Java序列化敏感字段加密

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
import java.io.*;
import java.io.ObjectInputStream.GetField;
import java.io.ObjectOutputStream.PutField;
public class Student
implements Serializable {
private String password="passwd";
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
private void writeObject(ObjectOutputStream out) {
try {
PutField pf=out.putFields();
System.out.println("原密码:" + password);
password="newpasswd";//模拟加密过程
pf.put("password", password);
System.out.println("加密后密码:" + password);
out.writeFields();
}catch (IOException e) {
e.printStackTrace();
}
}
private void readObject(ObjectInputStream in) throws Exception {
try {
GetField gf=in.readFields();
Object o=gf.get("password", "");
System.out.println("要解密的字符串:" + o.toString());
password = "passwd";//模拟解密,需要获得本地的密钥
System.out.println("解密后字符串:" + password);
}catch (IOException e) {
e.printStackTrace();
}
}
}

1
2
3
4
5
6
7
8
9
10
11
12
import java.io.*;
public class SerializableDemo {
public static void main(String[] args) throws Exception {
// TODO Auto-generated method stub
Student stu =new Student();
ObjectOutputStream oos = new ObjectOutputStream(new FileOutputStream(
new File("E:/Student.txt")));
oos.writeObject(stu);
System.out.println("Student对象序列化成功！");
oos.close();
}
}

1
2
3
4
5
6
7
8
9
10
import java.io.*;
public class AnotherProgram {
public static void main(String[] args) throws IOException, Exception {
// TODO Auto-generated method stub
ObjectInputStream ois = new ObjectInputStream(new FileInputStream(
new File("E:/Student.txt")));
Student student = (Student) ois.readObject();
System.out.println("Student对象反序列化成功！");;
}
}