EncryptedObject
extends Object| java.lang.Object | |
| ↳ | com.microstrategy.utils.encryptedobject.EncryptedObject<T extends java.io.Serializable> |
Class Overview
This class is a wrapper class for javax.crypto.SealedObject. SealedObject is recommended to be used to mitigate Heap Inspection vulnerability. It stores sensitive information in a encrypted manner in the memory. To use SealedObject, user needs to provide a Cypher for encryption and the key/Cypher for decryption. This class simplifies the usage of SealedObject by implementing the ASE key generation, persistence, and retrieval for encryption and decryption.
Summary
| Public Constructors | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
EncryptedObject(Serializable var1)
Constructs a EncryptedObject from any Serializable object.
| |||||||||||
| Public Methods | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| final T |
getObject()
Retrieves the original (encapsulated) object.
| ||||||||||
| static void |
init()
Initiate EncryptedObject with supported encryption algorithm.
| ||||||||||
| static void |
setKeyFileDirectory(String inKeyFileDir)
Set the directory for saving the encryption key.
| ||||||||||
|
[Expand]
Inherited Methods | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
From class
java.lang.Object
| |||||||||||
Public Constructors
public EncryptedObject (Serializable var1)
Constructs a EncryptedObject from any Serializable object. The given object is serialized, and its serialized contents are encrypted using a generated AES key.
Parameters
| var1 | the object to be sealed; please avoid using String if possible. String is immutable and may cause heap inspection vulnerability. Suggest to use char[] instead of String. |
|---|
Throws
| EncryptedObjectException | - if there is anything wrong during encryption. |
|---|
Public Methods
public final T getObject ()
Retrieves the original (encapsulated) object. This method retrieve the AES key used to encrypt the object, creates a cipher, unseal and de-serialize the encapsulated object.
Returns
- the original object.
Throws
| EncryptedObjectException | - if there is anything wrong during encryption. |
|---|
public static void init ()
Initiate EncryptedObject with supported encryption algorithm. At the same time generate and save the AES key.
Throws
| EncryptedObjectException | - if there is anything wrong during key generation. |
|---|
public static void setKeyFileDirectory (String inKeyFileDir)
Set the directory for saving the encryption key. By default tmp directory will be used if this function is not called. Need to be called before other functions are called to take effect.
Parameters
| inKeyFileDir | the specified path to save encryption key. Need to make sure the program has read and write permission to the folder. |
|---|