我试图创建一个协议,让客户端向服务器发送它的登录名。在此之后,服务器从服务器获取客户端密码并从中创建密钥。客户端根据输入的密码创建密钥。这样我就试图获得安全的连接。
然而,在发送用户名,获取密码等之后,我试图从cypherstream创建一个新的objectinputstream来读取数据,但它阻止了。即使在查看了许多其他类似的问题之后,我也找不到让它运转的方法。
了Serverside
private void switchToChipherStreams(String username) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IOException {
byte key[] = dbMediator.getPasswordCypher(username);
SecretKey key64 = new SecretKeySpec(key, "Blowfish");
Cipher cipher = Cipher.getInstance("Blowfish");
cipher.init(Cipher.ENCRYPT_MODE, key64);
try {
Thread.sleep(1000);
} catch (InterruptedException ex) {
Logger.getLogger(Connection.class.getName()).log(Level.SEVERE, null, ex);
}
out = new ObjectOutputStream(new CipherOutputStream(socket.getOutputStream(), cipher));
out.reset();
out.flush();
out.writeObject("switch");
in = new ObjectInputStream(new CipherInputStream(socket.getInputStream(), cipher));
}
客户端
private void switchToChipherStreams(String password) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IOException {
//Generate key
byte[] key = new byte[8];
for (int i = 0; i < 8; i++) {
if (password.length() > i) {
key[i] = password.getBytes()[i];
} else {
key[i] = (byte) i;
}
}
//Setup cipher streams
SecretKey key64 = new SecretKeySpec(key, "Blowfish");
Cipher cipher = Cipher.getInstance("Blowfish");
cipher.init(Cipher.ENCRYPT_MODE, key64);
in = new ObjectInputStream(new CipherInputStream(socket.getInputStream(), cipher));
out = new ObjectOutputStream(new CipherOutputStream(socket.getOutputStream(), cipher));
out.reset();
out.flush();
out.writeObject("switch");
}
目前它正在翻一个例外(无效的标题),因为我试图发送数据,但如果我不是它只是阻止。
有人可以告诉我这里我做错了什么,或者它是否有可能改为加密对象输入流。
亲切的问候,
朱尔
修改
更改密码以加密和解密输入和输出流,新代码:
了Serverside
byte key[] = dbMediator.getPasswordCypher(username);
SecretKey key64 = new SecretKeySpec(key, "Blowfish");
Cipher cipheren = Cipher.getInstance("Blowfish");
cipheren.init(Cipher.ENCRYPT_MODE, key64);
Cipher cipherde = Cipher.getInstance("Blowfish");
cipheren.init(Cipher.DECRYPT_MODE, key64);
out = new ObjectOutputStream(new CipherOutputStream(socket.getOutputStream(), cipheren));
out.reset();
out.flush();
out.writeObject("switch");
in = new ObjectInputStream(new CipherInputStream(socket.getInputStream(), cipherde));
客户端
//Generate key
byte[] key = new byte[8];
for (int i = 0; i < 8; i++) {
if (password.length() > i) {
key[i] = password.getBytes()[i];
} else {
key[i] = (byte) i;
}
}
//Setup cipher streams
SecretKey key64 = new SecretKeySpec(key, "Blowfish");
Cipher cipheren = Cipher.getInstance("Blowfish");
cipheren.init(Cipher.ENCRYPT_MODE, key64);
Cipher cipherde = Cipher.getInstance("Blowfish");
cipheren.init(Cipher.DECRYPT_MODE, key64);
out = new ObjectOutputStream(new CipherOutputStream(socket.getOutputStream(), cipheren));
out.reset();
out.flush();
out.writeObject("switch");
in = new ObjectInputStream(new CipherInputStream(socket.getInputStream(), cipherde));
现在无效的头部问题已经解决,但是当调用objectinputstream构造函数时,它会冻结客户端和服务器。
答案 0 :(得分:1)
您无法从同一个Cipher对象创建密码输入和输出流。您需要两个Cipher对象,一个处于DECRYPT模式,另一个处于ENCRYPT模式。
在两端的ObjectOutputStream之前创建并刷新ObjectInputStream。