用triple des加密完整对象

我需要加密一个完整的java对象。 我有一个我在互联网上看到的代码,它显示了如何加密和解密文本而不是java对象。 所以我很困惑这是否可以加密完整的java对象。 我正在使用的代码如下。

package security; import java.security.spec.KeySpec; import javax.crypto.Cipher; import javax.crypto.SecretKey; import javax.crypto.SecretKeyFactory; import javax.crypto.spec.DESedeKeySpec; import sun.misc.BASE64Decoder; import sun.misc.BASE64Encoder; /** * This class defines methods for encrypting and decrypting using the Triple DES * algorithm and for generating, reading and writing Triple DES keys. It also * defines a main() method that allows these methods to be used from the command * line. */ public class TripleDesEncryptionDecryption { /** * The program. The first argument must be -e, -d, or -g to encrypt, * decrypt, or generate a key. The second argument is the name of a file * from which the key is read or to which it is written for -g. The -e and * -d arguments cause the program to read from standard input and encrypt or * decrypt to standard output. */ private static final String UNICODE_FORMAT = "UTF8"; public static final String DESEDE_ENCRYPTION_SCHEME = "DES/ECB/NoPadding"; private KeySpec myKeySpec; private SecretKeyFactory mySecretKeyFactory; private Cipher cipher; byte[] keyAsBytes; private String myEncryptionKey; private String myEncryptionScheme; SecretKey key; static String stringToEncrypt=""; public void setKey(String myKey) throws Exception { myEncryptionKey = myKey ; myEncryptionScheme = DESEDE_ENCRYPTION_SCHEME; keyAsBytes = myEncryptionKey.getBytes(UNICODE_FORMAT); myKeySpec = new DESedeKeySpec(keyAsBytes); mySecretKeyFactory = SecretKeyFactory.getInstance(myEncryptionScheme); cipher = Cipher.getInstance(myEncryptionScheme); key = mySecretKeyFactory.generateSecret(myKeySpec); } /** * Method To Encrypt The String */ public String encrypt(String unencryptedString) { String encryptedString = null; try { cipher.init(Cipher.ENCRYPT_MODE, key); byte[] plainText = unencryptedString.getBytes(UNICODE_FORMAT); byte[] encryptedText = cipher.doFinal(plainText); BASE64Encoder base64encoder = new BASE64Encoder(); encryptedString = base64encoder.encode(encryptedText); } catch (Exception e) { e.printStackTrace(); } return encryptedString; } /** * Method To Decrypt An Ecrypted String */ public String decrypt(String encryptedString) { String decryptedText=null; try { cipher.init(Cipher.DECRYPT_MODE, key); BASE64Decoder base64decoder = new BASE64Decoder(); byte[] encryptedText = base64decoder.decodeBuffer(encryptedString); byte[] plainText = cipher.doFinal(encryptedText); decryptedText= bytes2String(plainText); } catch (Exception e) { e.printStackTrace(); } return decryptedText; } /** * Returns String From An Array Of Bytes */ private static String bytes2String(byte[] bytes) { StringBuffer stringBuffer = new StringBuffer(); for (int i = 0; i < bytes.length; i++) { stringBuffer.append((char) bytes[i]); } return stringBuffer.toString(); } /** * Testing The DESede Encryption And Decryption Technique */ public static void main(String args []) throws Exception { TripleDesEncryptionDecryption myEncryptor= new TripleDesEncryptionDecryption(); String encrypted=myEncryptor.encrypt(stringToEncrypt); String decrypted=myEncryptor.decrypt(encrypted); System.out.println("String To Encrypt: "+stringToEncrypt); System.out.println("Encrypted Value :" + encrypted); System.out.println("Decrypted Value :"+decrypted); } } 

有一个名为SealedObject ( doc )的Java类,它完全符合您的要求。

该类使程序员能够使用加密算法创建对象并保护其机密性。

对象只有一个加密限制,它必须是Serializable

 MyObject myObj = new MyObject(); // must be serializable Cipher cipher; /* initialize fully with IV, key and Cipher.ENCRYPT_MODE */ /* encrypt `myObj` */ SealedObject sealedObj = new SealedObject(myObj, cipher); /* decrypt `sealedObj` */ MyObjct decryptedObj = (MyObject) sealedObj.get(key); // `key` = encryption-key 

基本上,这个类为您执行ObjectOutputStreamByteArrayOutputStream的序列化,并自动跟踪用于加密的算法。

您可以加密字节。 文本是字节,您可以将Java对象序列化为字节,因此从技术上讲它是可能的(例如,将ObjectOutputStream连接到ByteArrayOutputStream )。

然而,这听起来很奇怪,为什么你认为你需要加密一个对象,而不是对象内部的基本数据?