|
|
Optimize with a SATA RAID Storage Solution
Range of capacities as low as $1250 per TB. Ideal if you currently rely on servers/disks/JBODs
Page 2 of 2
The first example reads a file into a byte array and wraps that byte array in a SignedObject instance.
// Read a file from disk.
File fileIn = new File(...);
FileInputStream fileinputstream = new FileInputStream(fileIn);
byte [] rgb = new byte [(int)fileIn.length()];
fileinputstream.read(rgb);
// Assume the private key comes from somewhere, is created, or is
// deserialized from the file on disk.
PrivateKey privatekey = ...
// For this example, we'll use the "DSA" algorithm, which is part
// of Sun's standard library.
Signature signature = Signature.getInstance("DSA");
SignedObject signedobject = new SignedObject(rgb, privatekey, signature);
The accompanying example shows how to verify the signed object and obtain the wrapped object.
// Read the serialized signed object from disk.
File fileIn = new File(...);
FileInputStream fileinputstream = new FileInputStream(fileIn);
ObjectInputStream objectinputstream = new
ObjectInputStream(fileinputstream);
SignedObject signedobject = (SignedObject)objectinputstream.readObject();
// Assume the public key comes from somewhere, is created, or is
// deserialized from the file on disk. It should correspond
// to the private key used to sign the object.
PublicKey publickey = ...
// For this example, we'll use the "DSA" algorithm, which is part
// of Sun's standard library.
Signature signature = Signature.getInstance("DSA");
signedobject.verify(publickey, signature);
byte [] rgb = (byte [])signedobject.getObject();
The next example illustrates how to read a file into a byte array and wrap that byte array in a SealedObject instance. Note the similarities in usage.
// Read a file from disk.
File fileIn = new File(...);
FileInputStream fileinputstream = new FileInputStream(fileIn);
byte [] rgb = new byte [(int)fileIn.length()];
fileinputstream.read(rgb);
// Assume the key comes from somewhere, is created, or is
// deserialized from the file on disk.
Key key = ...
// For this example, we'll use the "DES" algorithm, which is part of
// Sun's standard library.
Cipher cipher = Cipher.getInstance("DES");
cipher.init(Cipher.ENCRYPT_MODE, key);
SealedObject sealedobject = new SealedObject(rgb, cipher);
The final example demonstrates how to obtain the wrapped object.
// Read the serialized sealed object from disk.
File fileIn = new File(...);
FileInputStream fileinputstream = new FileInputStream(fileIn);
ObjectInputStream objectinputstream = new
ObjectInputStream(fileinputstream);
SealedObject sealedobject = (SealedObject)objectinputstream.readObject();
// Assume the key comes from somewhere, is created, or is
// deserialized from the file on disk.
Key key = ...
// For this example, we'll use the "DES" algorithm, which is part of
// Sun's standard library.
Cipher cipher = Cipher.getInstance("DES");
cipher.init(Cipher.DECRYPT_MODE, key);
byte [] rgb = (byte [])sealedobject.getObject(cipher);
You can download the complete source code for these four examples in Resources.
Both the SignedObject class and the SealedObject class are useful additions to any developer's toolbox. They will serve you well whenever you need to ensure that nothing
tampers with serialized instances stored in untrusted media (or even examines them, in the case of the SealedObject).
Next month, I will present two more extremely handy classes, the GuardedObject class and the AccessControlContext class, both of which are useful when making security decisions outside of the caller's current context.
Read more about Tools & Methods in JavaWorld's Tools & Methods section.
SignedObject classSealedObject