【发布时间】:2014-12-11 17:16:08
【问题描述】:
当我想读取使用 CipherOutputStream 写入的文件时,我得到了 StreamCorruptedExecution。该文件创建良好。 这是代码,崩溃发生在最后一行:
file = new File("/sdcard/test.txt");
SecretKey key64 = new SecretKeySpec( new byte[] { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 }, "Blowfish" );
Cipher cipher = Cipher.getInstance( "Blowfish" );
//Code to write your object to file
cipher.init( Cipher.ENCRYPT_MODE, key64 );
SealedObject sealedObject = new SealedObject( (Serializable) "TEST", cipher);
CipherOutputStream cipherOutputStream = new CipherOutputStream( new BufferedOutputStream( new FileOutputStream( file ) ), cipher );
ObjectOutputStream outputStream = new ObjectOutputStream( cipherOutputStream );
outputStream.writeObject( sealedObject );
outputStream.flush();
outputStream.close();
//now try to read it again
CipherInputStream cipherInputStream = new CipherInputStream( new BufferedInputStream( new FileInputStream( file ) ), cipher );
ObjectInputStream inputStream = new ObjectInputStream( cipherInputStream ); //<== this line crashes with StreamCorruptedExecution
【问题讨论】:
-
请注意,您可能默认使用 ECB 模式(仅使用
"Blowfish"作为Cipher的算法),这是不安全的。 Blowfish 又老又慢,现在推荐使用 AES。
标签: java android encryption objectinputstream