|
|
发表于 2004-8-27 23:55:00
|
显示全部楼层
Re: Java网络游戏真的能防止外挂吗?
[em3]顺便在这里放一个收集到的数字签名的程序,供爱好者参考,赚点积分~~呵呵~
//DES Encrypt
//加密
package com.chinacountry;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.Security;
/**
* Created by IntelliJ IDEA.
* User: Alan
* Date: Dec 4, 2003
* Time: 9:29:19 PM
* To change this template use Options | File Templates.
*/
public class EncryptUtil
{
/**
* 获得DES加密的密钥。在交易处理的过程中应该定时更
* 换密钥。需要JCE的支持,如果jdk版本低于1.4,则需要
* 安装jce-1_2_2才能正常使用。
* @return Key 返回对称密钥
* @throws java.security.NoSuchAlgorithmException
* @see cn.com.tdt.util.EncryptUtil 其中包括加密和解密的方法
*/
public static Key getKey() throws NoSuchAlgorithmException
{
Security.insertProviderAt(new com.sun.crypto.provider.SunJCE(), 1);
KeyGenerator generator = KeyGenerator.getInstance("DES");
generator.init(new SecureRandom());
Key key = generator.generateKey();
return key;
}
/**
* 将指定的数据根据提供的密钥进行加密
* @param key 密钥
* @param data 需要加密的数据
* @return byte[] 加密后的数据
* @throws EncryptException
*/
public static byte[] doEncrypt(Key key, byte[] data) throws EncryptException
{
try {
//Get a cipher object
Cipher cipher = Cipher.getInstance("DES/ECB/NoPadding");
//Encrypt
cipher.init(Cipher.ENCRYPT_MODE, key);
//byte[] stringBytes = amalgam.getBytes("UTF8");
byte[] raw = cipher.doFinal(data);
//BASE64Encoder encoder = new BASE64Encoder();
//String base64 = encoder.encode(raw);
return raw;
} catch (Exception e) {
e.printStackTrace();
throw new EncryptException("Do encrypt occurs Exception.[" + e.getMessage() + "]");
}
}
/**
* 将给定的已加密的数据通过指定的密钥进行解密
* @param key 密钥
* @param raw 待解密的数据
* @return byte[] 解密后的数据
* @throws EncryptException
*/
public static byte[] doDecrypt(Key key, byte[] raw) throws EncryptException
{
try {
//Get a cipher object
Cipher cipher = Cipher.getInstance("DES/ECB/NoPadding");
// Decrypt
cipher.init(Cipher.DECRYPT_MODE, key);
//BASE64Decoder decoder = new BASE64Decoder();
//byte[] raw = decoder.decodeBuffer(data);
byte[] data = cipher.doFinal(raw);
//String result = new String(stringBytes, "UTF8");
//System.out.println("the decrypted data is: " + result);
return data;
} catch (Exception e) {
e.printStackTrace();
throw new EncryptException("Do decrypt occurs Exception.[" + e.getMessage() + "]");
}
}
public static Cipher getCipher(Key key, int cipherMode) throws EncryptException
{
try {
Cipher cipher = Cipher.getInstance("DES/ECB/NoPadding");
cipher.init(cipherMode, key);
return cipher;
} catch (Exception e) {
e.printStackTrace();
throw new EncryptException("Do decrypt occurs Exception.[" + e.getMessage() + "]");
}
}
}
I am sorry for my windows can't inputing Chinese.
When I use des encrypt my data,it occurs that I use "Cipher cipher = Cipher.getInstance("DES/ECB/PKCS5Padding");" at first and my application runs very well,but when data is coming from net in socket,it throws exception.The exception means that I use a wrong padding or padding size not right.It is confused with me.No information on internet,and a lots of guys also met this problem but no answer is given.I found that des is a type of encrypt block,so I try to use "Cipher cipher = Cipher.getInstance("DES/ECB/NoPadding");" replace original code and put some '\0' to byte[] to make byte[] divided with 8.This problem is resoveled,who have met problem like that.We can talk about it. my email: xiaoyusong@etang.com
-----------------------------------------------------------------------------------------------------------------------------------------------
数字签证
加密最好还是用java来做,而不要用数据库自带的加密函数,因为那样容易失去对数据库的平滑支持。加密你可以考虑用mac或者des加密,前者是非对称密钥(分为公钥和私钥,只有持有私钥的人才可以加密数据,而公钥仅仅是匹配私钥用来解密)更加安全可靠,或者是对称密钥(持有密钥人的密钥都是一样的可以双向加密和解密)。数字签名仅仅用来证明内容没有被修改,不是用来加密的。数字签名仅仅用来证明内容没有被修改,不是用来加密的。你可以将加密后的数据+数字签名就保险多了。
代码网上很多我这里只有des加密和数字签名的代码,你需要稍微修改一下。
des加密:http://www.java.com.cn/showtopic.asp?TOPIC_ID=28567&Forum_ID=29
数字签名:
/**
* @version 1.10 1999-10-05
* @author Cay Horstmann
*/
import javax.swing.*;
import java.awt.*;
import java.awt.event.ActionEvent;
import java.awt.event.ActionListener;
import java.awt.event.WindowAdapter;
import java.awt.event.WindowEvent;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
public class TestMessageDigest
{
public static void main(String[] args)
{
JFrame f = new MessageDigestFrame();
f.show();
}
}
class MessageDigestFrame extends JFrame
{
public MessageDigestFrame()
{
setTitle("MessageDigestTest");
setSize(400, 200);
addWindowListener(
new WindowAdapter()
{
public void windowClosing(WindowEvent e)
{
System.exit(0);
}
});
JPanel panel = new JPanel();
ButtonGroup group = new ButtonGroup();
ActionListener listener =
new ActionListener()
{
public void actionPerformed(ActionEvent event)
{
JCheckBox b = (JCheckBox) event.getSource();
setAlgorithm(b.getText());
}
};
addCheckBox(panel, "SHA-1", group, true, listener);
addCheckBox(panel, "MD5", group, false, listener);
Container contentPane = getContentPane();
contentPane.add(panel, "North");
contentPane.add(new JScrollPane(message), "Center");
contentPane.add(digest, "South");
digest.setFont(new Font("Monospaced", Font.PLAIN, 12));
setAlgorithm("SHA-1");
JMenuBar menuBar = new JMenuBar();
JMenu menu = new JMenu("File");
JMenuItem fileDigestItem = new JMenuItem("File digest");
fileDigestItem.addActionListener(
new ActionListener()
{
public void actionPerformed(ActionEvent event)
{
loadFile();
}
});
menu.add(fileDigestItem);
JMenuItem textDigestItem
= new JMenuItem("Text area digest");
textDigestItem.addActionListener(
new ActionListener()
{
public void actionPerformed(ActionEvent event)
{
String m = message.getText();
computeDigest(m.getBytes());
}
});
menu.add(textDigestItem);
menuBar.add(menu);
setJMenuBar(menuBar);
}
public void addCheckBox(Container c, String name,
ButtonGroup g, boolean selected, ActionListener listener)
{
JCheckBox b = new JCheckBox(name, selected);
c.add(b);
g.add(b);
b.addActionListener(listener);
}
public void setAlgorithm(String alg)
{
try {
currentAlgorithm = MessageDigest.getInstance(alg);
digest.setText("");
} catch (NoSuchAlgorithmException e) {
digest.setText("" + e);
}
}
public void loadFile()
{
JFileChooser chooser = new JFileChooser();
chooser.setCurrentDirectory(new File("."));
int r = chooser.showOpenDialog(this);
if (r == JFileChooser.APPROVE_OPTION) {
String name
= chooser.getSelectedFile().getAbsolutePath();
computeDigest(loadBytes(name));
}
}
public byte[] loadBytes(String name)
{
FileInputStream in = null;
try {
in = new FileInputStream(name);
ByteArrayOutputStream buffer
= new ByteArrayOutputStream();
int ch;
while ((ch = in.read()) != -1)
buffer.write(ch);
return buffer.toByteArray();
} catch (IOException e) {
if (in != null) {
try {
in.close();
} catch (IOException e2) {
}
}
return null;
}
}
public void computeDigest(byte[] b)
{
currentAlgorithm.reset();
currentAlgorithm.update(b);
byte[] hash = currentAlgorithm.digest();
String d = "";
for (int i = 0; i < hash.length; i++) {
int v = hash & 0xFF;
if (v < 16) d += "0";
d += Integer.toString(v, 16).toUpperCase() + " ";
}
digest.setText(d);
}
private JTextArea message = new JTextArea();
private JTextField digest = new JTextField();
private MessageDigest currentAlgorithm;
}
/*你可以将文件放到byte数组中,然后加密获得另一个数组(实际上就是加密后的文件)。为加密数据取得签名,再将签名和密钥发送给需要的人,就可以了!
*/ |
|
楼主
