Object to byte[]

Dear all,

I use the code below to write object into file. However, in the final file, i also have the class name and the signature of the class. Due to the security problem, i want to get rid of them. How can I implement it in Java ?


public class Main implements java.io.Serializable { //Key key; public Main () { } public static void main(String[] args) { Main a = new Main (); ByteArrayOutputStream bos = new ByteArrayOutputStream(); ObjectOutputStream oosObject; byte b [] ; FileOutputStream fos; try { oosObject = new ObjectOutputStream(bos); oosObject.writeObject(a); b = bos.toByteArray(); fos = new FileOutputStream("D:\\serialize.conf"); fos.write(b); fos.close(); oosObject.flush(); oosObject.close(); oosObject.close(); } catch (IOException e1) { // TODO Auto-generated catch block e1.printStackTrace(); } } }

you can provide your own writeObject/readObject implementations for your object types rather than relying on the defaults.
I'm not sure what 'security issues' you're trying to resolve, but those methods are how you implement customized Object serialization.

I am developing a cryptography app by using java. In the end of the process, password from user is encrypted and added with some other parameters and meta data into an object, which will be saved into file for the later usage. Therefore, leaving some footprints in the final file is not good. The file will be also read by another program (in C++), so the structure of the file is fixed as well. The content of the object is correct right now, except when being converted into byte array, Java automatically add more information into the final data