Singleton Instance返回null

时间:2017-02-20 11:33:33

标签: java android encryption singleton

在我的应用程序中,我使用用户密码作为加密媒体的加密密钥。我正在使用PBEWithMD5AndDES加密媒体,这可以使用存储在共享首选项中的密码。现在为了达到一定程度的安全性,我将从共享首选项中删除密码,并使用仅在应用程序会话期间保持活动状态的单例(因为应用程序自动注销,需要输入密码)。以下是我的单身人士:

public class Credentials {

private static Credentials dataObject = null;

private Credentials() {
// left blank intentionally
}

public static Credentials getInstance() {
if (dataObject == null)
    dataObject = new Credentials();
return dataObject;
}

private char[] user_password;

public char[] getUser_password() {

return user_password;
}

 public void setUser_password(char[] user_password) {

this.user_password = user_password;
}
}

如果应用程序注销,或者用户注销或被销毁,密码将从内存中清零。但是有时我在尝试检索密码时会得到一个空指针。 

   char[] pswd = Credentials.getInstance().getUser_password();

可能导致这种情况的原因是什么?有没有其他方法我可以使用除了单身人士?

1 个答案:

答案 0 :(得分:-1)

或者,您可以使用内置的Sqlite数据库存储密码,但我仍然建议您保存加密以获得最大程度的保护。您可以分4个步骤完成此操作:

2)创建一个实体对象来存储密码:

public class Password {
    int password_id; // will be auto-increamted
    String password;

    public Password(int password_id, String password) {
        this.password_id = password_id;
        this.password = password;
    }
// getter/setters ...
}

2)创建一个Sqlite实用程序对象:

public class SQLiteDBAdapter {

    protected static final String DATABASE_NAME = "mydb";
    protected static final int DATABASE_VERSION = 1;

    protected Context context;
    protected static DatabaseHelper mDbHelper;

    public static final String TABLE_PASSWORD = "tbl_password";
    // columns
    public static final String PASSWORD_ID = "_id";
    public static final String PASSWORD = "password";
    // create table string
    private static final String CREATE_TABLE_PASSWORD =
            "CREATE TABLE if not exists " + TABLE_PASSWORD + " ( " +
                    PASSWORD_ID + " INTEGER PRIMARY KEY AUTOINCREMENT, " +
                    PASSWORD + " TEXT NOT NULL);";

    public SQLiteDBAdapter(Context context) {
      context = context.getApplicationContext();
    }

    public SQLiteDatabase openDb() {
      if (mDbHelper == null) {
          mDbHelper = new DatabaseHelper(mContext);
      }
      return mDbHelper.getWritableDatabase();
    }

    protected static class DatabaseHelper extends SQLiteOpenHelper {
      // -------------------------------------------------------------------------------------------
      public DatabaseHelper(Context context) {
          super(context, DATABASE_NAME, null, DATABASE_VERSION);
      }
      // -------------------------------------------------------------------------------------------
      @Override
      public void onCreate(SQLiteDatabase db) {
          db.execSQL(CREATE_TABLE_PASSWORD);
      }
      // -------------------------------------------------------------------------------------------
      @Override
      public void onUpgrade(SQLiteDatabase db, int oldVersion, int newVersion) {
          Log.w(TAG, "Upgrading database from version " + oldVersion + " to " +
                  newVersion + ", which will destroy all old data");
          db.execSQL("DROP TABLE IF EXISTS routes");
          onCreate(db);
      }
    }
}

3)扩展Sqlite对象以操作表(CRUD操作):

public class PasswordDbAdapter extends SQLiteDBAdapter {

    private SQLiteDatabase db;

    // these are column corresponding indices
    public static final int INDEX_PASSWORD_ID = 0;  // an auto-increment
    public static final int INDEX_PASSWORD = 1;

    public PasswordDbAdapter(Context context) {
        super(context);
    }

    public void addPassword(String password) {
        db = openDb();
        ContentValues values = new ContentValues();
        values.put(PASSWORD, password);
        db.insert(TABLE_PASSWORD, null, values);
    }

    public void updatePassword(String password) {
        db = openDb();
        ContentValues values = new ContentValues();
        values.put(PASSWORD, password);
        db.update(TABLE_PASSWORD, values, null);
    }

    public void deletePassword() {
        db = openDb();
        db.delete(TABLE_PASSWORD, null, null);
    }

    public boolean isEmpty() {
        db = openDb();
        boolean empty = true;
        Cursor cur = db.rawQuery("SELECT COUNT(*) FROM " + TABLE_PASSWORD, null);
        if (cur != null && cur.moveToFirst()) {
            empty = (cur.getInt (0) == 0);
        }
        cur.close();
        return empty;
    }

    public Password fetchPassword() {   // ok because there's only one password record
        db = openDb();
        Cursor cursor = db.query(TABLE_PASSWORD, new String[]{PASSWORD_ID, PASSWORD},
                null, null, null, null, null, null);
        if (cursor != null &&
            cursor.moveToFirst()) {
            return new Password(
                    cursor.getString(INDEX_PASSWORD_ID),
                    cursor.getInt(INDEX_PASSWORD));
        }
        return null;
    }
}

4)最后,根据需要保存/更新/检索密码:

public class MainActivity extends AppCompatActivity {
    private PasswordDbAdapter passwordDB; 
    @Override
    protected void onCreate(Bundle savedInstanceState) {
        ... 
        // initialize the password db
        passwordDB = new PasswordDbAdapter(this);

        // check if password record exists
        if (passwordDB.isEmpty() {
            // save a new copy
            passwordDB.addPassword("the_password"); // more secure if it is saved encrypted
        } else {
            // update it
            passwordDB.updatePassword("the_password");
        }

    }
    ...
    public String fetchPassword() {
        return passwordDB.fetchPassword();  // or first decrypt it, then return it
    }
}
相关问题
最新问题