Posted on 2004-08-05
I am writing a des3 application.
Class1 generates a key and then writes the key to a file.
Class2 reads the file and generates the SecretKEy object by reading the file. IT then holds a referemce to this SecretKey.
Class3 & Class4 hold a reference to class2 to obtain the SecretKey for encryption and decryption. This is because performance will not suffer in reading the file and generating the key each time it needs to be used.
My main concern is that Class2 exposes its SecretKey then it poses a security risk as anyone can then reference this class in there code to obtain the key and decrypt data.
Is there anyway in Java security I can use which prevents this from happening, I only want Class3 & Class4 to see class2 no other code should be able to reference class2 without it going belly up.
I really hope this makes sense.
Many Thanks, this is urgent.