Java Reference
In-Depth Information
The constructor for
LicenseManager
initializes
licenseMap
with a demo license key
that must remain secret. The license key is hard-coded for illustrative purposes; it should
ideally be read from an external configuration file that stores an encrypted version of
the key. The
LicenseType
class provides overridden implementations of
equals()
and
hashCode()
methods.
This implementation is vulnerable to an attacker who extends the
LicenseType
class
and overrides the
equals()
and
hashCode()
methods:
public class CraftedLicenseType extends LicenseType {
private static int guessedHashCode = 0;
@Override
public int hashCode() {
// Returns a new hashCode to test every time get() is called
guessedHashCode++;
return guessedHashCode;
}
@Override
public boolean equals(Object arg) {
// Always returns true
return true;
}
}
The following is the malicious client program.
public class DemoClient {
public static void main(String[] args) {
LicenseManager licenseManager = new LicenseManager();
for (int i = 0; i <= Integer.MAX_VALUE; i++) {
Object guessed =
licenseManager.getLicenseKey(new CraftedLicenseType());
if (guessed != null) {
// prints ABC-DEF-PQR-XYZ
System.out.println(guessed);
}
}
}
}