public class SealedObject extends Object implements Serializable
SealedObject
is a wrapper around a serializable
object
instance and encrypts it using a cryptographic cipher.
Since a SealedObject
instance is serializable it can
either be stored or transmitted over an insecure channel.
The wrapped object can later be decrypted (unsealed) using the corresponding key and then be deserialized to retrieve the original object. The sealed object itself keeps track of the cipher and corresponding parameters.
Modifier and Type | Field and Description |
---|---|
protected byte[] |
encodedParams
The cipher's
AlgorithmParameters in encoded format. |
Modifier | Constructor and Description |
---|---|
protected |
SealedObject(SealedObject so)
Creates a new
SealedObject instance by copying the data from
the specified object. |
|
SealedObject(Serializable object,
Cipher c)
Creates a new
SealedObject instance wrapping the specified object
and sealing it using the specified cipher. |
Modifier and Type | Method and Description |
---|---|
String |
getAlgorithm()
Returns the algorithm this object was sealed with.
|
Object |
getObject(Cipher c)
Returns the wrapped object, decrypting it using the specified
cipher.
|
Object |
getObject(Key key)
Returns the wrapped object, decrypting it using the specified key.
|
Object |
getObject(Key key,
String provider)
Returns the wrapped object, decrypting it using the specified key.
|
protected byte[] encodedParams
AlgorithmParameters
in encoded format.
Equivalent to cipher.getParameters().getEncoded()
,
or null if the cipher did not use any parameters.public SealedObject(Serializable object, Cipher c) throws IOException, IllegalBlockSizeException
SealedObject
instance wrapping the specified object
and sealing it using the specified cipher.
The cipher must be fully initialized.
object
- the object to seal, can be null
.c
- the cipher to encrypt the object.IOException
- if the serialization fails.IllegalBlockSizeException
- if the specified cipher is a block cipher and the length of
the serialized data is not a multiple of the ciphers block
size.NullPointerException
- if the cipher is null
.protected SealedObject(SealedObject so)
SealedObject
instance by copying the data from
the specified object.so
- the object to copy.public final String getAlgorithm()
public final Object getObject(Key key) throws IOException, ClassNotFoundException, NoSuchAlgorithmException, InvalidKeyException
key
- the key to decrypt the data with.IOException
- if deserialization fails.ClassNotFoundException
- if deserialization fails.NoSuchAlgorithmException
- if the algorithm to decrypt the data is not available.InvalidKeyException
- if the specified key cannot be used to decrypt the data.public final Object getObject(Cipher c) throws IOException, ClassNotFoundException, IllegalBlockSizeException, BadPaddingException
c
- the cipher to decrypt the data.IOException
- if deserialization fails.ClassNotFoundException
- if deserialization fails.IllegalBlockSizeException
- if the specified cipher is a block cipher and the length of
the serialized data is not a multiple of the ciphers block
size.BadPaddingException
- if the padding of the data does not match the padding scheme.public final Object getObject(Key key, String provider) throws IOException, ClassNotFoundException, NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException
key
- the key to decrypt the data.provider
- the name of the provider that provides the cipher algorithm.IOException
- if deserialization fails.ClassNotFoundException
- if deserialization fails.NoSuchAlgorithmException
- if the algorithm used to decrypt the data is not available.NoSuchProviderException
- if the specified provider is not available.InvalidKeyException
- if the specified key cannot be used to decrypt the data.