest
{
public static void main(String arg[]){
File f = new File("test2.txt");
DataOutputStream dos;
try{
//向本地写一个文件
dos=new DataOutputStream(new BufferedOutputStream(new FileOutputStream(f)));
dos.writeChars("this is a test !!!!! ");
dos.flush();
//关闭流
dos.close();
}
catch (SecurityException e){
//输出异常栈
e.printStackTrace();
}
catch (IOException ioe){
ioe.printStackTrace();
}
}
}
2-5
import java.io.*;
import java.security.*;
class signSend
{
public static void main(String[] args){
if (args.length != 1){
System.out.println("Usage: GenSig nameOfFileToSign");
}
else try{
//密钥生成器
KeyPairGenerator keyGen = KeyPairGenerator.getInstance("DSA", "SUN");
//安全随机数
SecureRandom random = SecureRandom.getInstance("SHA1PRNG", "SUN");
//初始化密钥生成器
keyGen.initialize(1024, random);
//得到公钥、私钥
KeyPair pair = keyGen.generateKeyPair();
PrivateKey priv = pair.getPrivate();
PublicKey pub = pair.getPublic();
//生成签名对象
Signature dsa = Signature.getInstance("SHA1withDSA", "SUN");
//用公钥初始化签名对象
dsa.initSign(priv);
//提取文件流
FileInputStream fis = new FileInputStream(args[0]);
BufferedInputStream bufin = new BufferedInputStream(fis);
byte[] buffer = new byte[1024];
int len;
while (bufin.available() != 0) {
len = bufin.read(buffer);
dsa.update(buffer, 0, len);
};
bufin.close();
//使用签名对象生成签名
byte[] realSig = dsa.sign();
//保存签名对象
FileOutputStream sigfos = new FileOutputStream("sig");
sigfos.write(realSig);
sigfos.close();
//保存公钥
byte[] key = pub.getEncoded();
FileOutputStream keyfos = new FileOutputStream("suepk");
keyfos.write(key);
keyfos.close();
}
catch (Exception e) {
System.err.println("Caught exception " + e.toString());
}
};
}
2-6
import java.io.*;
import java.security.*;
import java.security.spec.*;
class signReceive
{
public static void main(String[] args){
if (args.length != 3){
System.out.println("Usage: VerSig publickeyfile signaturefile datafile");
}
else try{
//输入公钥
FileInputStream keyfis = new FileInputStream(args[0]);
byte[] encKey = new byte[keyfis.available()];
keyfis.read(encKey);
keyfis.close();
//生成公钥对象
X509EncodedKeySpec pubKeySpec = new X509EncodedKeySpec(encKey);
KeyFactory keyFactory = KeyFactory.getInstance("DSA", "SUN");
PublicKey pubKey = keyFactory.generatePublic(pubKeySpec);
//输入签名
FileInputStream sigfis = new FileInputStream(args[1]);
byte[] sigToVerify = new byte[sigfis.available()];
sigfis.read(sigToVerify );
sigfis.close();
//生成签名对象
Signature sig = Signature.getInstance("SHA1withDSA", "SUN");
sig.initVerify(pubKey);
FileInputStream datafis = new FileInputStream(args[2]);
BufferedInputStream bufin = new BufferedInputStream(datafis);
byte[] buffer = new byte[1024];
int len;
while (bufin.available() != 0) {
len = bufin.read(buffer);
sig.update(buffer, 0, len);
};
bufin.close();
boolean verifies = sig.verify(sigToVerify);
System.out.println("signature verifies: " + verifies);
}
catch (Exception e) {
System.err.println("Caught exception " + e.toString());
};
}
}
2-7
import java.io.*;
import java.security.*;
import java.util.Hashtable;
public class TerrysGame
{
public static void main(String args[]) throws Exception {
//实例化一个HighScore对象
HighScore hs = new HighScore("TerrysGame");
if (args.length == 0) usage();
//设置和提取分值信息
if (args[0].equals("set")){
hs.setHighScore(Integer.parseInt(args[1]));
}
else if (args[0].equals("get")){
System.out.println("score = "+ hs.getHighScore());
}
else{
usage();
}
}
//用户提示信息
public static void usage(){
System.out.println("TerrysGame get");
System.out.println("TerrysGame set ");
System.exit(1);
}
}
2-8
import java.io.*;
import java.security.*;
import java.util.Hashtable;
public class HighScore
{
private String gameName;
private File highScoreFile;
//构造方法
public HighScore(String gameName)
{
this.gameName = gameName;
//用的一个内部类
AccessController.doPrivileged(new PrivilegedAction()
{
public Object run(){
String path = System.getProperty("user.home")+File.separator+".highscore";
highScoreFile = new File(path);
return null;
}
});
}
//设置最高分
public void setHighScore(final int score) throws IOException
{
//首先检测权限
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
sm.checkPermission(new HighScorePermission(gameName));
}
// need a doPrivileged block to manipulate the file
try {
AccessController.doPrivileged(new PrivilegedExceptionAction()
{
public Object run() throws IOException
{
Hashtable scores = null;
// 打开相应文件
try {
FileInputStream fis = new FileInputStream(highScoreFile);
ObjectInputStream ois = new ObjectInputStream(fis);
scores = (Hashtable) ois.readObject();
}
catch (Exception e){}
// 如果文件为空,创建一个新的哈希表
if (scores == null) scores = new Hashtable(13);
// 更新数据
scores.put(gameName, new Integer(score));
//写入文件
FileOutputStream fos = new FileOutputStream(highScoreFile);
ObjectOutputStream oos = new ObjectOutputStream(fos);
oos.writeObject(scores);
oos.close();
return null;
}
});
}
catch (PrivilegedActionException pae)
{
throw (IOException) pae.getException();
}
}
//得到最高分
public int getHighScore()
throws IOException, ClassNotFoundException
{
//检测权限
SecurityManager sm = System.getSecurityManager();
if (sm != null)
{
sm.checkPermission(new HighScorePermission(gameName));
}
Integer score = null;
// 相应操作代码必须放在访问控制模块中
try
{
score = (Integer) AccessController.doPrivileged
(
new PrivilegedExceptionAction()
{
public Object run() throws IOException, ClassNotFoundException
{
Hashtable scores = null;
// 打开文件
FileInputStream fis = new FileInputStream(highScoreFile);
ObjectInputStream ois = new ObjectInputStream(fis);
scores = (Hashtable) ois.readObject();
// 得到分数
return scores.get(gameName);
}
}
);
}
catch (PrivilegedActionException pae)
{
Exception e = pae.getException();
if (e instanceof IOException)
throw (IOException) e;
else
throw (ClassNotFoundException) e;
}
if (score == null)
return -1;
else
return score.intValue();
}
//程序入口
public static void main(String args[]) throws Exception
{
HighScore hs = new HighScore(args[1]);
if (args[0].equals("set")) {
hs.setHighScore(Integer.parseInt(args[2]));
} else {
System.out.println("score = "+ hs.getHighScore());
}
}
}
2-9
keystore "kim.keystore";
grant SignedBy "terry" {
permission com.scoredev.scores.HighScorePermission
"TerrysGame", signedBy "chris";
};
grant SignedBy "chris" {
permission java.util.PropertyPermission "user.home", "read";
permission java.io.FilePermission
"${user.home}${/}.highscore", "read,write";
permission com.scoredev.scores.HighScorePermission
"*", signedBy "chris";
};
