|
|
Optimize with a SATA RAID Storage Solution
Range of capacities as low as $1250 per TB. Ideal if you currently rely on servers/disks/JBODs
The example above is not unique. Client-side wallet applications, mobile agent applications, and many kinds of mobile computing applications face the same challenges. This month, I will show you how to protect the contents of serialized objects when they traverse or reside on untrusted media. This information will better prepare you for designing and building distributed applications, especially those that use Java serialization to store state information.
The Java security package java.security and the Java Cryptography Extension (JCE) package javax.crypto contain a pair of classes designed to address these challenges. These classes protect the integrity and/or content of serialized
objects that spend time in an untrusted environment. Before delving into the details of usage and implementation, let's take
a look at the two classes and the differences between them.
Included in the java.security package along with the classes it depends upon, the SignedObject class makes up part of the Java 2 Platform, Standard Edition.
An instance of the SignedObject class acts as a wrapper around an instance of another class. A SignedObject instance contains the serialized representation of the wrapped object, along with the signature information necessary to
validate the wrapped object's authenticity and integrity.
Three conditions must be met to create a SignedObject instance:
SignedObject instance operates by transforming an instance of a class into a serialized byte stream and then signing that byte stream.
Signature class presumes the use of a public/private key pair, even in situations in which a shared secret key would suffice for the
wrapped object's authentication and verification.
Signature class.
With these stipulations satisfied, the programmer creates an instance of the SignedObject class as follows:
Serializable serializable = ... PrivateKey privatekey = ... Signature signature =... SignedObject signedobject = new SignedObject(serializable, privatekey, signature);
Once a SignedObject instance has been created or reconstituted from a stream of bytes, the verify() method checks the wrapped object's integrity and the purported signer's authenticity, as shown below:
boolean bl = signedobject.verify(publickey, signature);
The verify() method requires a signature engine and the public key associated with the private key that signed the object.
The getObject() method retrieves the wrapped object, as this code illustrates:
signedobject.getObject()
There is one important caveat. You can obtain the wrapped object without first verifying the sender's authenticity or the message's integrity. If you're concerned about these issues, always remember to verify the wrapped object first.
Unlike the SignedObject class, the SealedObject class is not included in the Java 2 Platform. Instead, JCE, one of Sun's standard extensions to the Java Platform, incorporates
the class.
Like a SignedObject instance, a SealedObject instance acts as a wrapper around an instance of another class. It contains an encrypted version of the wrapped object's
serialized representation. This signifies the most important difference between the two classes. With the SignedObject class, you can recover the contents of the wrapped object without the signer's public key. With the SealedObject class, even that much is impossible. Nothing can tamper with or examine the wrapped object, and you can verify the authenticity
of the sender as well.
The following conditions are required to create a SealedObject instance:
SignedObject class, the class being wrapped must be serializable.
Cipher object represents the cipher.
Create an instance of the SealedObject class as follows:
Serializable serializable = ... Cipher cipher = ... SealedObject sealedobject = new SealedObject(serializable, cipher);
Once a SealedObject instance has been created or reconstituted from a stream of bytes, the getObject() method retrieves the wrapped object:
// Any one of the following will work. Note the additional // Cipher or Key parameter. sealedobject.getObject(cipher); sealedobject.getObject(key); sealedobject.getObject(key, provider);
To summarize, the SignedObject class simply signs the contents of the wrapped object. The signature allows others to authenticate the purported sender's
identity and to verify the contents' integrity. The SealedObject class goes one step further and actually encrypts the sealed contents to protect its meaning from prying eyes. However, to
use it, you must move beyond the borders of the J2SE and install (and require all users to install) the JCE.
The following examples demonstrate how to use these two classes in their native environment.
SignedObject classSealedObject