我试图创建,它可以让客户端发送的登录名与服务器的协议。在此之后,服务器从服务器获取客户端密码并从中创建密码密钥。客户端根据输入的密码创建一个密钥。这样我试图得到一个安全的连接。切换的java流密码流
然而,发送用户名,获取密码等。我试图创建一个从cypherstream一个新的ObjectInputStream读取数据,但它阻止了。即使看了很多其他类似的问题,我也找不到一种方法来实现它的工作。
Serverside集团
private void switchToChipherStreams(String username) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IOException {
byte key[] = dbMediator.getPasswordCypher(username);
SecretKey key64 = new SecretKeySpec(key, "Blowfish");
Cipher cipher = Cipher.getInstance("Blowfish");
cipher.init(Cipher.ENCRYPT_MODE, key64);
try {
Thread.sleep(1000);
} catch (InterruptedException ex) {
Logger.getLogger(Connection.class.getName()).log(Level.SEVERE, null, ex);
}
out = new ObjectOutputStream(new CipherOutputStream(socket.getOutputStream(), cipher));
out.reset();
out.flush();
out.writeObject("switch");
in = new ObjectInputStream(new CipherInputStream(socket.getInputStream(), cipher));
}
客户端
private void switchToChipherStreams(String password) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IOException {
//Generate key
byte[] key = new byte[8];
for (int i = 0; i < 8; i++) {
if (password.length() > i) {
key[i] = password.getBytes()[i];
} else {
key[i] = (byte) i;
}
}
//Setup cipher streams
SecretKey key64 = new SecretKeySpec(key, "Blowfish");
Cipher cipher = Cipher.getInstance("Blowfish");
cipher.init(Cipher.ENCRYPT_MODE, key64);
in = new ObjectInputStream(new CipherInputStream(socket.getInputStream(), cipher));
out = new ObjectOutputStream(new CipherOutputStream(socket.getOutputStream(), cipher));
out.reset();
out.flush();
out.writeObject("switch");
}
在它的trowing异常(无效的头),因为我想在发送数据的那一刻,但如果我不要只是阻止。
有谁告诉我,我在做什么错在这里,或者如果它甚至有可能转变为加密的ObjectInputStream。
亲切的问候,
朱尔
编辑
更改了密码加密和解密的输出流,新代码:
Serverside集团
byte key[] = dbMediator.getPasswordCypher(username);
SecretKey key64 = new SecretKeySpec(key, "Blowfish");
Cipher cipheren = Cipher.getInstance("Blowfish");
cipheren.init(Cipher.ENCRYPT_MODE, key64);
Cipher cipherde = Cipher.getInstance("Blowfish");
cipheren.init(Cipher.DECRYPT_MODE, key64);
out = new ObjectOutputStream(new CipherOutputStream(socket.getOutputStream(), cipheren));
out.reset();
out.flush();
out.writeObject("switch");
in = new ObjectInputStream(new CipherInputStream(socket.getInputStream(), cipherde));
客户端
//Generate key
byte[] key = new byte[8];
for (int i = 0; i < 8; i++) {
if (password.length() > i) {
key[i] = password.getBytes()[i];
} else {
key[i] = (byte) i;
}
}
//Setup cipher streams
SecretKey key64 = new SecretKeySpec(key, "Blowfish");
Cipher cipheren = Cipher.getInstance("Blowfish");
cipheren.init(Cipher.ENCRYPT_MODE, key64);
Cipher cipherde = Cipher.getInstance("Blowfish");
cipheren.init(Cipher.DECRYPT_MODE, key64);
out = new ObjectOutputStream(new CipherOutputStream(socket.getOutputStream(), cipheren));
out.reset();
out.flush();
out.writeObject("switch");
in = new ObjectInputStream(new CipherInputStream(socket.getInputStream(), cipherde));
现在无效头的问题是解决了,但冻结客户端和服务器当ObjectInputStream的构造函数被调用。
你难道没有在某个时候关闭流? –
关闭流会导致关闭套接字 –
如何在服务器端为每个客户端请求创建新的线程? –