java data Encryption / Decryption:加密密钥由工具所有者提供,与开发人员无关
[英]java data Encryption/Decryption : Encryption key to be with the tool owner not with developers
问题描述
I have created java encryption/decryption methods using good encryption algorithms and we are using both functionalities in our application .These methods are working based on encryption key(string). 
我已经使用良好的加密算法创建了Java加密/解密方法,并且在应用程序中同时使用了这两种功能。这些方法基于加密密钥(字符串)运行。
As a developer I can see the encryption key in my java file and using that key I can do decryption.My client need to hide that encryption key from developers and key should be with tool owner. 作为开发人员,我可以在我的java文件中看到加密密钥,并可以使用该密钥进行解密。我的客户需要向开发人员隐藏该加密密钥,并且密钥应由工具所有者拥有。
I am using java 1.7 version,DB2 database and WebSphere application server . 我正在使用Java 1.7版本,DB2数据库和WebSphere Application Server。
How is this possible ? 这怎么可能 ?
Thanks, Nikhil 谢谢,Nikhil
1 个解决方案
解决方案1
0 2017-09-27 10:21:18
You should provide the secret in runtime. 您应该在运行时提供机密。 This can be done either by using system properties, environment properties or just plain-old properties files. 这可以通过使用系统属性,环境属性或仅使用普通属性文件来完成。 You can use libraries/framework like: Spring / Spring Boot , Typesafe Config etc. But... there is no problem in writing it by yourself, it's just a call to System.getProperty() , Properties.load() etc. 您可以使用类似Spring / Spring Boot , Typesafe Config等的库/框架。但是...自己编写它没有问题,这只是对System.getProperty() , Properties.load()等的调用。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.