Class CipherTextSerializer


  • public class CipherTextSerializer
    extends java.lang.Object
    Helper class to assist with programming language and platform independent serialization of CipherText objects. The serialization is done in network-byte order which is the same as big-endian byte order.

    This serialization scheme is documented in Format of Portable Serialization of org.owasp.esapi.crypto.CipherText Objects. Other serialization schemes may be desirable and could be supported (notably, RFC 5083 - Cryptographic Message Syntax (CMS) Authenticated-Enveloped-Data Content Type, or CMS' predecessor, PKCS#7 (RFC 2315)), but these serialization schemes are by comparison very complicated, and do not have extensive support for the various implementation languages which ESAPI supports. (Perhaps wishful thinking that other ESAPI implementations such as ESAPI for .NET, ESAPI for C, ESAPI for C++, etc. will all support a single, common serialization technique so they could exchange encrypted data.)

    Since:
    2.0
    Author:
    kevin.w.wall@gmail.com
    • Constructor Summary

      Constructors 
      Constructor Description
      CipherTextSerializer​(byte[] cipherTextSerializedBytes)
      Given byte array in network byte order (i.e., big-endian order), convert it so that a CipherText can be constructed from it.
      CipherTextSerializer​(CipherText cipherTextObj)  
    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      CipherText asCipherText()
      Return the actual CipherText object.
      byte[] asSerializedByteArray()
      Return this CipherText object as a specialized, portable serialized byte array.
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Field Detail

      • cipherTextSerializerVersion

        public static final int cipherTextSerializerVersion
        See Also:
        Constant Field Values
    • Constructor Detail

      • CipherTextSerializer

        public CipherTextSerializer​(CipherText cipherTextObj)
      • CipherTextSerializer

        public CipherTextSerializer​(byte[] cipherTextSerializedBytes)
                             throws EncryptionException
        Given byte array in network byte order (i.e., big-endian order), convert it so that a CipherText can be constructed from it.
        Parameters:
        cipherTextSerializedBytes - A serialized CipherText object with the bytes in network byte order.
        Throws:
        EncryptionException - Thrown if a valid CipherText object cannot be reconstructed from the byte array.
    • Method Detail

      • asSerializedByteArray

        public byte[] asSerializedByteArray()
        Return this CipherText object as a specialized, portable serialized byte array.
        Returns:
        A serialization of this object. Note that this is not the Java serialization.
      • asCipherText

        public CipherText asCipherText()
        Return the actual CipherText object.
        Returns:
        The CipherText object that we are serializing.