org.jscience.util
Class Encoded

java.lang.Object
  extended by org.jscience.util.Encoded
All Implemented Interfaces:
java.io.Serializable

public class Encoded
extends java.lang.Object
implements java.io.Serializable

Encoded encapsulates a serializable object in an encrypted format that requires the same synchronous key for both, encoding and decoding. The key itself is not stored with the object, but a signature identifying the key.

Instances of this class can be used to conveniently send objects over untrusted network connections.

This class just exist for convenience; it has many security flaws for any serious application (even though being so simple). For starters: as the embedded byte array is already known to contain a serialized object, an intelligent attack on the key algorithm can make many useful assumptions based on the fact that the right decryption must lead to a byte array denoting a serialized Java object.

See Also:
SynchronousKey, Serialized Form

Constructor Summary
Encoded(java.lang.Object sourceObject, SynchronousKey key)
          stores the encryped bytes of the given objects (using the key) and the signature of the given key (not the key itself)
 
Method Summary
 java.lang.Object decode(SynchronousKey key)
          decodes the embedded encrypted object given the right key
 boolean equals(java.lang.Object obj)
           
 
Methods inherited from class java.lang.Object
clone, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

Encoded

public Encoded(java.lang.Object sourceObject,
               SynchronousKey key)
        throws java.io.IOException
stores the encryped bytes of the given objects (using the key) and the signature of the given key (not the key itself)

Parameters:
sourceObject - must be serializable
Throws:
java.io.IOException
See Also:
SynchronousKey.getKeySignature()
Method Detail

decode

public java.lang.Object decode(SynchronousKey key)
                        throws java.io.IOException,
                               java.lang.ClassNotFoundException
decodes the embedded encrypted object given the right key

Throws:
java.io.IOException - if the object could not be deserialized, which may also be a result of the wrong key
java.lang.ClassNotFoundException

equals

public boolean equals(java.lang.Object obj)
Overrides:
equals in class java.lang.Object