在 Java 应用程序中保护敏感数据的标准实施规程
原文:https://www . geesforgeks . org/standard-practice-for-protection-in-Java-data-application/
我们可以使用加密技术来保存我们的数据。加密是将信息转换成隐藏信息真实含义的密码的方法。加密和解密信息的科学称为密码学。在计算中,未加密的数据也称为明文,加密的数据称为密文。用于编码和解码消息的公式称为加密算法或密码。
简而言之,让我们浏览一下要点,以便更好地理解在 Java 应用程序中保护敏感数据的标准做法。
- 加密是一种对数据进行加扰的方式,以便只有授权方才能理解信息。用专业术语来说,就是把人类可读的明文转换成不可理解的密文的过程。
- 解密是将编码或加密的文本或其他数据转换回文本,以便您和计算机能够理解。
- 密码,任何转换信息以隐藏其含义的方法。该术语也用作密文或密码的同义词,指信息的加密形式。
- 安全随机类提供了一个强密码随机数生成器。密码强随机数至少符合 FIPS 140-2《密码模块的安全要求》中规定的统计随机数发生器测试。
示例: SecureRandom 类用于通过使用 PRNG 算法生成密码性强的伪随机数。以下是使用安全文档相对于随机文档的优势。1.SecureRandom 产生一个加密性很强的伪随机数生成器。2.SecureRandom 生成加密性强的序列,如 RFC 1750:安全性的随机性建议中所述
现在让我们来看看 SecureRandom 类的重要方法
1。 generateSeed()方法 返回给定数量的种子,使用种子代计算。
语法:
generateSeed()
返回类型:字节数组(返回给定数量的种子,使用种子生成进行计算)。
2 。 设定种子()方法 r 设定随机对象
返回类型:无效
示例:
Java 语言(一种计算机语言,尤用于创建网站)
// Java Program Demonstrating How Can We Get Secured
// Random Numbers from SecureRandom class
// Importing required classes
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
// Main class
class GFG {
// Main driver method
public static void main(String[] args)
{
// Try block to check for exceptions
try {
// Initialize a secure random number generator
SecureRandom secureRandom
= SecureRandom.getInstance("SHA1PRNG");
// Method 1
// Calling nextBytes method to generate Random
// Bytes
byte[] bytes = new byte[512];
secureRandom.nextBytes(bytes);
// Printing the SecureRandom number by
// calling secureRandom.nextDouble()
System.out.println(
" Secure Random # generated by calling nextBytes() is "
+ secureRandom.nextDouble());
// Method 2
// Using setSeed(byte[]) to reseed a Random
// object
int seedByteCount = 10;
byte[] seed
= secureRandom.generateSeed(seedByteCount);
secureRandom.setSeed(seed);
System.out.println(
" Secure Random # generated using setSeed(byte[]) is "
+ secureRandom.nextDouble());
}
// Catch block to handle the exceptions
catch (NoSuchAlgorithmException noSuchAlgo) {
// Display message if it occurs
System.out.println(" No Such Algorithm exists "
+ noSuchAlgo);
}
}
}
输出:
Secure Random # generated by calling nextBytes() is 0.8849167225465367
Secure Random # generated using setSeed(byte[]) is 0.7542495384908446
AES 加密
AES-128 使用 128 位密钥长度来加密和解密消息块,而 AES -192 使用 192 位密钥长度,AES-256 使用 256 位密钥长度来加密和解密消息。每个密码分别使用 128、192 和 256 位的密钥对 128 位的数据块进行加密和解密。对称密码也称为秘密密钥,密码使用相同的密钥进行加密和解密,因此发送方和接收方必须知道并使用相同的秘密密钥。
例
Java 语言(一种计算机语言,尤用于创建网站)
// Java Program to Illustrate AES Encryption
// Importing required classes
import java.io.*;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.SecretKeySpec;
// Main class
class GFG {
// Encryption function
// function 1
public static void encryptEcb(String filenamePlain,
String filenameEnc,
byte[] key)
throws IOException, NoSuchAlgorithmException,
NoSuchPaddingException, InvalidKeyException,
IllegalBlockSizeException,
BadPaddingException
{
// Creating cipher instance OF AES encryption
Cipher cipher
= Cipher.getInstance("AES/ECB/PKCS5PADDING");
// Specifying the algorithm
SecretKeySpec secretKeySpec
= new SecretKeySpec(key, "AES");
cipher.init(Cipher.ENCRYPT_MODE, secretKeySpec);
// Try block to check for exceptions
try (FileInputStream fis
= new FileInputStream(filenamePlain);
// Creating objects of BufferedInputStream,
// FileOutputStream and BufferedOutputStream
BufferedInputStream inputstream
= new BufferedInputStream(fis);
FileOutputStream outputstream
= new FileOutputStream(filenameEnc);
BufferedOutputStream bufferedOutputStream
= new BufferedOutputStream(outputstream)) {
// Defining the buffer
byte[] ibufffer = new byte[1024];
int length;
// Reading while read buffer has data
while ((length = inputstream.read(ibufffer))
!= -1) {
// Creating cipher with buffer
byte[] obuffer
= cipher.update(ibufffer, 0, length);
if (obuffer != null)
// Writing encrypted text to buffer
bufferedOutputStream.write(obuffer);
}
byte[] obuffer = cipher.doFinal();
if (obuffer != null)
bufferedOutputStream.write(obuffer);
}
}
// Method 3
// Decryption method
public static void decryptEcb(String filenameEnc,
String filenameDec,
byte[] key)
throws IOException, NoSuchAlgorithmException,
NoSuchPaddingException, InvalidKeyException,
IllegalBlockSizeException,
BadPaddingException
{
// Try block to check for exceptions
try (FileInputStream inputStream
= new FileInputStream(filenameEnc);
FileOutputStream outputStream
= new FileOutputStream(filenameDec)) {
// Defining buffer
byte[] ibuffer = new byte[1024];
int length;
// Creating cipher instance OF AES decryption
Cipher cipher = Cipher.getInstance(
"AES/ECB/PKCS5PADDING");
SecretKeySpec secretKeySpec
= new SecretKeySpec(key, "AES");
cipher.init(Cipher.DECRYPT_MODE, secretKeySpec);
// While input stream not empty
while ((length = inputStream.read(ibuffer))
!= -1) {
// Reading into the buffer
byte[] obuffer
= cipher.update(ibuffer, 0, length);
if (obuffer != null)
// Now writing to output buffer
outputStream.write(obuffer);
}
byte[] obuffer = cipher.doFinal();
if (obuffer != null)
outputStream.write(obuffer);
}
}
// Method 3
// Main driver method
public static void main(String[] args)
throws IOException, NoSuchPaddingException,
NoSuchAlgorithmException, BadPaddingException
,
IllegalBlockSizeException,
InvalidKeyException
{
// Display message
System.out.println("/****AES Encryption*******/");
// Placing the PDF path
String pFileName
= "/home/aniket/IdeaProjects/Gfg Programs/MAD FINAL.pdf";
String cFileName = "your pdf.enc";
// Placing the PDF name
String decFileName = "your pdf.pdf";
// Creating cipher key 56 bit key length
byte[] cipher_key
= "12345678901234561234567890123456".getBytes(
"UTF-8");
encryptEcb(pFileName, cFileName, cipher_key);
decryptEcb(cFileName, decFileName, cipher_key);
// Print and display the file credentials
System.out.println(
"file of encryption: " + pFileName + "\n"
+ "created encrypted file : " + cFileName
+ "\n"
+ "created decrypted file : " + decFileName);
}
}
输出:
/****AES Encryption*******/
file of encryption: MAD FINAL.pdf
created encrypted file : MAD FINAL.enc
created decrypted file : MAD FINAL.pdf
版权属于:月萌API www.moonapi.com,转载请注明出处
