計(jì)算機(jī)Java編程技術(shù)翻譯文獻(xiàn)

1、計(jì)算機(jī)Java編程技術(shù)翻譯文獻(xiàn)Core Java Volume IIAdvanced FeaturesWhen Java technology first appeared on the scene, the excitement was not about a well-crafted programming language but about the possibility of safely executing applets that are delivered over the Internet (see Volume I, Chapter 10 for more informat

2、ion about applets). Obviously, delivering executable applets is practical only when the recipients are sure that the code cant wreak havoc on their machines. For this reason, security was and is a major concern of both the designers and the users of Java technology. This means that unlike other lang

3、uages and systems, where security was implemented as an afterthought or a reaction to break-ins, security mechanisms are an integral part of Java technology.Three mechanisms help ensure safety:Language design features (bounds checking on arrays, no unchecked type conversions, no pointer arithmetic,

4、and so on).An access control mechanism that controls what the code can do (such as file access, network access, and so on).Code signing, whereby code authors can use standard cryptographic algorithms to authenticate Java code. Then, the users of the code can determine exactly who created the code an

5、d whether the code has been altered after it was signed.Below, youll see the cryptographic algorithms supplied in the java.security package, which allow for code signing and user authentication.As we said earlier, applets were what started the craze over the Java platform. In practice, people discov

6、ered that although they could write animated applets like the famous nervous text applet, applets could not do a whole lot of useful stuff in the JDK 1.0 security model. For example, because applets under JDK 1.0 were so closely supervised, they couldnt do much good on a corporate intranet, even tho

7、ugh relatively little risk attaches to executing an applet from your companys secure intranet. It quickly became clear to Sun that for applets to become truly useful, it was important for users to be able to assign different levels of security, depending on where the applet originated. If an applet

8、comes from a trusted supplier and it has not been tampered with, the user of that applet can then decide whether to give the applet more privileges.To give more trust to an applet, we need to know two things:Where did the applet come from?Was the code corrupted in transit?In the past 50 years, mathe

9、maticians and computer scientists have developed sophisticated algorithms for ensuring the integrity of data and for electronic signatures. The java.security package contains implementations of many of these algorithms. Fortunately, you dont need to understand the underlying mathematics to use the a

10、lgorithms in the java.security package. In the next sections, we show you how message digests can detect changes in data files and how digital signatures can prove the identity of the signer.A message digest is a digital fingerprint of a block of data. For example, the so-called SHA1 (secure hash al

11、gorithm #1) condenses any data block, no matter how long, into a sequence of 160 bits (20 bytes). As with real fingerprints, one hopes that no two messages have the same SHA1 fingerprint. Of course, that cannot be truethere are only 2160 SHA1 fingerprints, so there must be some messages with the sam

12、e fingerprint. But 2160 is so large that the probability of duplication occurring is negligible. How negligible? According to James Walsh in True Odds: How Risks Affect Your Everyday Life (Merritt Publishing 1996), the chance that you will die from being struck by lightning is about one in 30,000. N

13、ow, think of nine other people, for example, your nine least favorite managers or professors. The chance that you and all of them will die from lightning strikes is higher than that of a forged message having the same SHA1 fingerprint as the original. (Of course, more than ten people, none of whom y

14、ou are likely to know, will die from lightning strikes. However, we are talking about the far slimmer chance that your particular choice of people will be wiped out.)A message digest has two essential properties:If one bit or several bits of the data are changed, then the message digest also changes

15、.A forger who is in possession of a given message cannot construct a fake message that has the same message digest as the original.The second property is again a matter of probabilities, of course. Consider the following message by the billionaire father:Upon my death, my property shall be divided e

16、qually among my children; however, my son George shall receive nothing.That message has an SHA1 fingerprint of2D 8B 35 F3 BF 49 CD B1 94 04 E0 66 21 2B 5E 57 70 49 E1 7EThe distrustful father has deposited the message with one attorney and the fingerprint with another. Now, suppose George can bribe

17、the lawyer holding the message. He wants to change the message so that Bill gets nothing. Of course, that changes the fingerprint to a completely different bit pattern:2A 33 0B 4B B3 FE CC 1C 9D 5C 01 A7 09 51 0B 49 AC 8F 98 92Can George find some other wording that matches the fingerprint? If he ha

18、d been the proud owner of a billion computers from the time the Earth was formed, each computing a million messages a second, he would not yet have found a message he could substitute.A number of algorithms have been designed to compute these message digests. The two best-known are SHA1, the secure

19、hash algorithm developed by the National Institute of Standards and Technology, and MD5, an algorithm invented by Ronald Rivest of MIT. Both algorithms scramble the bits of a message in ingenious ways. For details about these algorithms, see, for example, Cryptography and Network Security, 4th ed.,

20、by William Stallings (Prentice Hall 2005). Note that recently, subtle regularities have been discovered in both algorithms. At this point, most cryptographers recommend avoiding MD5 and using SHA1 until a stronger alternative becomes available. (See for more information.)The Java programming languag

21、e implements both SHA1 and MD5. The MessageDigest class is a factory for creating objects that encapsulate the fingerprinting algorithms. It has a static method, called getInstance, that returns an object of a class that extends the MessageDigest class. This means the MessageDigest class serves doub

22、le duty:As a factory classAs the superclass for all message digest algorithmsFor example, here is how you obtain an object that can compute SHA fingerprints:MessageDigest alg = MessageDigest.getInstance(SHA-1);(To get an object that can compute MD5, use the string MD5 as the argument to getInstance.

23、)After you have obtained a MessageDigest object, you feed it all the bytes in the message by repeatedly calling the update method. For example, the following code passes all bytes in a file to the alg object just created to do the fingerprinting：InputStream in = . . .int ch;while (ch = in.read() !=

24、-1)alg.update(byte) ch);Alternatively, if you have the bytes in an array, you can update the entire array at once:byte bytes = . . .;alg.update(bytes);When you are done, call the digest method. This method pads the inputas required by the fingerprinting algorithmdoes the computation, and returns the

25、 digest as an array of bytes.byte hash = alg.digest();The program in Listing 9-15 computes a message digest, using either SHA or MD5. You can load the data to be digested from a file, or you can type a message in the text area. Message SigningIn the last section, you saw how to compute a message dig

26、est, a fingerprint for the original message. If the message is altered, then the fingerprint of the altered message will not match the fingerprint of the original. If the message and its fingerprint are delivered separately, then the recipient can check whether the message has been tampered with. Ho

27、wever, if both the message and the fingerprint were intercepted, it is an easy matter to modify the message and then recompute the fingerprint. After all, the message digest algorithms are publicly known, and they dont require secret keys. In that case, the recipient of the forged message and the re

28、computed fingerprint would never know that the message has been altered. Digital signatures solve this problem.To help you understand how digital signatures work, we explain a few concepts from the field called public key cryptography. Public key cryptography is based on the notion of a public key a

29、nd private key. The idea is that you tell everyone in the world your public key. However, only you hold the private key, and it is important that you safeguard it and dont release it to anyone else. The keys are matched by mathematical relationships, but the exact nature of these relationships is no

30、t important for us. (If you are interested, you can look it up in The Handbook of Applied Cryptography at http:/www.cacr.math.uwaterloo.ca/hac/.)The keys are quite long and complex. For example, here is a matching pair of public and private Digital Signature Algorithm (DSA) keys.Public key:Code View

31、:p:fca682ce8e12caba26efccf7110e526db078b05edecbcd1eb4a208f3ae1617ae01f35b91a47e6df63413c5e12ed0899bcd132acd50d99151bdc43eee17q: 962eddcc369cba8ebb260ee6b6a126d9346e38c5g:b27a9cf44ee91a49c5147db1a9aaf244f05a434dd2d14271b9e35030b71fd73dab32ee1cd0da20a6c416e50be794ca4y:c0b6e67b4ac098eb1a32c5f8c4c1f0e7e

32、6fb9de27d0bdab9ca2d2a8123ce5a8018b8161afadd040bddb22cb9bc4df596d7de4d1b977d50 Private key:Code View:p:fca682ce8e12caba26efccf7110e526db078b05edecbcd1eb4a208f3ae1617ae01f35b91a47e6df63413c5e12ed0899bcd132acd50d99151bdc43eee17q: 962eddcc369cba8ebb260ee6b6a126d9346e38c5g:b27a9cf44ee91a49c5147db1a9aaf24

33、4f05a434dd2d14271b9e35030b71fd73dab32ee1cd0da20a6c416e50be794ca4x: 146c09fcc6c51f27ea6c3a91b85ed1d70aIt is believed to be practically impossible to compute one key from the other. That is, even though everyone knows your public key, they cant compute your private key in your lifetime, no matter how

34、many computing resources they have available.It might seem difficult to believe that nobody can compute the private key from the public keys, but nobody has ever found an algorithm to do this for the encryption algorithms that are in common use today. If the keys are sufficiently long, brute forcesi

35、mply trying all possible keyswould require more computers than can be built from all the atoms in the solar system, crunching away for thousands of years. Of course, it is possible that someone could come up with algorithms for computing keys that are much more clever than brute force. For example,

36、the RSA algorithm (the encryption algorithm invented by Rivest, Shamir, and Adleman) depends on the difficulty of factoring large numbers. For the last 20 years, many of the best mathematicians have tried to come up with good factoring algorithms, but so far with no success. For that reason, most cr

37、yptographers believe that keys with a modulus of 2,000 bits or more are currently completely safe from any attack. DSA is believed to be similarly secure.Figure 9-12 illustrates how the process works in practice.Suppose Alice wants to send Bob a message, and Bob wants to know this message came from

38、Alice and not an impostor. Alice writes the message and then signs the message digest with her private key. Bob gets a copy of her public key. Bob then applies the public key to verify the signature. If the verification passes, then Bob can be assured of two facts:The original message has not been a

39、ltered.The message was signed by Alice, the holder of the private key that matches the public key that Bob used for verification.You can see why security for private keys is all-important. If someone steals Alices private key or if a government can require her to turn it over, then she is in trouble

40、. The thief or a government agent can impersonate her by sending messages, money transfer instructions, and so on, that others will believe came from Alice.The X.509 Certificate FormatTo take advantage of public key cryptography, the public keys must be distributed. One of the most common distributi

41、on formats is called X.509. Certificates in the X.509 format are widely used by VeriSign, Microsoft, Netscape, and many other companies, for signing e-mail messages, authenticating program code, and certifying many other kinds of data. The X.509 standard is part of the X.500 series of recommendation

42、s for a directory service by the international telephone standards body, the CCITT.The precise structure of X.509 certificates is described in a formal notation, called abstract syntax notation #1 or ASN.1. Figure 9-13 shows the ASN.1 definition of version 3 of the X.509 format. The exact syntax is

43、not important for us, but, as you can see, ASN.1 gives a precise definition of the structure of a certificate file. The basic encoding rules, or BER, and a variation, called distinguished encoding rules (DER) describe precisely how to save this structure in a binary file. That is, BER and DER descri

44、be how to encode integers, character strings, bit strings, and constructs such as SEQUENCE, CHOICE, and OPTIONAL.中文譯文：Java核心技術(shù) 卷高級特性當(dāng)Java技術(shù)剛剛問世時(shí)，令人激動的并不是因?yàn)樗且粋€設(shè)計(jì)完美的編程語言，而是因?yàn)樗軌虬踩剡\(yùn)行通過因特網(wǎng)傳播的各種applet。很顯然，只有當(dāng)用戶確信applet的代碼不會破壞他的計(jì)算機(jī)時(shí)，用戶才會接受在網(wǎng)上傳播的可執(zhí)行的applet。正因?yàn)槿绱?，無論過去還是現(xiàn)在，安全都是設(shè)計(jì)人員和Java技術(shù)使用者所關(guān)心的一個重大問題。這就意味

45、著，Java技術(shù)與其他的語言和系統(tǒng)有所不同，在那些語言和系統(tǒng)中安全是事后才想到要去實(shí)現(xiàn)的，或者僅僅是對破壞的一種應(yīng)對措施，而對Java技術(shù)來說，安全機(jī)制是一個不可分割的組成部分。Java技術(shù)提供了以下三種確保安全的機(jī)制：(1)語言設(shè)計(jì)特性（對數(shù)組的邊界進(jìn)行檢查，無不檢查類型的轉(zhuǎn)換，無指針?biāo)惴ǖ龋?2)訪問控制機(jī)制，用于控制代碼能夠執(zhí)行的功能（比如文件訪問，網(wǎng)絡(luò)訪問等）。(3) 代碼簽名，利用該特性，代碼的作者就能夠用標(biāo)準(zhǔn)的加密算法來表明Java代碼的身份。這樣，該代碼的使用者就能夠準(zhǔn)確地知道誰創(chuàng)建了該代碼，以及代碼被標(biāo)識后是否被修改過。下面，我們要介紹java.security包提供的加密算

46、法，用來進(jìn)行代碼的標(biāo)識和用戶身份認(rèn)證。正如我們前面所說，applet 是在Java平臺上開始流行起來的。實(shí)際上，人們發(fā)現(xiàn)盡管他們可以編寫像著名的“nervous text”那樣栩栩如生的applet，但是在JDK1.0安全模式下無法發(fā)揮其一整套非常有用的作用。例如，由于JDK1.0下的applet要受到嚴(yán)密的監(jiān)督，因此，即使applet在公司安全內(nèi)部網(wǎng)上運(yùn)行時(shí)的風(fēng)險(xiǎn)相對較小，applet也無法在企業(yè)內(nèi)部網(wǎng)上發(fā)揮很大的作用。Sun公司很快就認(rèn)識到，要使applet真正變得非常有用，用戶必須可以根據(jù)applet的來源為其分配不同的安全級別。如果applet來自值得信賴的提供商，并且沒有被篡改過，那

47、么applet的用戶就可以決定是否給applet授予更多的運(yùn)行特權(quán)。如果要給予applet更多的信賴，你必須知道下面兩件事：(1)applet來自哪里？(2)在傳輸過程中代碼是否被破壞？在過去的50年里，數(shù)學(xué)家和技術(shù)機(jī)科學(xué)家已經(jīng)開發(fā)出各種各樣成熟的算法，用于確保數(shù)據(jù)和電子簽名的完整性，在java.security包中包含了許多這些算法的實(shí)現(xiàn)。在下面幾節(jié)，我們將要介紹消息摘要是如何檢測數(shù)據(jù)文件中的變化的，以及數(shù)字簽名是如何證明簽名者的身份的。消息摘要是數(shù)據(jù)塊的數(shù)字指紋。例如，所謂的SHA1（安全散列算法#1）可將任何數(shù)據(jù)塊，無論其數(shù)據(jù)有多長，都壓縮為160位（20字節(jié)）的序列。與真實(shí)的指紋一樣，

48、人們希望任何兩條消息都不會有相同的SHA1指紋。當(dāng)然這是不可能的因?yàn)橹淮嬖?160 個SHA1指紋，所有肯定會有某些消息具有相同的指紋。因?yàn)?160 是一個很大的數(shù)字，所以存在重復(fù)指紋的可能性微乎其微，那么這種重復(fù)的可能性到底小到什么程度呢？根據(jù)James Walsh在他的True Odds:How Risks Affect Your Everyday Life,Merritt Publishing出版社1996年出版，一書中所闡述的，你和他們所有的人都死于雷擊的概率，比偽造的消息與原來消息具有相同的SHA1指紋的概率還要高。（當(dāng)然，可能有你不認(rèn)識的其他10個以上的人會死于雷擊，但這里我們討論

49、的是你選擇的特定的人的死亡概率）。消息摘要具有兩個基本屬性： (1)如果數(shù)據(jù)的1位或者幾位改變了，那么消息摘要也將改變。(2）擁有給定消息的偽造者不能創(chuàng)建與原消息具有相同摘要的假消息。當(dāng)然，第二個屬性又是一個概率問題。讓我們來看看下面這位億萬富翁下的遺囑：“我死了之后，我的財(cái)產(chǎn)將由我的孩子平分，但是，我的兒子George應(yīng)該拿不到一個子?！边@份遺囑的SHA1指紋為：2D 8B 35 F3 BF 49 CD B1 94 04 E0 66 21 2B 5E 57 70 49 E1 7E這位有疑心病的父親將這份遺囑交給一位律師保存，而將指紋交給另一位律師保存?，F(xiàn)在，假設(shè)George能夠賄賂那位保存遺

50、囑的律師，他想修改這份遺囑，使得Bill一無所得。當(dāng)然，這需要將原指紋改為下面這樣完全不同的位模式： 2A 33 0B 4B B3 FE CC 1C 9D 5C 01 A7 09 51 0B 49 AC 8F 98 92那么George能夠找到與該指紋相匹配的其他文字嗎？如果從地球形成之時(shí)，他就很自豪地?fù)碛?0億臺計(jì)算機(jī)，每臺計(jì)算機(jī)每秒鐘處理一百萬條信息，他依然無法找到一個能夠替換的遺囑。人們已經(jīng)設(shè)計(jì)出大量的算法，用于計(jì)算這些消息摘要，其中最著名的兩種算法是SHAI和MD5。SHAI是由美國國家標(biāo)準(zhǔn)和技術(shù)學(xué)會開發(fā)的加密散列算法，MD5是由麻省理工學(xué)院的Ronald Rivest發(fā)明的算法。這兩

51、種算法都使用了獨(dú)特巧妙的方法對消息中的各個位進(jìn)行擾亂。如果要了解這些方法的詳細(xì)信息，請參閱William Stallings撰寫的Cryptography and Network Security一書，該書由Prentice Hall出版社于2005年出版口值得注意的是，最近人們在這兩種算法中發(fā)現(xiàn)了某些微妙的規(guī)律性，因此許多密碼人員建議最好避免使用MD5，而應(yīng)該使用SHA1算法，直到有更強(qiáng)的加密算法出現(xiàn)。（查看Java編程語言已經(jīng)實(shí)現(xiàn)了SHA1和MD5。MessageDigest類是用于創(chuàng)建封裝了指紋算法的對象的“工廠”，它的靜態(tài)方法getInstance返回繼承了MessageDigest類

52、的某個類的對象。這意味著MessageDigest類能夠承擔(dān)下面的雙重職責(zé)：（1）作為一個工廠類。（2）作為所有消息摘要算法的超類。例如，下面是如何獲取一個能夠計(jì)算SHA指紋的對象的方法： MessageDigest alg = MessageDigest.getInstance(“SHA-1”)；（如果要獲取計(jì)算MD5的對象，請使用字符串“MD5”作為getInstance的參數(shù)。）當(dāng)你已經(jīng)獲取MessageDigest對象之后，通過反復(fù)調(diào)用update方法，將信息中的所有字節(jié)提供給該對象。例如，下面的代碼將文件中的所有字節(jié)傳給上面建立的alg對象，以執(zhí)行指紋算法： InputStream

53、in=. int ch； while(ch=in.read()!=-1) alg.updat(byte) ch)；另外，如果這些字節(jié)存放在一個數(shù)組中，那就可以一次完成整個數(shù)組的更新： byte bytes =； alg.update(bytes)；當(dāng)完成上述操作后，調(diào)用digest方法。該方法填充輸入信息指紋算法需要的并且進(jìn)行相應(yīng)的計(jì)算，然后以字節(jié)數(shù)組的形式返回消息摘要。 byte hash=alg.digest()；程序清單9-15中的程序計(jì)算了一個消息摘要，既可以用SHA，也可以使用MD5來計(jì)算?？梢詮奈募虞d需要計(jì)算摘要的數(shù)據(jù)，也可以直接將信息輸入文本區(qū)域。圖9-11顯示了該應(yīng)用程序的畫

54、面。消息簽名在上一節(jié)中，我們介紹了如何計(jì)算原始消息的消息摘要和指紋的方法。如果消息改變了，那么改變后的消息的指紋與原消息的指紋將不匹配。如果消息和它的指紋是分開傳送的，那么接收者就可以檢查消息是否被篡改過。但是，如果消息和指紋同時(shí)被截獲了，對消息進(jìn)行修改，再重新計(jì)算指紋，這是一件很容易的事情。畢竟，消息摘要算法是公開的，不需要使用任何密鑰。在這種情況下，假消息和新指紋的接收者永遠(yuǎn)不會知道消息已經(jīng)被篡改。數(shù)字簽名解決了這個問題。為了了解數(shù)字簽名的工作原理，我們需要解釋關(guān)于公共密鑰加密技術(shù)領(lǐng)域中的幾個概念。公共密鑰加密技術(shù)是基于公共密鑰和私有密鑰這個兩個基本概念的。它的設(shè)計(jì)思想是你可以將公共密鑰告

55、訴世界上的任何人，但是，只有自己才擁有私有密鑰，重要的是你要保護(hù)你的私有密鑰，不將它泄漏給其他任何入。這些密鑰之間存在一定的數(shù)學(xué)關(guān)系，但是這種關(guān)系的具體性質(zhì)對于實(shí)際的編程來說并不重要(如果你有興趣，可以參閱http:/www.cacr.math.uwaterloo.ca/hac/站點(diǎn)上的The Handbook of Applied Cryptography 一書)。密鑰非常長，而且很復(fù)雜。例如，下面是一對匹配的數(shù)字簽名算法(DSA)公共密鑰和私有密鑰。公共密鑰：p: fca682ce8e12caba26efccf7ll0e526db078b05e6ecbcdleb4a208f3ae1617ae0lf35b9la47e6df63413c5e12ed0899bcd132acd50d9915lbdc43eeel7q: 962eddcc369cba8