-
Bug
-
Resolution: Not an Issue
-
P4
-
None
-
1.2.0, 1.3.0
-
generic
-
generic, solaris_2.5
The Java Cryptography Extension (JCE) 1.2 is a standard Java extension
(see http://java.sun.com/products/jce).
In JCE 1.2, we provide a class named javax.crypto.SealedObject which
allows you to protect the condifentiality of any serializable object
by encrypting its serialized contents. The SealedObject constructor
takes 2 arguments: the object to be sealed (must be serializable), and
a Cipher object initialized for encryption. In the constructor
implementation, we serialize the object that was passed to the
constructor and encrypt its serialized contents with the Cipher
object.
This works fine if we seal objects of "standard" Java classes, but it
fails if we try to seal objects of custom Java classes. When we seal
an object of a custom Java class, and later try to unseal it, a
ClassNotFoundException is raised.
(see http://java.sun.com/products/jce).
In JCE 1.2, we provide a class named javax.crypto.SealedObject which
allows you to protect the condifentiality of any serializable object
by encrypting its serialized contents. The SealedObject constructor
takes 2 arguments: the object to be sealed (must be serializable), and
a Cipher object initialized for encryption. In the constructor
implementation, we serialize the object that was passed to the
constructor and encrypt its serialized contents with the Cipher
object.
This works fine if we seal objects of "standard" Java classes, but it
fails if we try to seal objects of custom Java classes. When we seal
an object of a custom Java class, and later try to unseal it, a
ClassNotFoundException is raised.
- duplicates
-
-
- Closed
-
- relates to
-
-
- Closed
-