Java.next -- Four languages that represent the future of Java
Blogger Stuart Halloway has begun a series of posts on trends that point to the future of the Java platform. In his first post, he compares Clojure, Groovy, JRuby, and Scala -- four wildly different languages that nonetheless all play together in the JRE. Find out what unites these languages and what they can tell us about the future of Java-based development ...

Newsletter sign-up

Sign up for our technology specific newsletters.

Enterprise Java
View all newsletters
Email Address:
JavaWorld.com > Java Development Tools >

Signed and sealed objects deliver secure serialized content

Protect information with the SignedObject and SealedObject classes

By Todd Sundsted, JavaWorld.com, 11/17/00

A developer building an application will encounter many situations in which he or she will want to protect the integrity and/or contents of a serialized object as it is transferred over or stored on untrusted media. Consider a distributed application in which a set of loosely coupled servers must serve a legion of mobile clients -- clients that can connect to and disconnect from any one of the servers at any time. When the servers' state is not synchronized or cannot be kept synchronized, the clients must assist with the state maintenance. If the transactions the clients engage in span more than one connection with more than one server, the client must maintain a state that contains the information necessary to reestablish transaction context with each server. If the clients, their users, or the underlying transmission and storage media cannot preserve the stored state's integrity, the servers must take specific steps to guarantee that the state information they store on the client is protected.

The example above is not unique. Client-side wallet applications, mobile agent applications, and many kinds of mobile computing applications face the same challenges. This month, I will show you how to protect the contents of serialized objects when they traverse or reside on untrusted media. This information will better prepare you for designing and building distributed applications, especially those that use Java serialization to store state information.

The two players

The Java security package java.security and the Java Cryptography Extension (JCE) package javax.crypto contain a pair of classes designed to address these challenges. These classes protect the integrity and/or content of serialized objects that spend time in an untrusted environment. Before delving into the details of usage and implementation, let's take a look at the two classes and the differences between them.

The SignedObject class

Included in the java.security package along with the classes it depends upon, the SignedObject class makes up part of the Java 2 Platform, Standard Edition.

An instance of the SignedObject class acts as a wrapper around an instance of another class. A SignedObject instance contains the serialized representation of the wrapped object, along with the signature information necessary to validate the wrapped object's authenticity and integrity.

Three conditions must be met to create a SignedObject instance:

  1. The wrapped class must be serializable. The SignedObject instance operates by transforming an instance of a class into a serialized byte stream and then signing that byte stream.
  2. The constructor requires the signer's private key. The Signature class presumes the use of a public/private key pair, even in situations in which a shared secret key would suffice for the wrapped object's authentication and verification.
  3. The constructor requires a signature-generation engine, represented by an instance of the Signature class.


With these stipulations satisfied, the programmer creates an instance of the SignedObject class as follows:

Resources