关于安全:Java-安全工具

1.Java 平安工具

Keytool

keytool 为 java 原生自带，装置 java 后不须要再进行装置，作为密钥和证书管理工具，不便用户可能治理本人的公钥 / 私钥及证书，用于认证服务。
-certreq：生成证书申请
-changealias：更改条目标别名
-delete：删除条目
-exportcert：导出证书
-genkeypair：生成密钥对
-genseckey：生成密钥
-gencert：依据证书申请生成证书
-importcert：导入证书或证书链
-importpass：导入口令
-importkeystore：从其余密钥库导入一个或所有条目
-keypasswd：更改条目标密钥口令
-list：列出密钥库中的条目
-printcert：打印证书内容
-printcertreq：打印证书申请的内容
-printcrl：打印 CRL 文件的内容
-storepasswd：更改密钥库的存储口令

Jarsigner

public final class JarSigner
extends Object
一个不可变的实用程序类来签名一个 jar 文件。
调用者创立一个 JarSigner.Builder 对象，（可选）设置一些参数，并调用 build 创立一个 JarSigner 对象。而后能够应用此 JarSigner 对象来签名 jar 文件。

除非另有阐明，否则应用 null 参数调用 JarSigner 或 JarSigner.Builder 的办法将抛出一个 NullPointerException。

例：

JarSigner signer = new JarSigner.Builder(key, certPath)

     .digestAlgorithm("SHA-1")
     .signatureAlgorithm("SHA1withDSA")
     .build();

try (ZipFile in = new ZipFile(inputFile);

     FileOutputStream out = new FileOutputStream(outputFile)) {signer.sign(in, out);

}
从以下版本开始：
9

Policytool

policytool
Reads and writes a plain text policy file based on user input through the utility GUI.

Synopsis
policytool [-file] [filename]

-file
Directs the policytool command to load a policy file.

filename
The name of the file to be loaded.

Examples:

Run the policy tool administrator utility:

policytool
Run the policytool command and load the specified file:

policytool -file mypolicyfile
Description
The policytool command calls an administrator’s GUI that enables system administrators to manage the contents of local policy files. A policy file is a plain-text file with a .policy extension, that maps remote requestors by domain, to permission objects. For details, see Default Policy Implementation and Policy File Syntax at
http://docs.oracle.com/javase/8/docs/technotes/guides/securit…

Options
-file
Directs the policytool command to load a policy file.

See Also
Default Policy Implementation and Policy File Syntax at
http://docs.oracle.com/javase/8/docs/technotes/guides/securit…

Policy File Creation and Management at
http://docs.oracle.com/javase/8/docs/technotes/guides/securit…

Permissions in Java SE Development Kit (JDK) at
http://docs.oracle.com/javase/8/docs/technotes/guides/securit…

Java Security Overview at
http://docs.oracle.com/javase/8/docs/technotes/guides/securit…

Java Cryptography Architecture (JCA) Reference Guide at
http://docs.oracle.com/javase/8/docs/technotes/guides/securit…

JAAS(Java Authentication and Authorization Service)

JAAS 全称为 Java Authentication Authorization Service，中文含意即 Java 认证和受权服务。应用可插入方式将认证和受权逻辑和应用程序分来到。