当我尝试读取和解密先前已经序列化并加密并保存到文件的arraylist时,我收到以下错误。我无法弄清楚为什么它说数据已被破坏。
java.io.StreamCorruptedException: invalid stream header: EFBEACEF
at java.io.ObjectInputStream.readStreamHeader(ObjectInputStream.java:806)
at java.io.ObjectInputStream.<init>(ObjectInputStream.java:299)
at amnesty.FileHandling.fileOpen(FileHandling.java:65)
at amnesty.ViewCampaignEvents.open(ViewCampaignEvents.java:183)
at amnesty.MainWindow.valueChanged(MainWindow.java:147)
at javax.swing.JTree.fireValueChanged(JTree.java:2926)
at javax.swing.JTree$TreeSelectionRedirector.valueChanged(JTree.java:3387)
at javax.swing.tree.DefaultTreeSelectionModel.fireValueChanged(DefaultTreeSelectionModel.java:635)
at javax.swing.tree.DefaultTreeSelectionModel.notifyPathChange(DefaultTreeSelectionModel.java:1093)
at javax.swing.tree.DefaultTreeSelectionModel.setSelectionPaths(DefaultTreeSelectionModel.java:294)
at javax.swing.tree.DefaultTreeSelectionModel.setSelectionPath(DefaultTreeSelectionModel.java:188)
at javax.swing.JTree.setSelectionPath(JTree.java:1633)
at javax.swing.plaf.basic.BasicTreeUI.selectPathForEvent(BasicTreeUI.java:2393)
at javax.swing.plaf.basic.BasicTreeUI$Handler.handleSelection(BasicTreeUI.java:3609)
at javax.swing.plaf.basic.BasicTreeUI$Handler.mousePressed(BasicTreeUI.java:3548)
at java.awt.Component.processMouseEvent(Component.java:6522)
at javax.swing.JComponent.processMouseEvent(JComponent.java:3321)
at java.awt.Component.processEvent(Component.java:6290)
at java.awt.Container.processEvent(Container.java:2234)
at java.awt.Component.dispatchEventImpl(Component.java:4881)
at java.awt.Container.dispatchEventImpl(Container.java:2292)
at java.awt.Component.dispatchEvent(Component.java:4703)
at java.awt.LightweightDispatcher.retargetMouseEvent(Container.java:4898)
at java.awt.LightweightDispatcher.processMouseEvent(Container.java:4530)
at java.awt.LightweightDispatcher.dispatchEvent(Container.java:4462)
at java.awt.Container.dispatchEventImpl(Container.java:2278)
at java.awt.Window.dispatchEventImpl(Window.java:2739)
at java.awt.Component.dispatchEvent(Component.java:4703)
at java.awt.EventQueue.dispatchEventImpl(EventQueue.java:746)
at java.awt.EventQueue.access$400(EventQueue.java:97)
at java.awt.EventQueue$3.run(EventQueue.java:697)
at java.awt.EventQueue$3.run(EventQueue.java:691)
at java.security.AccessController.doPrivileged(Native Method)
at java.security.ProtectionDomain$1.doIntersectionPrivilege(ProtectionDomain.java:75)
at java.security.ProtectionDomain$1.doIntersectionPrivilege(ProtectionDomain.java:86)
at java.awt.EventQueue$4.run(EventQueue.java:719)
at java.awt.EventQueue$4.run(EventQueue.java:717)
at java.security.AccessController.doPrivileged(Native Method)
at java.security.ProtectionDomain$1.doIntersectionPrivilege(ProtectionDomain.java:75)
at java.awt.EventQueue.dispatchEvent(EventQueue.java:716)
at java.awt.EventDispatchThread.pumpOneEventForFilters(EventDispatchThread.java:201)
at java.awt.EventDispatchThread.pumpEventsForFilter(EventDispatchThread.java:116)
at java.awt.EventDispatchThread.pumpEventsForHierarchy(EventDispatchThread.java:105)
at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:101)
at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:93)
at java.awt.EventDispatchThread.run(EventDispatchThread.java:82)
错误发生在下面的fileOpen方法中,fileClose方法是保存文件的方法。
public static ArrayList<FileHandling> fileOpen(String fileName) {
ArrayList<FileHandling> recordsArray = new ArrayList<FileHandling>();
char fileType = getFileType(fileName);
try {
String fileContents = "";
FileReader text = new FileReader(fileName);
int inByte;
inByte = text.read();
while (inByte != -1) {
fileContents += (char)inByte;
inByte = text.read();
}
text.close();
fileContents = SecurityMethods.decrypt(fileContents, getFileType(fileName));
InputStream fileStream = new ByteArrayInputStream(fileContents.getBytes());
if (fileStream.available() > 0) {
ObjectInputStream objStream = new ObjectInputStream(fileStream); //error occurs on this line
recordsArray = (ArrayList<FileHandling>) objStream.readObject();
objStream.close();
}
fileStream.close();
} catch (IOException | ClassNotFoundException e) {
e.printStackTrace();
}
return recordsArray;
}
public static void fileClose(ArrayList<FileHandling> records, String fileName) {
try {
OutputStream fileStream = new ByteArrayOutputStream();
ObjectOutputStream objStream = new ObjectOutputStream(fileStream);
objStream.writeObject(records);
objStream.flush();
fileStream.flush();
FileOutputStream fileOutputStream = (new FileOutputStream(fileName));
byte[] plainTextBytes = ((ByteArrayOutputStream)fileStream).toByteArray();
String plainText = "";
for (int i = 0; i < plainTextBytes.length; i++) {
plainText += (char)plainTextBytes[i];
}
fileOutputStream.write(SecurityMethods.encrypt(plainText, getFileType(fileName)).getBytes());
fileOutputStream.flush();
fileOutputStream.close();
fileStream.close();
objStream.close();
} catch (IOException e) {
e.printStackTrace();
}
}
加密和解密方法如下
public static String encrypt(String plainText, Character fileType) {
String encryptedString = "";
if (!isValidFile(fileType))
throw new IllegalArgumentException("Invalid fileType.");
else
try {
Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
SecretKeySpec secretKey = new SecretKeySpec(keys.get(fileType), "AES");
cipher.init(Cipher.ENCRYPT_MODE, secretKey);
encryptedString = Base64.encode(cipher.doFinal((plainText).getBytes()));
} catch (Exception e) {
e.printStackTrace();
}
return encryptedString;
}
private static boolean isValidFile(Character type) {
return (type == CAMPAIGN || type == EVENT || type == TRANSACTION || type == ACCOUNT || type == EXEC || type == PASSWORD);
}
public static String decrypt(String cipherText, Character fileType) {
String decryptedString = "";
if (!isValidFile(fileType))
throw new IllegalArgumentException("Invalid fileType.");
else
try {
com.sun.org.apache.xml.internal.security.Init.init();
Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5PADDING");
SecretKeySpec secretKey = new SecretKeySpec(keys.get(fileType), "AES");
cipher.init(Cipher.DECRYPT_MODE, secretKey);
decryptedString = new String(cipher.doFinal(Base64.decode(cipherText)));
} catch (Exception e) {
e.printStackTrace();
}
return decryptedString;
}
由于
答案 0 :(得分:3)
您正在将records序列化为ByteArrayOutputStream。结果:二进制数据。
然后您将字节转换为char ????你不能这样做。
您应该直接加密byte[],而不在其间进行任何奇怪的字符串转换。
创建以下两种方法:
class SecurityMethods {
String encryptBytes(byte[] data, Character fileType)
byte[] decryptBytes(String cipherText, Character fileType)
}
如果您还需要在其他地方加密/解密字符串,那么您可以使用以下两种方法包装它们:
String encryptString(String text, Character fileType) {
return encryptBytes(text.getBytes(StandardCharsets.UTF_8), fileType);
}
String decryptString(String cipherText, Character fileType) {
return new String(decryptBytes(cipherText, fileType), StandardCharsets.UTF_8);
}
哎呀,你甚至可以为序列化创建可重复使用的助手:
String encryptObject(Serializable obj, Character fileType) {
// serialize here
return encryptBytes(bytes, fileType);
}
Serializable decryptObject(String cipherText, Character fileType) {
byte[] bytes = decryptBytes(cipherText, fileType);
// deserialize here
}