本文介绍了用三重加密加密完整对象的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我需要加密一个完整的java对象。我有一个我在互联网上看到的代码,显示如何加密和解密文本而不是java对象。所以我很困惑,这是否可以加密完整的java对象。我正在使用的代码在下面。 包安全;
import java.security.spec.KeySpec;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESedeKeySpec;
import sun.misc.BASE64Decoder;
import sun.misc.BASE64Encoder;
/ **
*此类使用三重DES
*算法和用于生成,读取和写入三重DES密钥来定义加密和解密的方法。它还
*定义了一个main()方法,允许从命令
*行使用这些方法。
* /
public class TripleDesEncryptionDecryption {
/ **
*程序。第一个参数必须是-e,-d或-g进行加密,
*解密或生成一个密钥。第二个参数是文件
*的名称,从中读取密钥或为-g写入密钥。 -e和
* -d参数导致程序从标准输入读取加密,或
*解密到标准输出。
* /
private static final String UNICODE_FORMAT =UTF8;
public static final String DESEDE_ENCRYPTION_SCHEME =DES / ECB / NoPadding;
private KeySpec myKeySpec;
private SecretKeyFactory mySecretKeyFactory;
私密密码;
byte [] keyAsBytes;
private String myEncryptionKey;
private String myEncryptionScheme;
SecretKey键;
static String stringToEncrypt =;抛出异常
{
myEncryptionKey = myKey;
myEncryptionScheme = DESEDE_ENCRYPTION_SCHEME;
keyAsBytes = myEncryptionKey.getBytes(UNICODE_FORMAT);
myKeySpec = new DESedeKeySpec(keyAsBytes);
mySecretKeyFactory = SecretKeyFactory.getInstance(myEncryptionScheme);
cipher = Cipher.getInstance(myEncryptionScheme);
key = mySecretKeyFactory.generateSecret(myKeySpec);
}
/ **
*加密字符串的方法
* /
public String encrypt(String unencryptedString){
String encryptedString = null;
try {
cipher.init(Cipher.ENCRYPT_MODE,key);
byte [] plainText = unencryptedString.getBytes(UNICODE_FORMAT);
byte [] encryptedText = cipher.doFinal(plainText);
BASE64Encoder base64encoder = new BASE64Encoder();
encryptedString = base64encoder.encode(encryptedText);
} catch(Exception e){
e.printStackTrace();
}
return encryptedString;
}
/ **
*解密一个加密字符串的方法
* /
public String decrypt(String encryptedString){
String decryptptedText = null;
try {
cipher.init(Cipher.DECRYPT_MODE,key);
BASE64Decoder base64decoder = new BASE64Decoder();
byte [] encryptedText = base64decoder.decodeBuffer(encryptedString);
byte [] plainText = cipher.doFinal(encryptedText);
decryptptedText = bytes2String(plainText);
} catch(Exception e){
e.printStackTrace();
}
return decrypttext;
}
/ **
*从字节数组返回String
* /
private static String bytes2String(byte [] bytes){
StringBuffer stringBuffer = new StringBuffer(); (int i = 0; i< bytes.length; i ++){
stringBuffer.append((char)bytes [i]);
}
return stringBuffer.toString();
}
/ **
*测试DESede加密和解密技术
* /
public static void main(String args [])throws Exception
{
TripleDesEncryptionDecryption myEncryptor = new TripleDesEncryptionDecryption();
String encrypted = myEncryptor.encrypt(stringToEncrypt);
String decryptpted = myEncryptor.decrypt(encrypted);
System.out.println(String to Encrypt:+ stringToEncrypt);
System.out.println(加密值:+加密);
System.out.println(解密值:+解密);
}
}
解决方案
是一个Java类,名为 SealedObject (),它完全符合你想要实现的目的。
对象加密只有一个限制,它必须是可序列化。
MyObject myObj = new MyObject(); //必须是可序列化的
加密密码;
/ *使用IV,key和Cipher.ENCRYPT_MODE * /
/ *加密`myObj` * /
SealedObject sealedObj = new SealedObject(myObj,cipher);
/ * decrypt`sealedObj` * /
MyObjct decryptptedObj =(MyObject)sealedObj.get(key); //`key` =加密键
基本上这个类用 ObjectOutputStream 和 ByteArrayOutputStream ,并自动跟踪用于加密的算法。
I need to encrypt a complete java object. I am having a code which i have seen on internet which shows how to encrypt and decrypt text not the java object. So i was confused whether this is possible to encrypt complete java object. The code which i am using is below.
package security;
import java.security.spec.KeySpec;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESedeKeySpec;
import sun.misc.BASE64Decoder;
import sun.misc.BASE64Encoder;
/**
* This class defines methods for encrypting and decrypting using the Triple DES
* algorithm and for generating, reading and writing Triple DES keys. It also
* defines a main() method that allows these methods to be used from the command
* line.
*/
public class TripleDesEncryptionDecryption {
/**
* The program. The first argument must be -e, -d, or -g to encrypt,
* decrypt, or generate a key. The second argument is the name of a file
* from which the key is read or to which it is written for -g. The -e and
* -d arguments cause the program to read from standard input and encrypt or
* decrypt to standard output.
*/
private static final String UNICODE_FORMAT = "UTF8";
public static final String DESEDE_ENCRYPTION_SCHEME = "DES/ECB/NoPadding";
private KeySpec myKeySpec;
private SecretKeyFactory mySecretKeyFactory;
private Cipher cipher;
byte[] keyAsBytes;
private String myEncryptionKey;
private String myEncryptionScheme;
SecretKey key;
static String stringToEncrypt="";
public void setKey(String myKey) throws Exception
{
myEncryptionKey = myKey ;
myEncryptionScheme = DESEDE_ENCRYPTION_SCHEME;
keyAsBytes = myEncryptionKey.getBytes(UNICODE_FORMAT);
myKeySpec = new DESedeKeySpec(keyAsBytes);
mySecretKeyFactory = SecretKeyFactory.getInstance(myEncryptionScheme);
cipher = Cipher.getInstance(myEncryptionScheme);
key = mySecretKeyFactory.generateSecret(myKeySpec);
}
/**
* Method To Encrypt The String
*/
public String encrypt(String unencryptedString) {
String encryptedString = null;
try {
cipher.init(Cipher.ENCRYPT_MODE, key);
byte[] plainText = unencryptedString.getBytes(UNICODE_FORMAT);
byte[] encryptedText = cipher.doFinal(plainText);
BASE64Encoder base64encoder = new BASE64Encoder();
encryptedString = base64encoder.encode(encryptedText);
} catch (Exception e) {
e.printStackTrace();
}
return encryptedString;
}
/**
* Method To Decrypt An Ecrypted String
*/
public String decrypt(String encryptedString) {
String decryptedText=null;
try {
cipher.init(Cipher.DECRYPT_MODE, key);
BASE64Decoder base64decoder = new BASE64Decoder();
byte[] encryptedText = base64decoder.decodeBuffer(encryptedString);
byte[] plainText = cipher.doFinal(encryptedText);
decryptedText= bytes2String(plainText);
} catch (Exception e) {
e.printStackTrace();
}
return decryptedText;
}
/**
* Returns String From An Array Of Bytes
*/
private static String bytes2String(byte[] bytes) {
StringBuffer stringBuffer = new StringBuffer();
for (int i = 0; i < bytes.length; i++) {
stringBuffer.append((char) bytes[i]);
}
return stringBuffer.toString();
}
/**
* Testing The DESede Encryption And Decryption Technique
*/
public static void main(String args []) throws Exception
{
TripleDesEncryptionDecryption myEncryptor= new TripleDesEncryptionDecryption();
String encrypted=myEncryptor.encrypt(stringToEncrypt);
String decrypted=myEncryptor.decrypt(encrypted);
System.out.println("String To Encrypt: "+stringToEncrypt);
System.out.println("Encrypted Value :" + encrypted);
System.out.println("Decrypted Value :"+decrypted);
}
}
解决方案
There is a Java-class called SealedObject (doc) which exactly does what you want to achieve.
There is only one restriction for the Object to encrypt, it must be Serializable.
MyObject myObj = new MyObject(); // must be serializable
Cipher cipher;
/* initialize fully with IV, key and Cipher.ENCRYPT_MODE */
/* encrypt `myObj` */
SealedObject sealedObj = new SealedObject(myObj, cipher);
/* decrypt `sealedObj` */
MyObjct decryptedObj = (MyObject) sealedObj.get(key); // `key` = encryption-key
Basically this class does the serialization with ObjectOutputStream and ByteArrayOutputStream for you and automatically tracks the algorithm used for encryption.
这篇关于用三重加密加密完整对象的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!