mikko.nu...@gmail.com
Nov 10, 2014, 9:24:09 AM11/10/14
to codenameone...@googlegroups.com
Hi,
I have a tree-like structure that is externalized piece by piece (HashTables & Vectors containing externalizable objects) and it is working fine.
However now it is mandatory to protect the externalized data, if phone is e.g stolen. I guess that files that are created by persistent storage are not encrypted or inaccessible by some software? If not, I need to encrypt the data or the files. I downloaded Bouncy Castle for viewing but im not sure which way I should use it. I guess that the options are to encrypt the variables before externalization (sounds heavy) or the actual file... or something between. Is there a nice way to work with the persistence storage so that I can encrypt the data before saving, or do I have to encrypt the actual data in objects? Any experiences, think this should be quite common issue?
I have a tree-like structure that is externalized piece by piece (HashTables & Vectors containing externalizable objects) and it is working fine.
However now it is mandatory to protect the externalized data, if phone is e.g stolen. I guess that files that are created by persistent storage are not encrypted or inaccessible by some software? If not, I need to encrypt the data or the files. I downloaded Bouncy Castle for viewing but im not sure which way I should use it. I guess that the options are to encrypt the variables before externalization (sounds heavy) or the actual file... or something between. Is there a nice way to work with the persistence storage so that I can encrypt the data before saving, or do I have to encrypt the actual data in objects? Any experiences, think this should be quite common issue?
Shai Almog
Nov 10, 2014, 11:12:33 AM11/10/14
to codenameone...@googlegroups.com, mikko.nu...@gmail.com
Hi,
I'm not a BC expert but just looking at the API assuming you work with InputStream/OutputStream you can just wrap them in CipherOutputStream/InputStream and effectively get encrypted storage.
I'm not a BC expert but just looking at the API assuming you work with InputStream/OutputStream you can just wrap them in CipherOutputStream/InputStream and effectively get encrypted storage.
mikko.nu...@gmail.com
Nov 12, 2014, 3:53:03 PM11/12/14
to codenameone...@googlegroups.com, mikko.nu...@gmail.com
Hi,
and thanks again for you swift reply. That indeed sounds nice... but I don't know if I'm missing something. So far I have only used Storage's readObject and writeObject methods and I don't know how could I wrap InputStream/OutputStream before actually saving something (writeObject) since they heavily protected. And even if data is saved through writeObject (saving data file first unprotected) the createInputStream method returns an InputStream that has nothing to iterate via read() and encrypt.
and thanks again for you swift reply. That indeed sounds nice... but I don't know if I'm missing something. So far I have only used Storage's readObject and writeObject methods and I don't know how could I wrap InputStream/OutputStream before actually saving something (writeObject) since they heavily protected. And even if data is saved through writeObject (saving data file first unprotected) the createInputStream method returns an InputStream that has nothing to iterate via read() and encrypt.
Shai Almog
Nov 13, 2014, 1:20:54 AM11/13/14
to codenameone...@googlegroups.com, mikko.nu...@gmail.com
Hi,
yes that would be a bit harder.
You would need to replace calls to readObject/WriteObject. If you look in Storage.java you can see that read/write object just invoke storage so you can use that strategy with your own custom methods:
yes that would be a bit harder.
You would need to replace calls to readObject/WriteObject. If you look in Storage.java you can see that read/write object just invoke storage so you can use that strategy with your own custom methods:
public Object readObject(String name) {
name = fixFileName(name);
Object o = cache.get(name);
if(o != null) {
return o;
}
DataInputStream d = null;
try {
if(!exists(name)) {
return null;
}
d = new DataInputStream(createInputStream(name));
o = Util.readObject(d);
d.close();
cache.put(name, o);
return o;
} catch(Exception err) {
err.printStackTrace();
Util.getImplementation().cleanup(d);
return null;
}
}
public boolean writeObject(String name, Object o) {
name = fixFileName(name);
cache.put(name, o);
DataOutputStream d = null;
try {
d = new DataOutputStream(createOutputStream(name));
Util.writeObject(o, d);
d.close();
return true;
} catch(Exception err) {
err.printStackTrace();
Util.getImplementation().deleteStorageFile(name);
Util.getImplementation().cleanup(d);
return false;
}
}
mikko.nu...@gmail.com
Dec 2, 2014, 10:08:43 AM12/2/14
to codenameone...@googlegroups.com, mikko.nu...@gmail.com
Hi,
and thanks for you advice. However I had only a few objects so I ended up to "serialize" them into a string and encrypted the byte array of that string with BC. But it would be nice if someone implemented that snippet into Codename One so the encryption / decryption would be nicely wrapped into storage :).
and thanks for you advice. However I had only a few objects so I ended up to "serialize" them into a string and encrypted the byte array of that string with BC. But it would be nice if someone implemented that snippet into Codename One so the encryption / decryption would be nicely wrapped into storage :).
Shai Almog
Dec 2, 2014, 1:23:37 PM12/2/14
to codenameone...@googlegroups.com, mikko.nu...@gmail.com
Agreed.
Reply all
Reply to author
Forward
0 new messages