java实现重要信息的加密解密(模拟信用卡号的保存)
package cn.felay.io;
import java.io.Externalizable;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.ObjectInput;
import java.io.ObjectInputStream;
import java.io.ObjectOutput;
import java.io.ObjectOutputStream;
import java.security.InvalidKeyException;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.spec.SecretKeySpec;
/**
* 自定义序列化对象信息(加密保存重要信息)
*
* @author felayman
* @timer 2014年6月10日 下午8:10:29
*/
public class ExternalizableDemo {
public static void main(String[] args) {
Customer customer;
try {
// 构造一个信用卡用户
customer = new Customer(1, "1234-5678-9876");
// 打印加密前的信用卡信息
System.out.println("before saving object:");
System.out.println("ID:" + customer.getId() + ",CC:"
+ customer.getCreditCard());
// 创建对象输出流,该流是给予文件输出流的,即该流的数据是从文件中获取的,下面两行代码表示创建一个写入到指定文件的对象输出流
ObjectOutputStream outStream = new ObjectOutputStream(
new FileOutputStream("src/res/customer.dat"));
// 将创建号的信用卡用户保存到customer.dat文件中
outStream.writeObject(customer);
outStream.close();// 关闭流
// 创建一个从指定文件读取内容的输入流
ObjectInputStream inputStream = new ObjectInputStream(
new FileInputStream("src/res/customer.dat"));
// 将读取的对象保存到
customer = (Customer) inputStream.readObject();
System.out.println("after retreieving object");// 输出解密后的对象信息
System.out.println("ID:" + customer.getId() + ",CC:"
+ customer.getCreditCard());
inputStream.close();
} catch (IOException e) {
e.printStackTrace();
} catch (ClassNotFoundException e) {
e.printStackTrace();
}
}
}
class Customer implements Externalizable {
private int id; // ID号
private String creditCard; // 信用卡号
private static Cipher cipher; // 加密和解密
private static SecretKeySpec secretKeySpec; // 密钥
public Customer() {
this.id = 0;
this.creditCard = "";
}
// 该实例保存用户的id号和信用卡号
public Customer(int id, String creditCard) {
this.id = id;
this.creditCard = creditCard;
}
static {
try {
createCipher(); // 创建一个加密解密机
} catch (Exception e) {
e.printStackTrace();
System.out.println("加密过程出现错误");
System.exit(1);
}
}
public int getId() {
return this.id;
}
private static void createCipher() throws Exception {
KeyGenerator kgen = KeyGenerator.getInstance("AES");// Rijndael加密算法
kgen.init(128); // 指定生成的密钥长度为128位
SecretKeySpec skey = (SecretKeySpec) kgen.generateKey();// 根据Rijndael加密算法生成一个密钥,并将密钥以字节数组方式保存到SecretKeySpec对象中
byte[] raw = skey.getEncoded();// 将生成的密钥保存到字节数组中
secretKeySpec = new SecretKeySpec(raw, "AES");// 密钥转换,将上述的密钥保存到Customer类的属性中,防止失效
cipher = Cipher.getInstance("AES");// 将算法密钥保存到该对象中以实现解密功能
}
public String getCreditCard() {
return this.creditCard;
}
public static Cipher getCipher() {
return cipher;
}
public static SecretKeySpec getSecretKeySpec() {
return secretKeySpec;
}
// 保存密钥
@Override
public void writeExternal(ObjectOutput out) throws IOException {
try {
out.write(this.id);
this.encript();
out.writeUTF(this.creditCard);
System.out.println("after encryption:");// 加密后
System.out.println("id:" + this.id + ",CC:" + this.creditCard);
} catch (InvalidKeyException | IllegalBlockSizeException
| BadPaddingException e) {
e.printStackTrace();
}
}
// 读取密钥
@Override
public void readExternal(ObjectInput in) throws IOException,
ClassNotFoundException {
this.id = in.read();
String str = in.readUTF();
this.decrypt(str);
}
// 加密
private void encript() throws InvalidKeyException,
IllegalBlockSizeException, BadPaddingException {
cipher.init(Cipher.ENCRYPT_MODE, secretKeySpec);
byte[] buff = cipher.doFinal(this.creditCard.getBytes());
this.creditCard = new String(buff);
}
// 解密
private void decrypt(String str) {
try {
cipher.init(Cipher.DECRYPT_MODE, secretKeySpec);
byte[] buff = cipher.doFinal(str.getBytes());
this.creditCard = new String(buff);
} catch (InvalidKeyException | IllegalBlockSizeException
| BadPaddingException e) {
e.printStackTrace();
}
}
}