[英]java data Encryption/Decryption : Encryption key to be with the tool owner not with developers
I have created java encryption/decryption methods using good encryption algorithms and we are using both functionalities in our application .These methods are working based on encryption key(string). 我已经使用良好的加密算法创建了Java加密/解密方法,并且在应用程序中同时使用了这两种功能。这些方法基于加密密钥(字符串)运行。
As a developer I can see the encryption key in my java file and using that key I can do decryption.My client need to hide that encryption key from developers and key should be with tool owner. 作为开发人员,我可以在我的java文件中看到加密密钥,并可以使用该密钥进行解密。我的客户需要向开发人员隐藏该加密密钥,并且密钥应由工具所有者拥有。
I am using java 1.7 version,DB2 database and WebSphere application server . 我正在使用Java 1.7版本,DB2数据库和WebSphere Application Server。
How is this possible ? 这怎么可能 ?
Thanks, Nikhil 谢谢,Nikhil
You should provide the secret in runtime. 您应该在运行时提供机密。 This can be done either by using system properties, environment properties or just plain-old properties files.
这可以通过使用系统属性,环境属性或仅使用普通属性文件来完成。 You can use libraries/framework like:
Spring
/ Spring Boot
, Typesafe Config etc. But... there is no problem in writing it by yourself, it's just a call to System.getProperty()
, Properties.load()
etc. 您可以使用类似
Spring
/ Spring Boot
, Typesafe Config等的库/框架。但是...自己编写它没有问题,这只是对System.getProperty()
, Properties.load()
等的调用。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.