eneter.messaging.dataprocessing.serializing

Class RsaDigitalSignatureSerializer

java.lang.Object

eneter.messaging.dataprocessing.serializing.RsaDigitalSignatureSerializer

All Implemented Interfaces:

ISerializer

public class RsaDigitalSignatureSerializer
extends java.lang.Object
implements ISerializer

Serializer digitaly signing data. Serialization:

1. Incoming data is serialized by underlying serializer (e.g. XmlStringSerializer)
2. SHA1 hash is calculated from the serialized data.
3. The hash is encrypted with RSA using the private key.
4. The serialized data consists of serialized data, encoded hash (signature) and public certificate of the signer.

Deserialization:

1. The public certificate is taken from serialized data and verified. (you can provide your own verification)
2. SHA1 hash is calculated from serialized data.
3. Encrypted hash (signature) is decrypted by public key taken from the certificate.
4. If the decrypted hash is same as calculated one the data is ok.
5. Data is deserialized by the underlying serializer and returned.

 
 String aDataToSerialize = "Hello";
 
 // Public certificate
 CertificateFactory aCertificateFactory = CertificateFactory.getInstance("X.509");
 FileInputStream aCertificateStream = new FileInputStream("d:/MySigner.cer");
 X509Certificate aCertificate = (X509Certificate) aCertificateFactory.generateCertificate(aCertificateStream);
 
 // Private key
 File aPrivateKeyFile = new File("d:/MySigner.pk8");
 BufferedInputStream aBufferedPrivateKey = new BufferedInputStream(new FileInputStream(aPrivateKeyFile));
 byte[] aPrivateKeyBytes = new byte[(int)aPrivateKeyFile.length()];
 aBufferedPrivateKey.read(aPrivateKeyBytes);
 KeySpec aKeySpec = new PKCS8EncodedKeySpec(aPrivateKeyBytes);
 RSAPrivateKey aPrivateKey = (RSAPrivateKey)KeyFactory.getInstance("RSA").generatePrivate(aKeySpec);
 
 // Create serializer
 ISerializer aSerializer = new RsaDigitalSignatureSerializer(aCertificate, aPrivateKey);
 
 // Serialize
 Object aSerializedData = aSerializer.serialize(aDataToSerialize, String.class);
 
 // Deserialize
 String aDeserializedData = aSerializer.deserialize(aSerializedData, String.class);
 
 

Constructor Summary

Constructors

Constructor and Description
RsaDigitalSignatureSerializer(java.security.cert.X509Certificate signerCertificate, java.security.interfaces.RSAPrivateKey signerPrivateKey) Constructs serializer with default parameters.
RsaDigitalSignatureSerializer(java.security.cert.X509Certificate signerPublicCertificate, java.security.interfaces.RSAPrivateKey signerPrivateKey, IFunction1<java.lang.Boolean,java.security.cert.X509Certificate> verifySignerCertificate, ISerializer underlyingSerializer) Constructs serializer with custom parameters.

Method Summary

Modifier and Type	Method and Description
<T> T	deserialize(java.lang.Object serializedData, java.lang.Class<T> clazz) Deserializes data.
<T> java.lang.Object	serialize(T dataToSerialize, java.lang.Class<T> clazz) Serializes data.

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

RsaDigitalSignatureSerializer

public RsaDigitalSignatureSerializer(java.security.cert.X509Certificate signerCertificate,
                                     java.security.interfaces.RSAPrivateKey signerPrivateKey)

Constructs serializer with default parameters. It uses XmlStringSerializer as the underlying serializer and it uses default X509Certificate.checkValidity() method to verify the public certificate. if parameters signerCertificate and signerPrivateKey are null then the serializer can be used only for deserialization.

Parameters:

signerCertificate - public certificate of the signer. This certificate will be attached to serialized data so that the deserializer can verify the signer identity and can check if signed data are not changed.

signerPrivateKey - private key that will be used to sign data.

RsaDigitalSignatureSerializer

public RsaDigitalSignatureSerializer(java.security.cert.X509Certificate signerPublicCertificate,
                                     java.security.interfaces.RSAPrivateKey signerPrivateKey,
                                     IFunction1<java.lang.Boolean,java.security.cert.X509Certificate> verifySignerCertificate,
                                     ISerializer underlyingSerializer)

Constructs serializer with custom parameters. if parameters signerCertificate and signerPrivateKey are null then the serializer can be used only for deserialization.

Parameters:

signerPublicCertificate - public certificate of the signer. This certificate will be attached to serialized data so that the deserializer can verify the signer identity and can check if signed data are not changed.

signerPrivateKey - private key that will be used to sign data.

verifySignerCertificate - Method that will check the signer public certificate before deserializing. If null then default X509Certificate.checkValidity() is used.

underlyingSerializer - underlying serializer used to serialize data. It can be any serializer from this namespace.

Method Detail

serialize

public <T> java.lang.Object serialize(T dataToSerialize,
                                      java.lang.Class<T> clazz)
                               throws java.lang.Exception

Serializes data.

Specified by:

serialize in interface ISerializer

Parameters:

dataToSerialize - Data to be serialized.

clazz - represents the serialized type.

Returns:

Object representing the serialized data. Based on the serializer implementation it can be byte[] or String.

Throws:

java.lang.Exception - If the serialization fails.

deserialize

public <T> T deserialize(java.lang.Object serializedData,
                         java.lang.Class<T> clazz)
                  throws java.lang.Exception

Deserializes data.

Specified by:

deserialize in interface ISerializer

Parameters:

serializedData - Data to be deserialized.

Returns:

Deserialized object.

Throws:

java.lang.Exception - If the deserialization fails.