android 之 AES加密 解密
之前呢,一直用md5加密,感覺不是很高,並且還容易泄密,聽說有被攻擊的可能,所以最近研究了下AES(有寫只是自己的見解,請大家勿噴啊)
不多說了,在app中一般的家裏都在登錄和修改用戶這裏
我在這裏去說下,我在這裏爲什麼要使用他,使用的時間間隔在7天
廢話不多說了 直接上代碼吧 《如果有問題的可以在我博客裏留言,可以相互討論學習》
公共方法 Utils
/** * 連接字符串 * @param join * @param strAry * @return */ public static String join(String join, String[] strAry) { StringBuffer sb = new StringBuffer(); for (int i = 0; i < strAry.length; i++) { if (i == (strAry.length - 1)) { sb.append(strAry[i]); } else { sb.append(strAry[i]).append(join); } } return new String(sb); } /** * 時間見個 * @return */ public static String getUtc() { SimpleDateFormat df = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");//設置日期格式 Date curDate = new Date(System.currentTimeMillis());//獲取當前時間 String date=df.format(curDate); try { Date d1 = df.parse(date); Date d2 = df.parse("1970-01-01 00:00:00"); long diff = d1.getTime() - d2.getTime(); long days = diff / 1000; return String.valueOf(days); } catch (Exception e) { e.printStackTrace(); } return ""; }
AesOperator類
import javax.crypto.Cipher; import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.SecretKeySpec; import Decoder.BASE64Decoder; import Decoder.BASE64Encoder; /** * Created by FlyMe0116 on 2016/4/13 0013. * <p> * AES 是一種可逆加密算法,對用戶的敏感信息加密處理 對原始數據進行AES加密後,在進行Base64編碼轉化; */ public class AESOperator { /* * 加密用的Key 可以用26個字母和數字組成 此處使用AES-128-CBC加密模式,key需要爲16位。 */ public static String sKey = "flyMe2016"; public static String ivParameter = "0183539607427309"; private static AESOperator instance = null; private AESOperator() { } public static AESOperator getInstance() { if (instance == null) instance = new AESOperator(); return instance; } public static String Encrypt(String encData, String secretKey, String vector) throws Exception { if (secretKey == null) { return null; } if (secretKey.length() != 16) { return null; } Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); byte[] raw = secretKey.getBytes(); SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES"); IvParameterSpec iv = new IvParameterSpec(vector.getBytes());// 使用CBC模式,需要一個向量iv,可增加加密算法的強度 cipher.init(Cipher.ENCRYPT_MODE, skeySpec, iv); byte[] encrypted = cipher.doFinal(encData.getBytes("utf-8")); return new BASE64Encoder().encode(encrypted);// 此處使用BASE64做轉碼。 } // 加密 public static String encrypt(String sSrc) throws Exception { Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); byte[] raw = sKey.getBytes(); SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES"); IvParameterSpec iv = new IvParameterSpec(ivParameter.getBytes());// 使用CBC模式,需要一個向量iv,可增加加密算法的強度 cipher.init(Cipher.ENCRYPT_MODE, skeySpec, iv); byte[] encrypted = cipher.doFinal(sSrc.getBytes("utf-8")); return new BASE64Encoder().encode(encrypted);// 此處使用BASE64做轉碼。 } // 解密 public String decrypt(String sSrc) throws Exception { try { byte[] raw = sKey.getBytes("ASCII"); SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES"); Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); IvParameterSpec iv = new IvParameterSpec(ivParameter.getBytes()); cipher.init(Cipher.DECRYPT_MODE, skeySpec, iv); byte[] encrypted1 = new BASE64Decoder().decodeBuffer(sSrc);// 先用base64解密 byte[] original = cipher.doFinal(encrypted1); String originalString = new String(original, "utf-8"); return originalString; } catch (Exception ex) { return null; } } public String decrypt(String sSrc, String key, String ivs) throws Exception { try { byte[] raw = key.getBytes("ASCII"); SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES"); Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); IvParameterSpec iv = new IvParameterSpec(ivs.getBytes()); cipher.init(Cipher.DECRYPT_MODE, skeySpec, iv); byte[] encrypted1 = new BASE64Decoder().decodeBuffer(sSrc);// 先用base64解密 byte[] original = cipher.doFinal(encrypted1); String originalString = new String(original, "utf-8"); return originalString; } catch (Exception ex) { return null; } } public static String encodeBytes(byte[] bytes) { StringBuffer strBuf = new StringBuffer(); for (int i = 0; i < bytes.length; i++) { strBuf.append((char) (((bytes[i] >> 4) & 0xF) + ((int) 'a'))); strBuf.append((char) (((bytes[i]) & 0xF) + ((int) 'a'))); } return strBuf.toString(); } public static void main(String[] args) throws Exception { // 需要加密的字串 String cSrc = "[{\"request_no\":\"1001\",\"service_code\":\"FS0001\",\"contract_id\":\"100002\",\"order_id\":\"0\",\"phone_id\":\"13913996922\",\"plat_offer_id\":\"100094\",\"channel_id\":\"1\",\"activity_id\":\"100045\"}]"; // 加密 long lStart = System.currentTimeMillis(); String enString = AESOperator1.getInstance().encrypt(cSrc); System.out.println("加密後的字串是:" + enString); long lUseTime = System.currentTimeMillis() - lStart; System.out.println("加密耗時:" + lUseTime + "毫秒"); // 解密 lStart = System.currentTimeMillis(); String DeString = AESOperator1.getInstance().decrypt(enString); System.out.println("解密後的字串是:" + DeString); lUseTime = System.currentTimeMillis() - lStart; System.out.println("解密耗時:" + lUseTime + "毫秒"); } }
Example 類
/** * Created by FlyMe0116 on 2016/4/9 0009. * json web token example */ public class Example { public static String newuserAppId = "100110"; public static String newuserAppUser = "flyMeAndroid"; public static String url = "http://192.168.1.15:8090/api/Auth/GetAccessToken?"; static String DUOSHUO_SHORTNAME = "test"; static String DUOSHUO_SECRET = "3d990d2276917dfac04467df11fff26d"; public static void main(String[] args) { test2(); } private void test1() { JSONObject userInfo = new JSONObject(); userInfo.put("short_name", DUOSHUO_SHORTNAME);//必須項 userInfo.put("user_key", "1");//必須項 userInfo.put("name", "網站用戶A");//可選項 Payload payload = new Payload(userInfo); JWSHeader header = new JWSHeader(JWSAlgorithm.HS256); header.setContentType("jwt"); // Create JWS object JWSObject jwsObject = new JWSObject(header, payload); // Create HMAC signer JWSSigner signer = new MACSigner(DUOSHUO_SECRET.getBytes()); try { jwsObject.sign(signer); } catch (JOSEException e) { System.err.println("Couldn't sign JWS object: " + e.getMessage()); return; } // Serialise JWS object to compact format String token = jwsObject.serialize(); System.out.println("Serialised JWS object: " + token); //示例輸出結果爲eyJhbGciOiJIUzI1NiIsImN0eSI6Imp3dCJ9.eyJ1c2VyX2tleSI6IjEiLCJuYW1lIjoi572R56uZ55So5oi3QSIsInNob3J0X25hbWUiOiJ0ZXN0In0.NXKDXwXThzFkyfl_k_-p6mfM5cpOFppvfdIjrjEq14I } private static void test2() { String timeStamp = Utils.getUtc(); System.out.println("===" + timeStamp); try { String signature = signatureString("flyMe2016", timeStamp, newuserAppId); String appended = "&signature=" + signature + "×tamp=" + timeStamp + "&username=" + newuserAppUser + "&appid=" + newuserAppId; String queryUrl = url + appended; System.out.println(queryUrl); } catch (Exception e) { e.printStackTrace(); } } private static String signatureString(String appSecret, String timeStamp, String appId) throws Exception { String[] arrTmp = {appId, appSecret, timeStamp}; Arrays.sort(arrTmp); String tmpStr = Utils.join("", arrTmp);//arrTmp[0]+arrTmp[1]+arrTmp[2]; //tmpStr = AESOperator.encrypt(tmpStr); System.out.println("===" + tmpStr); tmpStr = AESOperator1.encrypt(tmpStr); System.out.println("===" + tmpStr); return URLEncoder.encode(tmpStr,"UTF-8"); // return Uri.encode(tmpStr); // URLEncoder.encode(string, "UTF-8"); //return Uri.encode(tmpStr, "UTF-8"); } }