Merge branch 'develop' into v3

* develop: Adding equals etc methods to AESKey
jorabin · Oct 9, 2024 · 6315bb7 · 6315bb7
2 parents 34a5be1 + 83cb259
commit 6315bb7
Showing 1 changed file with 29 additions and 4 deletions.
diff --git a/database/src/main/java/org/linguafranca/pwdb/PropertyValue.java b/database/src/main/java/org/linguafranca/pwdb/PropertyValue.java
@@ -5,7 +5,6 @@
 import javax.crypto.Cipher;
 import javax.crypto.SealedObject;
 import javax.crypto.SecretKey;
-import javax.security.auth.DestroyFailedException;
 import java.io.ByteArrayInputStream;
 import java.io.ByteArrayOutputStream;
 import java.io.IOException;
@@ -19,11 +18,12 @@
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.List;
+import java.util.Objects;
 
 /**
  * An interface through which (textual) property values can be stored in memory as something other than String
- * and using various techniques for obfuscating the value and to make it
- * harder to access the values via a heap dump etc.
+ * and using various techniques for obfuscating the value and to make it harder to access the values
+ * via a heap dump etc.
  */
 public interface PropertyValue {
     CharSequence getValue();
@@ -330,8 +330,10 @@ public static PropertyValue.Factory<SealedStore> getFactory() {
         /**
          * Believe it or not ... a SecretKey generated by the standard KeyGenerator throws an
          * exception when the destroy() method is called, so we roll our own
+         * <p>
+         * See JavaDoc of {@link SecretKey} re serialization etc
          */
-        private static class AESKey implements SecretKey, Serializable {
+        private static class AESKey implements SecretKey {
             private boolean destroyed = false;
             private final byte[] key = new byte[16];
             final String algorithm = "AES";
@@ -365,6 +367,29 @@ public String getFormat() {
             public byte[] getEncoded() {
                 return this.key.clone();
             }
+
+            @Override
+            public boolean equals(Object o) {
+                if (this == o) return true;
+                if (!(o instanceof AESKey)) return false;
+                AESKey aesKey = (AESKey) o;
+                return destroyed == aesKey.destroyed && Arrays.equals(key, aesKey.key);
+            }
+
+            @Override
+            public int hashCode() {
+                int result = Objects.hash(destroyed, algorithm);
+                result = 31 * result + Arrays.hashCode(key);
+                return result;
+            }
+
+            @SuppressWarnings("unused")
+            public void writeObject(ObjectOutputStream os) throws IOException {
+                if (destroyed) {
+                    throw new IllegalStateException("Can't serialize a destroyed key");
+                }
+                os.defaultWriteObject();
+            }
         }
 
         public SealedStore(byte [] bytes){