Win a copy of Design for the Mind this week in the Design forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Ciphering a Serailized Object

 
Muhammad Farag
Greenhorn
Posts: 12
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
hi guys i`m making a project , i will paint the all picture for you.
i have to create a server that send a serialized object to another client but this stream must be encrypted using a Cipher class but i just cant do this ... i will send a test code only but You will get the idea from it


all repliers are thanked in advance.



 
Rob Spoor
Sheriff
Pie
Posts: 20511
54
Chrome Eclipse IDE Java Windows
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
If you're using sockets to transfer the data, yYou could do this by using a custom Socket and ServerSocket:

I found this approach on Javaworld.com, and it can be used with any type of FilterInputStream and FilterOutputStream; their example showed sending data using GZip compression.

If you're using RMI, you can use the same classes as above, and use a custom subclass of java.rmi.server.RMISocketFactory that returns instances of these classes for the abstract methods. Then you can pass an instance of this socket factory to the constructor of java.rmi.server.UnicastRemoteObject, or when calling java.rmi.registry.LocateRegistry's createRegistry or getRegistry methods.
 
Rob Spoor
Sheriff
Pie
Posts: 20511
54
Chrome Eclipse IDE Java Windows
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
One correction to the above code.

A cipher is either initialized to encrypt or decrypt, not both. Therefore, you'll need two ciphers - one for encrypting and one for decrypting. You'll use the decrypt cipher in getInputStream() since you'll decrypt the data you've read, and use the encrypt cipher in getOutputStream() since you'll encrypt the data you're going to send.

This even allows for asymmetric encryption: the ciphers used for encrypting and decrypting can be totally different. This way, if you send the same data back, it will look different for anyone intercepting the data packets. Just make sure that the socket's encrypt cipher matches the server socket's decrypt cipher and vice versa.

Of course using the same cipher (except one for encrypting, the other for decrypting) will make sure there will be no bugs due to incorrect linking of the ciphers.


You can also write a wrapper around the ciphers, that can both encrypt and decrypt, and then either return encryption and decryption ciphers, or methods to wrap an input stream into a CipherInputStream and an output stream into a CipherOutputStream.
 
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic