Is there an easy way to encrypt a java object?

Question

I\'d like to store a serialized object to a file however I\'d like to make it encrypted. It doesn\'t need to be really strong encryption. I just want something easy (preferably

Answer 1

Try this code:

String fileName = "result.dat"; //some result file

//You may use any combination, but you should use the same for writing and reading
SecretKey key64 = new SecretKeySpec( new byte[] { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 }, "Blowfish" );
Cipher cipher = Cipher.getInstance( "Blowfish" );

//Code to write your object to file
cipher.init( Cipher.ENCRYPT_MODE, key64 );
Person person = new Person(); //some object to serialise
SealedObject sealedObject = new SealedObject( person, cipher);
CipherOutputStream cipherOutputStream = new CipherOutputStream( new BufferedOutputStream( new FileOutputStream( fileName ) ), cipher );
ObjectOutputStream outputStream = new ObjectOutputStream( cipherOutputStream );
outputStream.writeObject( sealedObject );
outputStream.close();

//Code to read your object from file
cipher.init( Cipher.DECRYPT_MODE, key64 );
CipherInputStream cipherInputStream = new CipherInputStream( new BufferedInputStream( new FileInputStream( fileName ) ), cipher );
ObjectInputStream inputStream = new ObjectInputStream( cipherInputStream );
SealedObject sealedObject = (SealedObject) inputStream.readObject();
Person person1 = (Person) sealedObject.getObject( cipher );

Answer 2

As a general answer (since I don't use Java much these days):

I suggest searching multiple forms of encryption and find which suits what you'd like to do, and then to find and modify a module already written for your data or to write your own based off of the algorithm that you would like use.

For example if you wanted to use SHA256 and found a module already written for you, just modify it to use the data stream you want.

private ObjectName modifiedSHA256(input stream, ..., ...)
{
    // Modified algorithm
}

And then you can make a call to it whenever you want to write the data stream somewhere. The module will then save its own data stream which is then written to a file.

Answer 3

Use SealedObject and Cipher class to Encrypt and decrypt the object.

What is SealedObject?

SealedObject encapsulate the original java object(it should implements Serializable). It use the cryptographic algorithm to seals the serialized content of the object.

What is Cipher?

This is a java class, use cryptographic algorithm for encryption and decryption.

Sample code

below is the sample code.

EncriptThisClass so = new EncriptThisClass();
SealedObject encryptedObject =encryptObject(so);
EncriptThisClass etcObject=decryptObject(encryptedObject);

For complete code please visit the below link. http://javaant.com/object-encryption-decryption-in-java/#.VvkA6RJ96Hs

Answer 4

Using CipherOutPutStream (http://docs.oracle.com/javase/6/docs/api/javax/crypto/CipherOutputStream.html) to write the objects into the ObjectOutputStream might be an easy and good approach here.

Answer 5

You should look into Jasypt. It has a bunch of utility functions to make this easy.

...
BasicTextEncryptor textEncryptor = new BasicTextEncryptor();
textEncryptor.setPassword(myEncryptionPassword);
...
String myEncryptedText = textEncryptor.encrypt(myText);
...
String plainText = textEncryptor.decrypt(myEncryptedText);
...

Answer 6

javax.crypto.SealedObject is definitely the answer. What's the problem with the keys?