Android資料加密之Aes加密
阿新 • • 發佈:2019-01-14
前言:
專案中除了登陸,支付等介面採用rsa非對稱加密,之外的採用aes對稱加密,今天我們來認識一下aes加密。
其他幾種加密方式:
什麼是aes加密?
高階加密標準(英語:Advanced Encryption Standard,縮寫:AES),在密碼學中又稱Rijndael加密法,是美國聯邦政府採用的一種區塊加密標準。這個標準用來替代原先的DES,已經被多方分析且廣為全世界所使用。
接下來我們來實際看下具體怎麼實現:
對於AesUtils類常量簡介:
private final static String HEX = "0123456789ABCDEF"; private static final String CBC_PKCS5_PADDING = "AES/CBC/PKCS5Padding";//AES是加密方式 CBC是工作模式 PKCS5Padding是填充模式 private static final String AES = "AES";//AES 加密 private static final String SHA1PRNG="SHA1PRNG";//// SHA1PRNG 強隨機種子演算法, 要區別4.2以上版本的呼叫方法
如何生成一個隨機Key?
/* * 生成隨機數,可以當做動態的金鑰 加密和解密的金鑰必須一致,不然將不能解密*/ public static String generateKey() { try { SecureRandom localSecureRandom = SecureRandom.getInstance(SHA1PRNG); byte[] bytes_key = new byte[20]; localSecureRandom.nextBytes(bytes_key); String str_key = toHex(bytes_key);return str_key; } catch (Exception e) { e.printStackTrace(); } return null; }
Aes金鑰處理
// 對金鑰進行處理 private static byte[] getRawKey(byte[] seed) throws Exception { KeyGenerator kgen = KeyGenerator.getInstance(AES); //for android SecureRandom sr = null; // 在4.2以上版本中,SecureRandom獲取方式發生了改變 if (android.os.Build.VERSION.SDK_INT >= 17) { sr = SecureRandom.getInstance(SHA1PRNG, "Crypto"); } else { sr = SecureRandom.getInstance(SHA1PRNG); } // for Java // secureRandom = SecureRandom.getInstance(SHA1PRNG); sr.setSeed(seed); kgen.init(128, sr); //256 bits or 128 bits,192bits //AES中128位金鑰版本有10個加密迴圈,192位元金鑰版本有12個加密迴圈,256位元金鑰版本則有14個加密迴圈。 SecretKey skey = kgen.generateKey(); byte[] raw = skey.getEncoded(); return raw; }
Aes加密過程
/* * 加密 */ public static String encrypt(String key, String cleartext) { if (TextUtils.isEmpty(cleartext)) { return cleartext; } try { byte[] result = encrypt(key, cleartext.getBytes()); return Base64Encoder.encode(result); } catch (Exception e) { e.printStackTrace(); } return null; } /* * 加密 */ private static byte[] encrypt(String key, byte[] clear) throws Exception { byte[] raw = getRawKey(key.getBytes()); SecretKeySpec skeySpec = new SecretKeySpec(raw, AES); Cipher cipher = Cipher.getInstance(CBC_PKCS5_PADDING); cipher.init(Cipher.ENCRYPT_MODE, skeySpec, new IvParameterSpec(new byte[cipher.getBlockSize()])); byte[] encrypted = cipher.doFinal(clear); return encrypted; }
Aes解密過程
/* * 解密 */ public static String decrypt(String key, String encrypted) { if (TextUtils.isEmpty(encrypted)) { return encrypted; } try { byte[] enc = Base64Decoder.decodeToBytes(encrypted); byte[] result = decrypt(key, enc); return new String(result); } catch (Exception e) { e.printStackTrace(); } return null; } /* * 解密 */ private static byte[] decrypt(String key, byte[] encrypted) throws Exception { byte[] raw = getRawKey(key.getBytes()); SecretKeySpec skeySpec = new SecretKeySpec(raw, AES); Cipher cipher = Cipher.getInstance(CBC_PKCS5_PADDING); cipher.init(Cipher.DECRYPT_MODE, skeySpec, new IvParameterSpec(new byte[cipher.getBlockSize()])); byte[] decrypted = cipher.doFinal(encrypted); return decrypted; }
二進位制轉字元
//二進位制轉字元 public static String toHex(byte[] buf) { if (buf == null) return ""; StringBuffer result = new StringBuffer(2 * buf.length); for (int i = 0; i < buf.length; i++) { appendHex(result, buf[i]); } return result.toString(); } private static void appendHex(StringBuffer sb, byte b) { sb.append(HEX.charAt((b >> 4) & 0x0f)).append(HEX.charAt(b & 0x0f)); }
測試程式:
List<Person> personList = new ArrayList<>(); int testMaxCount = 1000;//測試的最大資料條數 //新增測試資料 for (int i = 0; i < testMaxCount; i++) { Person person = new Person(); person.setAge(i); person.setName(String.valueOf(i)); personList.add(person); } //FastJson生成json資料 String jsonData = JsonUtils.objectToJsonForFastJson(personList); Log.e("MainActivity", "AES加密前json資料 ---->" + jsonData); Log.e("MainActivity", "AES加密前json資料長度 ---->" + jsonData.length()); //生成一個動態key String secretKey = AesUtils.generateKey(); Log.e("MainActivity", "AES動態secretKey ---->" + secretKey); //AES加密 long start = System.currentTimeMillis(); String encryStr = AesUtils.encrypt(secretKey, jsonData); long end = System.currentTimeMillis(); Log.e("MainActivity", "AES加密耗時 cost time---->" + (end - start)); Log.e("MainActivity", "AES加密後json資料 ---->" + encryStr); Log.e("MainActivity", "AES加密後json資料長度 ---->" + encryStr.length()); //AES解密 start = System.currentTimeMillis(); String decryStr = AesUtils.decrypt(secretKey, encryStr); end = System.currentTimeMillis(); Log.e("MainActivity", "AES解密耗時 cost time---->" + (end - start)); Log.e("MainActivity", "AES解密後json資料 ---->" + decryStr);
執行耗時:
資料前後變化:
由此可見對稱Aes效率還是比較高的
補充關於Base64Decoder類和Base64Encoder類
package com.whoislcj.testhttp.utils; import android.text.TextUtils; import java.io.ByteArrayInputStream; import java.io.ByteArrayOutputStream; import java.io.FilterInputStream; import java.io.IOException; import java.io.InputStream; public class Base64Decoder extends FilterInputStream { private static final char[] chars = { 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', '+', '/' }; // A mapping between char values and six-bit integers private static final int[] ints = new int[128]; static { for (int i = 0; i < 64; i++) { ints[chars[i]] = i; } } private int charCount; private int carryOver; /*** * Constructs a new Base64 decoder that reads input from the given * InputStream. * * @param in * the input stream */ private Base64Decoder(InputStream in) { super(in); } /*** * Returns the next decoded character from the stream, or -1 if end of * stream was reached. * * @return the decoded character, or -1 if the end of the input stream is * reached * @exception IOException * if an I/O error occurs */ public int read() throws IOException { // Read the next non-whitespace character int x; do { x = in.read(); if (x == -1) { return -1; } } while (Character.isWhitespace((char) x)); charCount++; // The '=' sign is just padding if (x == '=') { return -1; // effective end of stream } // Convert from raw form to 6-bit form x = ints[x]; // Calculate which character we're decoding now int mode = (charCount - 1) % 4; // First char save all six bits, go for another if (mode == 0) { carryOver = x & 63; return read(); } // Second char use previous six bits and first two new bits, // save last four bits else if (mode == 1) { int decoded = ((carryOver << 2) + (x >> 4)) & 255; carryOver = x & 15; return decoded; } // Third char use previous four bits and first four new bits, // save last two bits else if (mode == 2) { int decoded = ((carryOver << 4) + (x >> 2)) & 255; carryOver = x & 3; return decoded; } // Fourth char use previous two bits and all six new bits else if (mode == 3) { int decoded = ((carryOver << 6) + x) & 255; return decoded; } return -1; // can't actually reach this line } /*** * Reads decoded data into an array of bytes and returns the actual number * of bytes read, or -1 if end of stream was reached. * * @param buf * the buffer into which the data is read * @param off * the start offset of the data * @param len * the maximum number of bytes to read * @return the actual number of bytes read, or -1 if the end of the input * stream is reached * @exception IOException * if an I/O error occurs */ public int read(byte[] buf, int off, int len) throws IOException { if (buf.length < (len + off - 1)) { throw new IOException("The input buffer is too small: " + len + " bytes requested starting at offset " + off + " while the buffer " + " is only " + buf.length + " bytes long."); } // This could of course be optimized int i; for (i = 0; i < len; i++) { int x = read(); if (x == -1 && i == 0) { // an immediate -1 returns -1 return -1; } else if (x == -1) { // a later -1 returns the chars read so far break; } buf[off + i] = (byte) x; } return i; } /*** * Returns the decoded form of the given encoded string, as a String. Note * that not all binary data can be represented as a String, so this method * should only be used for encoded String data. Use decodeToBytes() * otherwise. * * @param encoded * the string to decode * @return the decoded form of the encoded string */ public static String decode(String encoded) { if (TextUtils.isEmpty(encoded)) { return ""; } return new String(decodeToBytes(encoded)); } /*** * Returns the decoded form of the given encoded string, as bytes. * * @param encoded * the string to decode * @return the decoded form of the encoded string */ public static byte[] decodeToBytes(String encoded) { byte[] bytes = encoded.getBytes(); Base64Decoder in = new Base64Decoder(new ByteArrayInputStream(bytes)); ByteArrayOutputStream out = new ByteArrayOutputStream((int) (bytes.length * 0.75)); try { byte[] buf = new byte[4 * 1024]; // 4K buffer int bytesRead; while ((bytesRead = in.read(buf)) != -1) { out.write(buf, 0, bytesRead); } return out.toByteArray(); } catch (IOException e) { throw new RuntimeException(e); } finally { try { in.close(); } catch (IOException e) { throw new RuntimeException(e); } try { out.close(); } catch (IOException e) { throw new RuntimeException(e); } } } }Base64Decoder
package com.whoislcj.testhttp.utils; import java.io.ByteArrayOutputStream; import java.io.FilterOutputStream; import java.io.IOException; import java.io.OutputStream; public class Base64Encoder extends FilterOutputStream { private static final char[] chars = { 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', '+', '/' }; private int charCount; private int carryOver; // 是否每76位元組換行 private boolean isWrapBreak = true; /*** * Constructs a new Base64 encoder that writes output to the given * OutputStream. * * @param out * the output stream */ private Base64Encoder(OutputStream out) { super(out); } /*** * Constructs a new Base64 encoder that writes output to the given * OutputStream. * * @param out * the output stream */ private Base64Encoder(OutputStream out, boolean isWrapBreak) { this(out); this.isWrapBreak = isWrapBreak; } /*** * Writes the given byte to the output stream in an encoded form. * * @exception IOException * if an I/O error occurs */ public void write(int b) throws IOException { // Take 24-bits from three octets, translate into four encoded chars // Break lines at 76 chars // If necessary, pad with 0 bits on the right at the end // Use = signs as padding at the end to ensure encodedLength % 4 == 0 // Remove the sign bit, // thanks to Christian Schweingruber <[email protected]> if (b < 0) { b += 256; } // First byte use first six bits, save last two bits if (charCount % 3 == 0) { int lookup = b >> 2; carryOver = b & 3; // last two bits out.write(chars[lookup]); } // Second byte use previous two bits and first four new bits, // save last four bits else if (charCount % 3 == 1) { int lookup = ((carryOver << 4) + (b >> 4)) & 63; carryOver = b & 15; // last four bits out.write(chars[lookup]); } // Third byte use previous four bits and first two new bits, // then use last six new bits else if (charCount % 3 == 2) { int lookup = ((carryOver << 2) + (b >> 6)) & 63; out.write(chars[lookup]); lookup = b & 63; // last six bits out.write(chars[lookup]); carryOver = 0; } charCount++; // Add newline every 76 output chars (that's 57 input chars) if (this.isWrapBreak && charCount % 57 == 0) { out.write('\n'); } } /*** * Writes the given byte array to the output stream in an encoded form. * * @param buf * the data to be written * @param off * the start offset of the data * @param len * the length of the data * @exception IOException * if an I/O error occurs */ public void write(byte[] buf, int off, int len) throws IOException { // This could of course be optimized for (int i = 0; i < len; i++) { write(buf[off + i]); } } /*** * Closes the stream, this MUST be called to ensure proper padding is * written to the end of the output stream. * * @exception IOException * if an I/O error occurs */ public void close() throws IOException { // Handle leftover bytes if (charCount % 3 == 1) { // one leftover int lookup = (carryOver << 4) & 63; out.write(chars[lookup]); out.write('='); out.write('='); } else if (charCount % 3 == 2) { // two leftovers int lookup = (carryOver << 2) & 63; out.write(chars[lookup]); out.write('='); } super.close(); } /*** * Returns the encoded form of the given unencoded string.<br> * 預設是否每76位元組換行 * * @param bytes * the bytes to encode * @return the encoded form of the unencoded string * @throws IOException */ public static String encode(byte[] bytes) { return encode(bytes, true); } /*** * Returns the encoded form of the given unencoded string. * * @param bytes * the bytes to encode * @param isWrapBreak * 是否每76位元組換行 * @return the encoded form of the unencoded string * @throws IOException */ public static String encode(byte[] bytes, boolean isWrapBreak) { ByteArrayOutputStream out = new ByteArrayOutputStream((int) (bytes.length * 1.4)); Base64Encoder encodedOut = new Base64Encoder(out, isWrapBreak); try { encodedOut.write(bytes); } catch (IOException e) { throw new RuntimeException(e); } finally { try { encodedOut.close(); } catch (IOException e) { throw new RuntimeException(e); } } return out.toString(); } // public static void main(String[] args) throws Exception { // if (args.length != 1) { // System.err // .println("Usage: java com.oreilly.servlet.Base64Encoder fileToEncode"); // return; // } // Base64Encoder encoder = null; // BufferedInputStream in = null; // try { // encoder = new Base64Encoder(System.out); // in = new BufferedInputStream(new FileInputStream(args[0])); // // byte[] buf = new byte[4 * 1024]; // 4K buffer // int bytesRead; // while ((bytesRead = in.read(buf)) != -1) { // encoder.write(buf, 0, bytesRead); // } // } finally { // if (in != null) // in.close(); // if (encoder != null) // encoder.close(); // } // } }Base64Encoder
相關推薦
Android資料加密之Aes加密
前言: 專案中除了登陸,支付等介面採用rsa非對稱加密,之外的採用aes對稱加密,今天我們來認識一下aes加密。 其他幾種加密方式: 什麼是aes加密? 高階加密標準(英語:Advanced Encryption Standard,縮寫:AES),在密碼學中又稱Rijn
對稱加密之AES加密
加密和解密過程中,我們一般使用byte,因為這樣不容易產生亂碼,如果直接是String型別,被加密解密後的String,對中文來說,前後的Unicode是否一致,就很難保證了。 之前說了使用異或運算子加密。在Java中,有API提供,讓我們實現AES對稱加密。
對稱加密之AES加密詳解
aes加密 文件 程序 分享 strong 使用 common key 直接 最近有人問我AES對稱加密是啥,我回答了個大概,發現自己不能清晰的講出來,特此記錄,以供學習 一、對稱加密 對稱加密是最快速、最簡單的一種加密方式,加密(encryption)與解密(de
Android資料加密AES之Aes加密(一)
Android中的加密不止一種,所以就要在不同的情況下使用不同的加密方式,加密又分為對稱加密和非對稱加密,具體的就看看這篇部落格吧---> 點選開啟連結 ,今天我們來看看AES的加密方式: AES: 高階加密標準(英語:Advanced Encr
java、android、ios、js資料傳遞加密演算法之AES加密
場景描述 我們在做專案的時候,寫介面經常會遇到這樣的情況,就是和app端、web端互動的時候傳輸資料需要進行加密,不能用明文操作。資料傳輸加密最關鍵的就是前後端傳輸的資料最終能被正確的解密出來,今天就來講講使用AES加密傳輸的時候前後端使用的程式碼。 解
Android資料加密之Des加密
前言: 端午節前有個同事諮詢我有關Android DES加密的相關實現,簡單的實現了一下,今天來總結一下。 其他幾種加密方式: DES加密介紹: DES是一種對稱加密演算法,所謂對稱加密演算法即:加密和解密使用相同金鑰的演算法。DES加密演算法出自IBM的研究,後來被
Android資料加密之Rsa加密
前言: 最近無意中和同事交流資料安全傳輸的問題,想起自己曾經使用過的Rsa非對稱加密演算法,閒下來總結一下。 其他幾種加密方式: 什麼是Rsa加密? RSA演算法是最流行的公鑰密碼演算法,使用長度可以變化的金鑰。RSA是第一個既能用於資料加密也能用於數字簽名的演算法。RSA演算
Android資料加密之MD5加密
前言: 專案中無論是密碼的儲存或者說判斷檔案是否是同一檔案,都會用到MD5演算法,今天來總結一下MD5加密演算法。 什麼是MD5加密? MD5英文全稱“Message-Digest Algorithm 5”,翻譯過來是“訊息摘要演算法5”,由MD2、MD3、MD4演變過來的,是一種
Android資料儲存之Sqlite採用SQLCipher資料庫加密實戰
前言: 最近研究了Android Sqlite資料庫(文章地址:http://www.cnblogs.com/whoislcj/p/5506294.html)以及ContentProvider程式間資料共享(http://www.cnblogs.com/whoislcj/p/5507928.html),
登入功能前臺加密後臺解密之AES加密解密
前段時間寫一個登入功能,但是密碼是明文傳輸,要求加密傳輸,網上搜了大部分都是md5加密,但是此方法是將加密後的密文傳輸到資料庫中,後臺是無法解密的,後來搜到用AES加密的話可以後臺解密,所以特此記錄下來: 1、首先需要在jsp頁面中引入兩個js檔案: <s
[小程式碼]在Android和PHP之間的加密/解密,AES加密
Android和PHP上的加、解密字串。 android上使用: mcrypt = new MCrypt(); /* 加密*/ String encrypted = MCrypt.bytesToHex( mcrypt.encrypt("需加密的字元") ); /* 解密*
openssl之aes加密(原始碼分析 AES_encrypt 與 AES_cbc_encrypt ,加密模式)
首先要了解AES加密是什麼,以及幾種加密模式的區別。之後才是程式設計。具體的程式設計案例,在下面的連結。 下面這個連結有詳細圖解。http://www.cnblogs.com/adylee/
C#之AES加密解密
高階加密標準(AES,Advanced Encryption Standard)為最常見的對稱加密演算法(微信小程式加密傳輸就是用這個加密演算法的)。對稱加密演算法也就是加密和解密用相同的金鑰,具體的加密流程如下圖:(原理:轉自https://blog.csdn.net/qq
程式設計師之網路安全系列(三):資料加密之對稱加密演算法
系列目錄: 前文回顧 假如,明明和麗麗相互不認識,明明想給麗麗寫一封情書,讓隔壁老王送去 如何保證隔壁老王不能看到情書內容?(保密性) 如何保證隔壁老王不修改情書的內容?(完整性) 如何保證隔壁老王不冒充明明?(身份認證) 如何保證明明不能否認情書是自己寫的?(來源的不可否認) 上一節,我們使用了Ha
Android端可用的AES加密/解密,已直接封裝為檔案加密
主要功能類 AESHelper .java import android.util.Log; import java.io.File; import java.io.IOException; import java.io.RandomAccessFi
java加密之AES/CBC/PKCS5Padding
和上一篇原理一樣,只是多一個偏移量 1.加密 public static String Encrypt(String sSrc, String sKey) throws Exception
openssl之aes加密(AES_cbc_encrypt 與 AES_encrypt 的程式設計案例)
#include<stdio.h>#include<string.h>#include<stdlib.h>#include<openssl/aes.h>#define AES_BITS 128#define MSG_LEN 128int aes_encrypt
java加密之AES/ECB/PKCS5Padding
廢話不多說,直接上程式碼 1.先建立一個base64編碼類, 實際專案中不用自己寫,有成熟的實現方法 package com.taikang; public final class Base64 { static private final in
iOS常用加密之RSA加密解密
pen style 工作 eight else mark 分段 load port 前言: iOS常用的加密有很多種,前兩天在工作中遇到了RSA加密,現在把代嗎分享出來。 RSA基本原理 RSA使用"秘匙對"對數據進行加密解密.在加密解密數據前,需要先生成公鑰(publi
Android 資料儲存之 SQLite資料庫儲存
轉載自:https://www.cnblogs.com/woider/p/5136734.html ----------------------------------------SQLite資料庫---------------------------------------------- SQLite是一