CODEWITHSUNDEEP
encryptionblackberry
Tejaswi Yerukalapudi
Tejaswi Yerukalapudi

Reputation: 9157

Blackberry encrypt+persist data

My system enables users to save their work as a draft. I'd like to encrypt the data before I persist it. I was working on this -

AESKey k = new AESKey();
AESEncryptorEngine a = new AESEncryptorEngine(k);
a.encrypt(byte[] data_input, int input_offset, byte[] data_output, byte[] output_offset);

I however need to persist an object. Is there a way to get a byte[] stream from an object? Also, which encryption standard should I be looking at considering the processor / memory limitations of a mobile device?

Thanks,
Teja.

Upvotes: 1

Views: 477

Answers (3)

Dan Gifford
Dan Gifford

Reputation: 896

From what I can tell, the ControlledAccees routines don't actually encrypt the object, they simply make finding the persistent object really hard.

Does anyone know how to either truly encrypt an object, or turn it into a byte stream so that it can be encrypted using BlowFish/TwoFish/another encryption technique?

Upvotes: 0

Eric
Eric

Reputation: 19162

You mention that you're going to persist your object; does that mean that you intend to place it in the PersistentStore? If so, you have access to some built-in protection.

You can use a ControlledAccess object to prevent any access from an app without your code signing keys. You can find more information here: http://www.blackberry.com/developers/docs/4.1api/net/rim/device/api/system/ControlledAccess.html

Upvotes: 3

defectivehalt
defectivehalt

Reputation: 2532

To persist an object, have your class implement Serializable and write the object to a file. See here for more info about serialization.

If encryption is necessary, you could just encrypt the file. I'm pretty sure Blowfish is the way to go for an embedded device. It uses very little memory and AES is a bit slower on an ARM based processor.

Upvotes: 0

Related Questions