Encoded (Antelmann.com Java Packages)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

Holger's
Java API

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

com.antelmann.util
Class Encoded

java.lang.Object
  com.antelmann.util.Encoded

All Implemented Interfaces:: Serializable

public class Encoded
extends Object
implements Serializable
extends Object
implements Serializable

Encoded encapsulates a serializable object in an encrypted format that requires the same synchronous key for both, encoding and decoding. The key itself is not stored with the object, but a signature identifying the key.

Instances of this class can be used to conveniently send objects over untrusted network connections.

This class just exist for convenience; it has many security flaws for any serious application (even though being so simple). For starters: as the embedded byte array is already known to contain a serialized object, an intelligent attack on the key algorithm can make many useful assumptions based on the fact that the right decryption must lead to a byte array denoting a serialized Java object.

Author:: Holger Antelmann
See Also:: SynchronousKey, SealedObject, Serialized Form

Constructor Summary
`Encoded(Object sourceObject, SynchronousKey key)` stores the encryped bytes of the given objects (using the key) and the signature of the given key (not the key itself)

Method Summary
`Object`	`decode(SynchronousKey key)` decodes the embedded encrypted object given the right key
`boolean`	`equals(Object obj)`
`int`	`hashCode()`

Methods inherited from class java.lang.Object
`clone, finalize, getClass, notify, notifyAll, toString, wait, wait, wait`

Constructor Detail

Encoded

public Encoded(Object sourceObject,
               SynchronousKey key)
        throws IOException,
               GeneralSecurityException

stores the encryped bytes of the given objects (using the key) and the signature of the given key (not the key itself)

Parameters:: sourceObject - must be serializable
Throws:: IOException; GeneralSecurityException
See Also:: SynchronousKey.getKeySignature()

Method Detail

decode

public Object decode(SynchronousKey key)
              throws IOException,
                     ClassNotFoundException,
                     GeneralSecurityException

decodes the embedded encrypted object given the right key

Throws:: IOException - if the object could not be deserialized, which may also be a result of the wrong key; ClassNotFoundException; GeneralSecurityException

equals

public boolean equals(Object obj)

Overrides:: equals in class Object

hashCode

public int hashCode()

Overrides:: hashCode in class Object