import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.io.Serializable;
import java.security.AlgorithmParameters;
import java.security.MessageDigest;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.KeySpec;
import java.util.Date;
import javax.crypto.Cipher;
import javax.crypto.SealedObject;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;
import com.yoursite.bean.UserInfo;
public class SerializationUtil {
static String algorithm = "AES";
static Cipher encrypter = null, decrypter = null;
static {
setupCrypt();
}
/**
* @param args
*/
public static void main(String[] args) throws Exception {
UserInfo customer = new UserInfo("河蟹", "xxx@gmail", new Date(0));
File file = new File("D:\\instance.obj");
serialization(file,customer);
customer = (UserInfo)deserialization(file);
System.out.println(customer);
}
// 反序列化对象
public static Object deserialization(File file) throws Exception {
ObjectInputStream in = null;
SealedObject sealed = null;
Object object = null;
try {
in = new ObjectInputStream(new FileInputStream(file));
sealed = (SealedObject) in.readObject();
object = sealed.getObject(decrypter);
} catch (Exception e) {
throw e;
} finally {
if (in != null)
in.close();
}
return object;
}
// 序列化对象
@SuppressWarnings("unused")
public static void serialization(File file,Object object) throws Exception {
ObjectOutputStream out = null;
SealedObject sealed = null;
try {
out = new ObjectOutputStream(new FileOutputStream(file));
sealed = new SealedObject((Serializable) object, encrypter);
out.writeObject(sealed);
} catch (Exception e) {
throw e;
} finally {
if (out != null)
out.close();
}
}
private static byte[] getMD5(String input) {
try {
byte[] bytesOfMessage = input.getBytes("UTF-8");
MessageDigest md = MessageDigest.getInstance("MD5");
return md.digest(bytesOfMessage);
} catch (Exception e) {
return null;
}
}
@SuppressWarnings("unused")
private static void setupCrypt() {
String key ="helloworld";
SecretKeySpec skey = new SecretKeySpec(getMD5(key), algorithm);
// Create an 8-byte initialization vector
byte[] iv = new byte[] { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06,
0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f };
AlgorithmParameterSpec paramSpec = new IvParameterSpec(iv);
try {
encrypter = Cipher.getInstance("AES/CBC/PKCS5Padding");
decrypter = Cipher.getInstance("AES/CBC/PKCS5Padding");
// CBC requires an initialization vector
encrypter.init(Cipher.ENCRYPT_MODE, skey, paramSpec);
decrypter.init(Cipher.DECRYPT_MODE, skey, paramSpec);
} catch (Exception e) {
e.printStackTrace();
}
}
@SuppressWarnings("unused")
private static void setupCrypt2() {
//key需要128
String key = "81865011520190145659841015258206940634698416000116687963543955828649380740817034326700266554532335762191268533799481074944660845";
char[] password = key.toCharArray();
byte[] salt = "123456".getBytes();
SecretKeyFactory factory = null;
SecretKey tmp = null;
KeySpec spec = new PBEKeySpec(password, salt, 1024, 128);
try {
factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
tmp = factory.generateSecret(spec);
} catch (Exception e) {
e.printStackTrace();
}
SecretKey secret = new SecretKeySpec(tmp.getEncoded(), algorithm);
try {
encrypter = Cipher.getInstance("AES/CBC/PKCS5Padding");
encrypter.init(Cipher.ENCRYPT_MODE, secret);
AlgorithmParameters params = encrypter.getParameters();
byte[] iv = params.getParameterSpec(IvParameterSpec.class).getIV();
decrypter = Cipher.getInstance("AES/CBC/PKCS5Padding");
decrypter.init(Cipher.DECRYPT_MODE, secret, new IvParameterSpec(iv));
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
@SuppressWarnings("unused")
private static void setupCrypt3() {
//16位
String key = "0123456789123456";
SecretKeySpec skeySpec = new SecretKeySpec(key.getBytes(), algorithm);
try {
encrypter = Cipher.getInstance(algorithm);
encrypter.init(Cipher.ENCRYPT_MODE, skeySpec);
decrypter = Cipher.getInstance(algorithm);
decrypter.init(Cipher.DECRYPT_MODE, skeySpec);
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
}
一些有用链接
http://stackoverflow.com/questions/992019/java-256bit-aes-encryption/992413#992413
http://www.ibm.com/developerworks/cn/java/j-5things1/?ca=drs-cn-0504