2. 程式人生 > >Encrypt and Decrypt by AES algorithm in both python and android

Encrypt and Decrypt by AES algorithm in both python and android

阿新 發佈:2018-12-23

我想在 python 把敏感的資料先加密,傳給Android 後在Android裡解密,在stackoverflow 上面找到這一個範例,滿神奇的,程式碼貼進 python 和 android 就可以跑了,而且可以互相加/解密沒問題。

我的執行畫面:

上面 terminal 是 python 的執行結果,下面白色是Android Studio 執行結果,使用同一把的key,python 產生出來的base64 碼是:

hPbYdXXJ472jW2VsEOZLa5iBosENVulYO1xDPI23SsjvebY341uFOS5ZV

Android 產生的base64碼是:

oBOM8SX0a2YcLK2oltF1J/x+WqMP6sDj4Cbp0fPDlroepybDE1CuVsidjyIqNaeq

雖然2邊加密完成後的所產生的base64碼長的不一樣,但是把 Android 產生出來的base64碼放到python裡去解,可以解出一樣的資料出來。

* Unfortunately, Android SDK doesn`t support PBKDF2WithHmacSHA256, so we use Spongy Castle, which is the stock Bouncy Castle libraries with a couple of small changes to make it work on Android.
* For version 1.47 or higher of SpongyCastle, we can invoke PBKDF2WithHmacSHA256 directly,
* but for versions below 1.47, we could not specify SHA256 digest and it defaulted to SHA1.
* see
* 1.

https://rtyley.github.io/spongycastle/
* 2. http://stackoverflow.com/a/15303291/3962551
* 3. https://en.wikipedia.org/wiki/Bouncy_Castle_(cryptography)

Bouncy Castle

充氣城堡軍團(Legion of the Bouncy Castle)是一個來自澳大利亞的慈善團體,他們編寫了Bouncy Castle這個廣泛使用的類庫。該庫既提供了一個輕量級的密碼學 API,也是一個 Java 密碼擴充套件(JCE)的提供者。安卓平臺已經內建了一個精簡過的老版本 Bouncy Castle(同時為了適配安卓平臺也做了一些細小的改動)。

Spongy Castle

Spongy Castle 背後的動機是允許安卓開發者在應用程式中使用任意版本的 BouncyCastle 類庫。SpongyCastle 就是對最新版本的 BouncyCastle 進行了簡單地重新打包。

Python code :

import base64
import hashlib
from Crypto import Random
from Crypto.Cipher import AES

class AESCipher:
    def __init__(self, key):
        self.bs = 16
        self.key = hashlib.sha256(key.encode()).digest()

    def encrypt(self, message):
        message = self._pad(message)
        iv = Random.new().read(AES.block_size)
        cipher = AES.new(self.key, AES.MODE_CBC, iv)
        return base64.b64encode(iv + cipher.encrypt(message)).decode('utf-8')

    def decrypt(self, enc):
        enc = base64.b64decode(enc)
        iv = enc[:AES.block_size]
        cipher = AES.new(self.key, AES.MODE_CBC, iv)
        return self._unpad(cipher.decrypt(enc[AES.block_size:])).decode('utf-8')

    def _pad(self, s):
        return s + (self.bs - len(s) % self.bs) * chr(self.bs - len(s) % self.bs)

    @staticmethod
    def _unpad(s):
        return s[:-ord(s[len(s)-1:])]

Android Code:

import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;

import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;

import java.security.SecureRandom;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.KeySpec;
import java.util.Arrays;

import android.annotation.SuppressLint;
import android.location.Criteria;
import android.util.Base64;
import android.util.Log;

@SuppressLint("NewApi")
public class Crypt {

private static final String tag = Crypt.class.getSimpleName();

private static final String characterEncoding = "UTF-8";
private static final String cipherTransformation = "AES/CBC/PKCS5Padding";
private static final String aesEncryptionAlgorithm = "AES";
private static final String key = "this is my key";
private static byte[] ivBytes = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
private static byte[] keyBytes;

private static Crypt instance = null;

Crypt()
{
    SecureRandom random = new SecureRandom();
    Crypt.ivBytes = new byte[16];
    random.nextBytes(Crypt.ivBytes); 
}

public static Crypt getInstance() {
    if(instance == null){
        instance = new Crypt();
    }
    return instance;
}

public String encrypt_string(final String plain) throws InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException, IOException
{
    return Base64.encodeToString(encrypt(plain.getBytes()), Base64.DEFAULT);
}

public String decrypt_string(final String plain) throws InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException, ClassNotFoundException, IOException
{
    byte[] encryptedBytes = decrypt(Base64.decode(plain, 0));
    return Base64.encodeToString( encryptedBytes, Base64.DEFAULT);
}

public   byte[] encrypt(   byte[] mes)
        throws NoSuchAlgorithmException,
        NoSuchPaddingException,
        InvalidKeyException,
        InvalidAlgorithmParameterException,
        IllegalBlockSizeException,
        BadPaddingException, IOException {

    keyBytes = key.getBytes("UTF-8");
    Log.d(tag,"Long KEY: "+keyBytes.length);
    MessageDigest md = MessageDigest.getInstance("SHA-256");
    md.update(keyBytes);
    keyBytes = md.digest();

    Log.d(tag,"Long KEY: "+keyBytes.length);

    AlgorithmParameterSpec ivSpec = new IvParameterSpec(ivBytes);
    SecretKeySpec newKey = new SecretKeySpec(keyBytes, aesEncryptionAlgorithm);
    Cipher cipher = null;
    cipher = Cipher.getInstance(cipherTransformation);

    SecureRandom random = new SecureRandom();   
    Crypt.ivBytes = new byte[16];               
    random.nextBytes(Crypt.ivBytes);            

    cipher.init(Cipher.ENCRYPT_MODE, newKey, random);
//    cipher.init(Cipher.ENCRYPT_MODE, newKey, ivSpec);
    byte[] destination = new byte[ivBytes.length + mes.length];
    System.arraycopy(ivBytes, 0, destination, 0, ivBytes.length);
    System.arraycopy(mes, 0, destination, ivBytes.length, mes.length);
    return  cipher.doFinal(destination);
}

public   byte[] decrypt(   byte[] bytes)
        throws NoSuchAlgorithmException,
        NoSuchPaddingException,
        InvalidKeyException,
        InvalidAlgorithmParameterException,
        IllegalBlockSizeException,
        BadPaddingException, IOException, ClassNotFoundException {
    keyBytes = key.getBytes("UTF-8");
    Log.d(tag,"Long KEY: "+keyBytes.length);
    MessageDigest md = MessageDigest.getInstance("SHA-256");
    md.update(keyBytes);
    keyBytes = md.digest();
    Log.d(tag,"Long KEY: "+keyBytes.length);
    byte[] ivB = Arrays.copyOfRange(bytes,0,16);
    Log.d(tag, "IV: "+new String(ivB));
    byte[] codB = Arrays.copyOfRange(bytes,16,bytes.length);
    AlgorithmParameterSpec ivSpec = new IvParameterSpec(ivB);
    SecretKeySpec newKey = new SecretKeySpec(keyBytes, aesEncryptionAlgorithm);
    Cipher cipher = Cipher.getInstance(cipherTransformation);
    cipher.init(Cipher.DECRYPT_MODE, newKey, ivSpec);
    byte[] res = cipher.doFinal(codB); 
    return  res;
}
}

相關推薦

Encrypt and Decrypt by AES algorithm in both python and android

我想在 python 把敏感的資料先加密,傳給Android 後在Android裡解密,在stackoverflow 上面找到這一個範例,滿神奇的,程式碼貼進 python 和 android 就可以跑了,而且可以互相加/解密沒問題。 我的執行畫面: 上面 terminal 是 python 的執行結

Extreme heat increasing in both summer and winter

A new study in the in Journal of Geophysical Research: Atmospheres, a publication of the American Geophysical Union, examined absolute extreme temperature

Data Blocks: Hybrid OLTP and OLAP on Compressed Storage using both Vectorization and Compilation報告

This work aims at reducing the main-memory footprint in high performance hybrid OLTP & OLAP databases, whileretaining high query perfo

ValueError: Dimension 1 in both shapes must be equal, but are 8 and 324 for 'Assign_376' (op: 'Assig

使用Mask-RCNN測試細胞資料集的時候,出現了以下錯誤: Loading weights ../../path/to/weights.h5 Traceback (most recent call last): File "/home/ubuntu/anaconda3/envs/tens

Encrypt and Decrypt Amazon Kinesis Records Using AWS KMS

Customers with strict compliance or data security requirements often require data to be encrypted at all times, including at rest or in transit wi

List CMK Grants and Principals by Region in AWS KMS

Amazon Web Services is Hiring. Amazon Web Services (AWS) is a dynamic, growing business unit within Amazon.com. We are currently hiring So

hive執行報錯:Both left and right aliases encountered in JOIN 's1'

原因:兩個表join的時候,不支援兩個表的欄位 非相等 操作。 可以把不相等條件拿到 where語句中。 例如: right JOIN test.dim_month_date p2

《Thinking in Java》 And 《Effective Java》啃起來

大學 前言 技術 數據結構和算法 解決 一句話 定義 應該 太多的 前言   今天從京東入手了兩本書,《Thinking in Java》(第四版) 和 《Effective Java》(第二版)。都可以稱得上是硬書,需要慢慢啃的,預定計劃是在今年前把這兩本書啃完。哈哈,可

The Languages and Frameworks You Should Learn in 2017

pan end req targe lov dev rapi automatic min Martin Angelov December 8th, 2016 The software development industry continues its relent

支付寶支付php的demo或sdk報錯 Warning: openssl_sign() [function.openssl-sign]: Unknown signature algorithm. in

本地測試 nat pcl 文件 openss sign 使用 是把 交流 最近在做支付寶支付,在本地測試一切正常,上傳到服務器就遇到報錯: Warning: openssl_sign() [function.openssl-sign]: Unknown signature

The valid characters are defined in RFC 7230 and RFC 3986

trac java pan tom http1 clas not wrap rsquo Note: further occurrences of HTTP header parsing errors will be logged at DEBUG level. ja

Describe in brief Databases and SQL Server Databases Architecture.

opera poi analysis actually esc nsis brief cap pdb Databases- A database is a structured collection of data.- Database can be thought a

解決Invalid character found in the request target. The valid characters are defined in RFC 7230 and RFC 問題

== number keyword 解決辦法 class rac ref request 反斜杠 通過這裏的回答,我們可以知道: Tomcat在 7.0.73, 8.0.39, 8.5.7 版本後,添加了對於http頭的驗證。 具體來說,就是添加了些規則去限制HTTP頭

Setup Apache2 in Debian 9 and enable two ports for two sites

listen apachectl art 127.0.0.1 etc bsp default star oot [email protected]/* */:~# apt-get install apache2 [email protected]/*

objc[8715]: Class JavaLaunchHelper is implemented in both....

javalauchhelper在Mac上,升級IntelliJ Idea 2017.01後,運行的時候出現了一個紅色的警告:objc[8715]: Class JavaLaunchHelper is implemented in both /Library/Java/JavaVirtualMachines/j

[Angular] Read Custom HTTP Headers Sent by the Server in Angular

conf nor update names fault pan table tom color By default the response body doesn’t contain all the data that might be needed in y

Animation Physics and The Realization Of Animation In Browsers

relative absolute single present important begin resources enc multiple Animation Physics Background With the development of computer sci

Document flow API in SAP CRM and C4C

relation 兩個 lap 原創 nts 綠色 需要 ima reference Document flow API in CRM 以一個具體的例子來說明。在Appointment的Overview page上能看見一個名叫Reference的區域,這裏可以維護一些其他

2018.3.10 bellman-ford algorithm, floyd-warshall algorithm and johnson's algorithm

需要 for 出現 man LG 循環 基礎上 問題: 是我 這周還是繼續dynamic programming,不過回到了圖算法,因為之前講圖算法的時候還沒有講到動態規劃,而這三個算法要麽本身是動態規劃算法,要麽要用到動態規劃算法。 1.bellman-ford是一種求無

What happens when you type an URL in the browser and press enter?

address url log pre gpo hand ted ane into What happens when you type an URL in the browser and press enter? 1. You type maps.google.com