Before we conclude this chapter, a brief word on object serialization, keys, and certificates. Keys and certificates are often transmitted electronically, and a reasonable mechanism for transmitting them between Java programs is to send them as serialized objects. In theory--and, most of the time, in practice--this is a workable solution. If you modify some of the examples in this chapter to save and restore serialized keys or certificates, that will certainly work in a testing environment.
A problem arises, however, when you send these serialized objects between virtual machines that have two different security providers. Let's take the case of a DSA public key. When you create such a key with the Sun security provider, you get an instance of the sun.security.provider.DSAPublicKey class. When you create such a key with a third-party security provider, you may get an instance of the com.xyz.XYZPublicKey class. Although both public keys are extensions of the PublicKey class, they cannot be interchanged by object serialization. Serializing a public key created with the Sun security provider requires that the sun.security.provider.DSAPublicKey class be used, and deserialization creates an object of that type, no matter what security providers the deserializing virtual machine has installed. Whether or not the Sun security provider has been installed in the destination virtual machine is irrelevant. The process of deserializing the object uses that class if it is available, and deserialization fails if that class is not available.
Hence, while they are serializable objects, keys and certificates should only be transmitted as encoded data. For keys, you also have the option of transmitting the data contained in the key specification as we did earlier; the key specification classes are not serializable themselves, so you still have to rely on transmitting only the data that those objects contain.
This rule applies not only to keys and certificates that stand alone, but also to classes that embed one of those objects. Take, for example, this class:
public class Message implements Serializable { String msg; X509Certificate cert; byte signature[]; }
If you want to send an object of this class to a remote virtual machine (or save the object to a file), you should override the writeObject() and readObject() methods of the class so that when it is transmitted, the certificate is transmitted only as its encoded data and not as an instance of the sun.security.x509.X509CertImpl class. We'll do just that in Chapter 12, "Digital Signatures".
Copyright © 2001 O'Reilly & Associates. All rights reserved.
This HTML Help has been published using the chm2web software. |