android 上的加密对象序列化,无法从文件加载
encrypted object serialization on android, cannot load from file
首先。以前没在这里发过,如有违规请见谅!
我正在尝试为 android 制作一个应用程序,它序列化 class 的密封对象,其中包含一个文件数组(有点像加密卷)。
我已成功创建文件,但出于某种原因无法从中加载数据。不确定 android 序列化与常规桌面应用程序有何不同,每次我 google 如何做到这一点时,我都会获得指向几年前帖子的链接。
在应用程序启动时,我 运行 检查文件是否存在,如果不存在,则创建它。注意:这部分非常粗略,因为它是为了快速测试应用程序本身,将来会改变它。这是它的样子:
if (!Files.exists(Paths.get("android.resource://" + getPackageName() + "/vault.vlt")))
创建文件:
final Cipher cipher = generateCipher();
final FileOutputStream fileOutputStream = openFileOutput("vault.vlt",
MODE_PRIVATE);
final CipherOutputStream cipherOutputStream = new CipherOutputStream(fileOutputStream, cipher);
final ObjectOutputStream objectOutputStream = new ObjectOutputStream(cipherOutputStream);
objectOutputStream.writeObject(Core.getVault());
objectOutputStream.close();
Toast.makeText(this,"Saved",Toast.LENGTH_SHORT).show();
加载文件:
final Cipher cipher = generateCipher();
final FileInputStream fileInputStream = openFileInput("vault.vlt");
final CipherInputStream cipherInputStream = new CipherInputStream(fileInputStream, cipher);
final ObjectInputStream objectInputStream = new ObjectInputStream(cipherInputStream);
Core.setVault((Vault) objectInputStream.readObject());
objectInputStream.close();
Toast.makeText(this,Core.getVault().apples,Toast.LENGTH_SHORT).show();
这就是我使用 Guava 生成密码的方法:
// key size
final byte keySize = 32; // 256
// Hashing
final String hash =
Hashing.sha256()
.hashString(Core.getVault().getPassword(), Charsets.UTF_8)
.toString().substring(0, keySize);
// Creating keys
final byte[] key = hash.getBytes();
final String transformation = "AES";
final SecretKeySpec secretKeySpec = new SecretKeySpec(key, transformation);
// Creating cipher
@SuppressLint("GetInstance") final Cipher cipher = Cipher.getInstance(transformation);
cipher.init(Cipher.ENCRYPT_MODE, secretKeySpec);
return cipher;
这是我的错误堆栈跟踪:
W/System.err: java.io.StreamCorruptedException: invalid stream header: 02FD0D3D
at java.io.ObjectInputStream.readStreamHeader(ObjectInputStream.java:808)
at java.io.ObjectInputStream.<init>(ObjectInputStream.java:302)
at theredspy15.vault115.EntranceActivity.loadVault(EntranceActivity.java:70)
at theredspy15.vault115.EntranceActivity.enter(EntranceActivity.java:41)
at java.lang.reflect.Method.invoke(Native Method)
at android.support.v7.app.AppCompatViewInflater$DeclaredOnClickListener.onClick(AppCompatViewInflater.java:288)
at android.view.View.performClick(View.java:6256)
at android.view.View$PerformClick.run(View.java:24701)
at android.os.Handler.handleCallback(Handler.java:789)
at android.os.Handler.dispatchMessage(Handler.java:98)
at android.os.Looper.loop(Looper.java:164)
W/System.err: at android.app.ActivityThread.main(ActivityThread.java:6541)
at java.lang.reflect.Method.invoke(Native Method)
at com.android.internal.os.Zygote$MethodAndArgsCaller.run(Zygote.java:240)
at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:767)
读取文件时需要将Cipher放入DECRYPT_MODE。
首先。以前没在这里发过,如有违规请见谅!
我正在尝试为 android 制作一个应用程序,它序列化 class 的密封对象,其中包含一个文件数组(有点像加密卷)。
我已成功创建文件,但出于某种原因无法从中加载数据。不确定 android 序列化与常规桌面应用程序有何不同,每次我 google 如何做到这一点时,我都会获得指向几年前帖子的链接。
在应用程序启动时,我 运行 检查文件是否存在,如果不存在,则创建它。注意:这部分非常粗略,因为它是为了快速测试应用程序本身,将来会改变它。这是它的样子:
if (!Files.exists(Paths.get("android.resource://" + getPackageName() + "/vault.vlt")))
创建文件:
final Cipher cipher = generateCipher();
final FileOutputStream fileOutputStream = openFileOutput("vault.vlt",
MODE_PRIVATE);
final CipherOutputStream cipherOutputStream = new CipherOutputStream(fileOutputStream, cipher);
final ObjectOutputStream objectOutputStream = new ObjectOutputStream(cipherOutputStream);
objectOutputStream.writeObject(Core.getVault());
objectOutputStream.close();
Toast.makeText(this,"Saved",Toast.LENGTH_SHORT).show();
加载文件:
final Cipher cipher = generateCipher();
final FileInputStream fileInputStream = openFileInput("vault.vlt");
final CipherInputStream cipherInputStream = new CipherInputStream(fileInputStream, cipher);
final ObjectInputStream objectInputStream = new ObjectInputStream(cipherInputStream);
Core.setVault((Vault) objectInputStream.readObject());
objectInputStream.close();
Toast.makeText(this,Core.getVault().apples,Toast.LENGTH_SHORT).show();
这就是我使用 Guava 生成密码的方法:
// key size
final byte keySize = 32; // 256
// Hashing
final String hash =
Hashing.sha256()
.hashString(Core.getVault().getPassword(), Charsets.UTF_8)
.toString().substring(0, keySize);
// Creating keys
final byte[] key = hash.getBytes();
final String transformation = "AES";
final SecretKeySpec secretKeySpec = new SecretKeySpec(key, transformation);
// Creating cipher
@SuppressLint("GetInstance") final Cipher cipher = Cipher.getInstance(transformation);
cipher.init(Cipher.ENCRYPT_MODE, secretKeySpec);
return cipher;
这是我的错误堆栈跟踪:
W/System.err: java.io.StreamCorruptedException: invalid stream header: 02FD0D3D
at java.io.ObjectInputStream.readStreamHeader(ObjectInputStream.java:808)
at java.io.ObjectInputStream.<init>(ObjectInputStream.java:302)
at theredspy15.vault115.EntranceActivity.loadVault(EntranceActivity.java:70)
at theredspy15.vault115.EntranceActivity.enter(EntranceActivity.java:41)
at java.lang.reflect.Method.invoke(Native Method)
at android.support.v7.app.AppCompatViewInflater$DeclaredOnClickListener.onClick(AppCompatViewInflater.java:288)
at android.view.View.performClick(View.java:6256)
at android.view.View$PerformClick.run(View.java:24701)
at android.os.Handler.handleCallback(Handler.java:789)
at android.os.Handler.dispatchMessage(Handler.java:98)
at android.os.Looper.loop(Looper.java:164)
W/System.err: at android.app.ActivityThread.main(ActivityThread.java:6541)
at java.lang.reflect.Method.invoke(Native Method)
at com.android.internal.os.Zygote$MethodAndArgsCaller.run(Zygote.java:240)
at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:767)
读取文件时需要将Cipher放入DECRYPT_MODE。