Android--AES加密解密
阿新 • • 發佈:2019-01-26
概念不再羅嗦,百度。主要就是三步:建立Cipher物件,初始化Cipher,加密解密
AES加密演算法模式有四種:ECB、CBC、CFB、OFB
要想AES加密,至少需要一個16位的金鑰,如果是非ECB模式的加密,至少還得需要金鑰偏移量。
AES工具類:package com.example.xiaobai.aes; import android.util.Log; import java.io.UnsupportedEncodingException; import java.security.InvalidAlgorithmParameterException; import java.security.InvalidKeyException; import java.security.NoSuchAlgorithmException; import java.security.spec.InvalidKeySpecException; import javax.crypto.BadPaddingException; import javax.crypto.Cipher; import javax.crypto.IllegalBlockSizeException; import javax.crypto.NoSuchPaddingException; import javax.crypto.SecretKey; import javax.crypto.SecretKeyFactory; import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.PBEKeySpec; import javax.crypto.spec.SecretKeySpec; /** * Created by xiaobai on 2017/12/7/007. */ public class AES { private final String KEY_GENERATION_ALG = "PBEWITHSHAANDTWOFISH-CBC"; // private final String KEY_GENERATION_ALG = "PBKDF2WithHmacSHA1"; private final int HASH_ITERATIONS = 10000; private final int KEY_LENGTH = 128; private char[] humanPassphrase = { 'P', 'e', 'r', ' ', 'v', 'a', 'l', 'l', 'u', 'm', ' ', 'd', 'u', 'c', 'e', 's', ' ', 'L', 'a', 'b', 'a', 'n', 't' };// per vallum duces labant private byte[] salt = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0xA, 0xB, 0xC, 0xD, 0xE, 0xF }; // must save this for next time we want the key private PBEKeySpec myKeyspec = new PBEKeySpec(humanPassphrase, salt, HASH_ITERATIONS, KEY_LENGTH); private final String CIPHERMODEPADDING = "AES/CBC/PKCS5Padding";// AES/CBC/PKCS7Padding private SecretKeyFactory keyfactory = null; private SecretKey sk = null; private SecretKeySpec skforAES = null; private static String ivParameter = "1234567890123456";// 金鑰預設偏移,可更改 // private byte[] iv = { 0xA, 1, 0xB, 5, 4, 0xF, 7, 9, 0x17, 3, 1, 6, 8, // 0xC, // 0xD, 91 }; private byte[] iv = ivParameter.getBytes(); private IvParameterSpec IV; String sKey = "1234567890123456";// key必須為16位,可更改為自己的key public AES() { try { keyfactory = SecretKeyFactory.getInstance(KEY_GENERATION_ALG); sk = keyfactory.generateSecret(myKeyspec); } catch (NoSuchAlgorithmException nsae) { Log.e("AESdemo", "no key factory support for PBEWITHSHAANDTWOFISH-CBC"); } catch (InvalidKeySpecException ikse) { Log.e("AESdemo", "invalid key spec for PBEWITHSHAANDTWOFISH-CBC"); } // This is our secret key. We could just save this to a file instead of // regenerating it // each time it is needed. But that file cannot be on the device (too // insecure). It could // be secure if we kept it on a server accessible through https. // byte[] skAsByteArray = sk.getEncoded(); byte[] skAsByteArray; try { skAsByteArray = sKey.getBytes("ASCII"); skforAES = new SecretKeySpec(skAsByteArray, "AES"); } catch (UnsupportedEncodingException e) { e.printStackTrace(); } IV = new IvParameterSpec(iv); } public String encrypt(byte[] plaintext) { byte[] ciphertext = encrypt(CIPHERMODEPADDING, skforAES, IV, plaintext); String base64_ciphertext = Base64.encode(ciphertext); return base64_ciphertext; } public String decrypt(String ciphertext_base64) { byte[] s = Base64.decode(ciphertext_base64); String decrypted = new String(decrypt(CIPHERMODEPADDING, skforAES, IV, s)); return decrypted; } // Use this method if you want to add the padding manually // AES deals with messages in blocks of 16 bytes. // This method looks at the length of the message, and adds bytes at the end // so that the entire message is a multiple of 16 bytes. // the padding is a series of bytes, each set to the total bytes added (a // number in range 1..16). private byte[] addPadding(byte[] plain) { byte plainpad[] = null; int shortage = 16 - (plain.length % 16); // if already an exact multiple of 16, need to add another block of 16 // bytes if (shortage == 0) shortage = 16; // reallocate array bigger to be exact multiple, adding shortage bits. plainpad = new byte[plain.length + shortage]; for (int i = 0; i < plain.length; i++) { plainpad[i] = plain[i]; } for (int i = plain.length; i < plain.length + shortage; i++) { plainpad[i] = (byte) shortage; } return plainpad; } // Use this method if you want to remove the padding manually // This method removes the padding bytes private byte[] dropPadding(byte[] plainpad) { byte plain[] = null; int drop = plainpad[plainpad.length - 1]; // last byte gives number of // bytes to drop // reallocate array smaller, dropping the pad bytes. plain = new byte[plainpad.length - drop]; for (int i = 0; i < plain.length; i++) { plain[i] = plainpad[i]; plainpad[i] = 0; // don't keep a copy of the decrypt } return plain; } private byte[] encrypt(String cmp, SecretKey sk, IvParameterSpec IV, byte[] msg) { try { Cipher c = Cipher.getInstance(cmp); c.init(Cipher.ENCRYPT_MODE, sk, IV); return c.doFinal(msg); } catch (NoSuchAlgorithmException nsae) { Log.e("AESdemo", "no cipher getinstance support for " + cmp); } catch (NoSuchPaddingException nspe) { Log.e("AESdemo", "no cipher getinstance support for padding " + cmp); } catch (InvalidKeyException e) { Log.e("AESdemo", "invalid key exception"); } catch (InvalidAlgorithmParameterException e) { Log.e("AESdemo", "invalid algorithm parameter exception"); } catch (IllegalBlockSizeException e) { Log.e("AESdemo", "illegal block size exception"); } catch (BadPaddingException e) { Log.e("AESdemo", "bad padding exception"); } return null; } private byte[] decrypt(String cmp, SecretKey sk, IvParameterSpec IV, byte[] ciphertext) { try { Cipher c = Cipher.getInstance(cmp); c.init(Cipher.DECRYPT_MODE, sk, IV); return c.doFinal(ciphertext); } catch (NoSuchAlgorithmException nsae) { Log.e("AESdemo", "no cipher getinstance support for " + cmp); } catch (NoSuchPaddingException nspe) { Log.e("AESdemo", "no cipher getinstance support for padding " + cmp); } catch (InvalidKeyException e) { Log.e("AESdemo", "invalid key exception"); } catch (InvalidAlgorithmParameterException e) { Log.e("AESdemo", "invalid algorithm parameter exception"); } catch (IllegalBlockSizeException e) { Log.e("AESdemo", "illegal block size exception"); } catch (BadPaddingException e) { Log.e("AESdemo", "bad padding exception"); e.printStackTrace(); } return null; } }
Base64:
package com.example.xiaobai.aes; /** * Created by xiaobai on 2017/12/7/007. */ import java.io.ByteArrayOutputStream; import java.io.IOException; import java.io.OutputStream; public class Base64 { private static final char[] legalChars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/" .toCharArray(); public static String encode(byte[] data) { int start = 0; int len = data.length; StringBuffer buf = new StringBuffer(data.length * 3 / 2); int end = len - 3; int i = start; int n = 0; while (i <= end) { int d = ((((int) data[i]) & 0x0ff) << 16) | ((((int) data[i + 1]) & 0x0ff) << 8) | (((int) data[i + 2]) & 0x0ff); buf.append(legalChars[(d >> 18) & 63]); buf.append(legalChars[(d >> 12) & 63]); buf.append(legalChars[(d >> 6) & 63]); buf.append(legalChars[d & 63]); i += 3; if (n++ >= 14) { n = 0; buf.append(" "); } } if (i == start + len - 2) { int d = ((((int) data[i]) & 0x0ff) << 16) | ((((int) data[i + 1]) & 255) << 8); buf.append(legalChars[(d >> 18) & 63]); buf.append(legalChars[(d >> 12) & 63]); buf.append(legalChars[(d >> 6) & 63]); buf.append("="); } else if (i == start + len - 1) { int d = (((int) data[i]) & 0x0ff) << 16; buf.append(legalChars[(d >> 18) & 63]); buf.append(legalChars[(d >> 12) & 63]); buf.append("=="); } return buf.toString(); } private static int decode(char c) { if (c >= 'A' && c <= 'Z') return ((int) c) - 65; else if (c >= 'a' && c <= 'z') return ((int) c) - 97 + 26; else if (c >= '0' && c <= '9') return ((int) c) - 48 + 26 + 26; else switch (c) { case '+': return 62; case '/': return 63; case '=': return 0; default: throw new RuntimeException("unexpected code: " + c); } } /** * Decodes the given Base64 encoded String to a new byte array. The byte * array holding the decoded data is returned. */ public static byte[] decode(String s) { ByteArrayOutputStream bos = new ByteArrayOutputStream(); try { decode(s, bos); } catch (IOException e) { throw new RuntimeException(); } byte[] decodedBytes = bos.toByteArray(); try { bos.close(); bos = null; } catch (IOException ex) { System.err.println("Error while decoding BASE64: " + ex.toString()); } return decodedBytes; } private static void decode(String s, OutputStream os) throws IOException { int i = 0; int len = s.length(); while (true) { while (i < len && s.charAt(i) <= ' ') i++; if (i == len) break; int tri = (decode(s.charAt(i)) << 18) + (decode(s.charAt(i + 1)) << 12) + (decode(s.charAt(i + 2)) << 6) + (decode(s.charAt(i + 3))); os.write((tri >> 16) & 255); if (s.charAt(i + 2) == '=') break; os.write((tri >> 8) & 255); if (s.charAt(i + 3) == '=') break; os.write(tri & 255); i += 4; } } }
主函式呼叫:
import android.os.Bundle; import android.support.v7.app.AppCompatActivity; import android.util.Log; public class MainActivity extends AppCompatActivity { @Override protected void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); setContentView(R.layout.activity_main); String input = "hello AES!"; byte[] mBytes = null; AES mAes = new AES(); try { mBytes = input.getBytes("UTF8"); String enString = mAes.encrypt(mBytes); Log.i("AES encode text is ", enString); String deString = mAes.decrypt(enString); Log.i("AES decode text is ", deString); } catch (Exception e) { } } }
列印的結果:
12-07 16:27:35.826 23284-23284/com.example.xiaobai.aes I/AES encode text is: 7P9hogAc+Mn0QKyGRCRA9w==
12-07 16:27:35.827 23284-23284/com.example.xiaobai.aes I/AES decode text is: hello AES!