PublicKey keyPublic = kf.generatePublic(keySpec);
// 加密数据
Cipher cp = Cipher.getInstance(ECB_PKCS1_PADDING);
cp.init(Cipher.ENCRYPT_MODE, keyPublic);
return cp.doFinal(data);
}
/**
-
私钥加密
-
@param data 待加密数据
-
@param privateKey 密钥
-
@return byte[] 加密数据
*/
public static byte[] encryptByPrivateKey(byte[] data, byte[] privateKey) throws Exception {
// 得到私钥
PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(privateKey);
KeyFactory kf = KeyFactory.getInstance(SecurityConstants.TYPE_RSA);
PrivateKey keyPrivate = kf.generatePrivate(keySpec);
// 数据加密
Cipher cipher = Cipher.getInstance(ECB_PKCS1_PADDING);
cipher.init(Cipher.ENCRYPT_MODE, keyPrivate);
return cipher.doFinal(data);
}
/**
-
公钥解密
-
@param data 待解密数据
-
@param publicKey 密钥
-
@return byte[] 解密数据
*/
public static byte[] decryptByPublicKey(byte[] data, byte[] publicKey) throws Exception {
// 得到公钥
X509EncodedKeySpec keySpec = new X509EncodedKeySpec(publicKey);
KeyFactory kf = KeyFactory.getInstance(SecurityConstants.TYPE_RSA);
PublicKey keyPublic = kf.generatePublic(keySpec);
// 数据解密
Cipher cipher = Cipher.getInstance(ECB_PKCS1_PADDING);
cipher.init(Cipher.DECRYPT_MODE, keyPublic);
return cipher.doFinal(data);
}
/**
- 使用私钥进行解密
*/
public static byte[] decryptByPrivateKey(byte[] encrypted) throws Exception {
KeyStore ks = KeyStore.getInstance(“AndroidKeyStore”);
ks.load(null);
if (mAlias == null) {
setAlias(SAMPLE_ALIAS);
}
//从Android加载密钥对密钥存储库中
KeyStore.Entry entry = ks.getEntry(mAlias, null);
if (entry == null) {
return null;
}
if (!(entry instanceof KeyStore.PrivateKeyEntry)) {
return null;
}
PrivateKey keyPrivate = ((KeyStore.PrivateKeyEntry) entry).getPrivateKey();
// 解密数据
Cipher cp = Cipher.getInstance(ECB_PKCS1_PADDING);
cp.init(Cipher.DECRYPT_MODE, keyPrivate);
byte[] arr = cp.doFinal(encrypted);
return arr;
}
/**
- 用公钥对字符串进行分段加密
*/
public static byte[] encryptByPublicKeyForSpilt(byte[] data, byte[] publicKey) throws Exception {
int dataLen = data.length;
if (dataLen <= DEFAULT_BUFFERSIZE) {
return encryptByPublicKey(data, publicKey);
}
List allBytes = new ArrayList(2048);
int bufIndex = 0;
int subDataLoop = 0;
byte[] buf = new byte[DEFAULT_BUFFERSIZE];
for (int i = 0; i < dataLen; i++) {
buf[bufIndex] = data[i];
if (++bufIndex == DEFAULT_BUFFERSIZE || i == dataLen - 1) {
subDataLoop++;
if (subDataLoop != 1) {
for (byte b : DEFAULT_SPLIT) {
allBytes.add(b);
}
}
byte[] encryptBytes = encryptByPublicKey(buf, publicKey);
for (byte b : encryptBytes) {
allBytes.add(b);
}
bufIndex = 0;
if (i == dataLen - 1) {
buf = null;
} else {
buf = new byte[Math.min(DEFAULT_BUFFERSIZE, dataLen - i - 1)];
}
}
}
byte[] bytes = new byte[allBytes.size()];
{
int i = 0;
for (Byte b : allBytes) {
bytes[i++] = b.byteValue();
}
}
return bytes;
}
/**
-
分段加密
-
@param data 要加密的原始数据
-
@param privateKey 秘钥
*/
public static byte[] encryptByPrivateKeyForSpilt(byte[] data, byte[] privateKey) throws Exception {
int dataLen = data.length;
if (dataLen <= DEFAULT_BUFFERSIZE) {
return encryptByPrivateKey(data, privateKey);
}
List allBytes = new ArrayList(2048);
int bufIndex = 0;
int subDataLoop = 0;
byte[] buf = new byte[DEFAULT_BUFFERSIZE];
for (int i = 0; i < dataLen; i++) {
buf[bufIndex] = data[i];
if (++bufIndex == DEFAULT_BUFFERSIZE || i == dataLen - 1) {
subDataLoop++;
if (subDataLoop != 1) {
for (byte b : DEFAULT_SPLIT) {
allBytes.add(b);
}
}
byte[] encryptBytes = encryptByPrivateKey(buf, privateKey);
for (byte b : encryptBytes) {
allBytes.add(b);
}
bufIndex = 0;
if (i == dataLen - 1) {
buf = null;
} else {
buf = new byte[Math.min(DEFAULT_BUFFERSIZE, dataLen - i - 1)];
}
}
}
byte[] bytes = new byte[allBytes.size()];
{
int i = 0;
for (Byte b : allBytes) {
bytes[i++] = b.byteValue();
}
}
return bytes;
}
/**
-
公钥分段解密
-
@param encrypted 待解密数据
-
@param publicKey 密钥
*/
public static byte[] decryptByPublicKeyForSpilt(byte[] encrypted, byte[] publicKey) throws Exception {
int splitLen = DEFAULT_SPLIT.length;
if (splitLen <= 0) {
return decryptByPublicKey(encrypted, publicKey);
}
int dataLen = encrypted.length;
List allBytes = new ArrayList(1024);
int latestStartIndex = 0;
for (int i = 0; i < dataLen; i++) {
byte bt = encrypted[i];
boolean isMatchSplit = false;
if (i == dataLen - 1) {
// 到data的最后了
byte[] part = new byte[dataLen - latestStartIndex];
System.arraycopy(encrypted, latestStartIndex, part, 0, part.length);
byte[] decryptPart = decryptByPublicKey(part, publicKey);
for (byte b : decryptPart) {
allBytes.add(b);
}
latestStartIndex = i + splitLen;
i = latestStartIndex - 1;
} else if (bt == DEFAULT_SPLIT[0]) {
// 这个是以split[0]开头
if (splitLen > 1) {
if (i + splitLen < dataLen) {
// 没有超出data的范围
for (int j = 1; j < splitLen; j++) {
if (DEFAULT_SPLIT[j] != encrypted[i + j]) {
break;
}
if (j == splitLen - 1) {
// 验证到split的最后一位,都没有break,则表明已经确认是split段
isMatchSplit = true;
}
}
}
} else {
// split只有一位,则已经匹配了
isMatchSplit = true;
}
}
if (isMatchSplit) {
byte[] part = new byte[i - latestStartIndex];
System.arraycopy(encrypted, latestStartIndex, part, 0, part.length);
byte[] decryptPart = decryptByPublicKey(part, publicKey);
for (byte b : decryptPart) {
allBytes.add(b);
}
latestStartIndex = i + splitLen;
i = latestStartIndex - 1;
}
}
byte[] bytes = new byte[allBytes.size()];
{
int i = 0;
for (Byte b : allBytes) {
bytes[i++] = b.byteValue();
}
}
return bytes;
}
/**
- 使用私钥分段解密
*/
public static byte[] decryptByPrivateKeyForSpilt(byte[] encrypted) throws Exception {
int splitLen = DEFAULT_SPLIT.length;
if (splitLen <= 0) {
return decryptByPrivateKey(encrypted);
}
int dataLen = encrypted.length;
List allBytes = new ArrayList(1024);
int latestStartIndex = 0;
for (int i = 0; i < dataLen; i++) {
byte bt = encrypted[i];
boolean isMatchSplit = false;
if (i == dataLen - 1) {
// 到data的最后了
byte[] part = new byte[dataLen - latestStartIndex];
System.arraycopy(encrypted, latestStartIndex, part, 0, part.length);
byte[] decryptPart = decryptByPrivateKey(part);
for (byte b : decryptPart) {
allBytes.add(b);
}
latestStartIndex = i + splitLen;
i = latestStartIndex - 1;
} else if (bt == DEFAULT_SPLIT[0]) {
// 这个是以split[0]开头
if (splitLen > 1) {
if (i + splitLen < dataLen) {
// 没有超出data的范围
for (int j = 1; j < splitLen; j++) {
if (DEFAULT_SPLIT[j] != encrypted[i + j]) {
break;
}
if (j == splitLen - 1) {
// 验证到split的最后一位,都没有break,则表明已经确认是split段
isMatchSplit = true;
}
}
}
} else {
// split只有一位,则已经匹配了
isMatchSplit = true;
}
}
if (isMatchSplit) {
byte[] part = new byte[i - latestStartIndex];
System.arraycopy(encrypted, latestStartIndex, part, 0, part.length);
byte[] decryptPart = decryptByPrivateKey(part);
for (byte b : decryptPart) {
allBytes.add(b);
}
latestStartIndex = i + splitLen;
i = latestStartIndex - 1;
}
}
byte[] bytes = new byte[allBytes.size()];
{
int i = 0;
for (Byte b : allBytes) {
bytes[i++] = b.byteValue();
}
}
return bytes;
}
/**
- 通过字符串生成私钥,转换服务器传递过来的私钥
*/
public static PrivateKey getPrivateKey(String privateKeyData) {
PrivateKey privateKey = null;
try {
byte[] decodeKey = Base64Decoder.decodeToBytes(privateKeyData);
PKCS8EncodedKeySpec x509 = new PKCS8EncodedKeySpec(decodeKey);//创建x509证书封装类
KeyFactory keyFactory = KeyFactory.getInstance(“RSA”);//指定RSA
privateKey = keyFactory.generatePrivate(x509);//生成私钥
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (InvalidKeySpecException e) {
e.printStackTrace();
}
return privateKey;
}
/**
- 通过字符串生成公钥,转换服务器传递过来的公钥
*/
public static PublicKey getPublicKey(String publicKeyData) {
PublicKey publicKey = null;
try {
byte[] decodeKey = Base64Decoder.decodeToBytes(publicKeyData);
X509EncodedKeySpec x509 = new X509EncodedKeySpec(decodeKey);
KeyFactory keyFactory = KeyFactory.getInstance(“RSA”);
publicKey = keyFactory.generatePublic(x509);
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (InvalidKeySpecException e) {
e.printStackTrace();
}
return publicKey;
}
/**
-
判断是否创建过秘钥
-
@return
-
@throws KeyStoreException
-
@throws CertificateException
-
@throws NoSuchAlgorithmException
-
@throws IOException
-
@throws UnrecoverableEntryException
*/
public static boolean isHaveKeyStore() {
try {
KeyStore ks = KeyStore.getInstance(“AndroidKeyStore”);
ks.load(null);
if (mAlias == null) {
setAlias(SAMPLE_ALIAS);
}
//从Android加载密钥对密钥存储库中
KeyStore.Entry entry = ks.getEntry(mAlias, null);
if (entry == null) {
return false;
}
} catch (KeyStoreException e) {
e.printStackTrace();
return false;
} catch (CertificateException e) {
e.printStackTrace();
return false;
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
return false;
} catch (IOException e) {
e.printStackTrace();
return false;
} catch (UnrecoverableEntryException e) {
e.printStackTrace();
return false;
}
return true;
}
/**
-
获得本地AndroidKeyStore中的公钥
-
@return
*/
public static PublicKey getLocalPublicKey() {
try {
KeyStore ks = KeyStore.getInstance(“AndroidKeyStore”);
ks.load(null);
if (mAlias == null) {
setAlias(SAMPLE_ALIAS);
}
//从Android加载密钥对密钥存储库中
KeyStore.Entry entry = ks.getEntry(mAlias, null);
if (entry == null) {
return null;
}
if (!(entry instanceof KeyStore.PrivateKeyEntry)) {
return null;
}
PublicKey publicKey = ((KeyStore.PrivateKeyEntry) entry).getCertificate().getPublicKey();
return publicKey;
} catch (KeyStoreException e) {
e.printStackTrace();
return null;
} catch (CertificateException e) {
e.printStackTrace();
return null;
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
return null;
} catch (IOException e) {
e.printStackTrace();
return null;
} catch (UnrecoverableEntryException e) {
e.printStackTrace();
return null;
}
}
}
package tsou.com.encryption.androidkeystoresign;
public class SecurityConstants {
public static final String KEYSTORE_PROVIDER_ANDROID_KEYSTORE = “AndroidKeyStore”;
public static final String TYPE_RSA = “RSA”;
public static final String TYPE_DSA = “DSA”;
public static final String TYPE_BKS = “BKS”;
public static final String SIGNATURE_SHA256withRSA = “SHA256withRSA”;
public static final String SIGNATURE_SHA512withRSA = “SHA512withRSA”;
}
- 加密封装在SPSecuredUtils秘钥中方便拿过来直接用
package tsou.com.encryption.sp;
import android.content.Context;
import android.content.SharedPreferences;
import android.util.Base64;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.security.interfaces.RSAPublicKey;
import java.util.Map;
import tsou.com.encryption.AndroidKeyStoreRSA.AndroidKeyStoreRSAUtils;
import tsou.com.encryption.aescbc.Base64Decoder;
import tsou.com.encryption.aescbc.Base64Encoder;
/**
- Created by zb666 on 2017/2/9.
*/
public class SPSecuredUtils {
/**
- 保存在手机里面的文件名
*/
public static final String FILE_NAME = “sp_secured”;
private static SharedPreferences mSharedPreferences;
/**
-
保存数据的方法,我们需要拿到保存数据的具体类型,然后根据类型调用不同的保存方法
-
@param context
-
@param key
-
@param object
-
@param publicKey
*/
public static void put(Context context, String key, Object object, RSAPublicKey publicKey) {
SharedPreferences sp = context.getSharedPreferences(FILE_NAME,
Context.MODE_PRIVATE);
SharedPreferences.Editor editor = sp.edit();
// byte[] encryptBytes = AndroidKeyStoreRSAUtils.encryptByPublicKeyForSpilt(encryptionString.getBytes(),
// publicKey.getEncoded());
try {
if (object instanceof String) {
byte[] encryptBytes = AndroidKeyStoreRSAUtils.encryptByPublicKey(((String) object).getBytes(),
publicKey.getEncoded());
editor.putString(key, Base64Encoder.encode(encryptBytes));
} else if (object instanceof Integer) {
put(context, key, Integer.toString((Integer) object), publicKey);
} else if (object instanceof Boolean) {
put(context, key, Boolean.toString((Boolean) object), publicKey);
} else if (object instanceof Float) {
put(context, key, Float.toString((Float) object), publicKey);
} else if (object instanceof Long) {
put(context, key, Long.toString((Long) object), publicKey);
} else {
put(context, key, object.toString(), publicKey);
}
SharedPreferencesCompat.apply(editor);
} catch (Exception e) {
e.printStackTrace();
}
}
/**
-
得到保存数据的方法,我们根据默认值得到保存的数据的具体类型,然后调用相对于的方法获取值
-
@param context
-
@param key
-
@param defaultObject
-
@return
*/
public static Object get(Context context, String key, Object defaultObject) {
SharedPreferences sp = context.getSharedPreferences(FILE_NAME,
Context.MODE_PRIVATE);
// byte[] decryptBytes = AndroidKeyStoreRSAUtils.decryptByPrivateKeyForSpilt(
// Base64Decoder.decodeToBytes(decodeString));
try {
if (defaultObject instanceof String) {
String string = sp.getString(key, (String) defaultObject);
if (!string.equals((String) defaultObject)) {
byte[] decryptBytes = AndroidKeyStoreRSAUtils.decryptByPrivateKey(
Base64Decoder.decodeToBytes(string));
return new String(decryptBytes);
}
return (String) defaultObject;
} else if (defaultObject instanceof Integer) {
String string = sp.getString(key, Integer.toString((Integer) defaultObject));
if (!string.equals(Integer.toString((Integer) defaultObject))) {
byte[] decryptBytes = AndroidKeyStoreRSAUtils.decryptByPrivateKey(
Base64Decoder.decodeToBytes(string));
return Integer.valueOf(new String(decryptBytes));
}
return (Integer) defaultObject;
} else if (defaultObject instanceof Boolean) {
String string = sp.getString(key, Boolean.toString((Boolean) defaultObject));
if (!string.equals(Boolean.toString((Boolean) defaultObject))) {
byte[] decryptBytes = AndroidKeyStoreRSAUtils.decryptByPrivateKey(
Base64Decoder.decodeToBytes(string));
return Boolean.valueOf(new String(decryptBytes));
}
return (Boolean) defaultObject;
} else if (defaultObject instanceof Float) {
String string = sp.getString(key, Float.toString((Float) defaultObject));
if (!string.equals(Float.toString((Float) defaultObject))) {
byte[] decryptBytes = AndroidKeyStoreRSAUtils.decryptByPrivateKey(
Base64Decoder.decodeToBytes(string));
return Float.valueOf(new String(decryptBytes));
}
return (Float) defaultObject;
} else if (defaultObject instanceof Long) {
String string = sp.getString(key, Long.toString((Long) defaultObject));
if (!string.equals(Long.toString((Long) defaultObject))) {
byte[] decryptBytes = AndroidKeyStoreRSAUtils.decryptByPrivateKey(
Base64Decoder.decodeToBytes(string));
return Long.valueOf(new String(decryptBytes));
}
return (Long) defaultObject;
}else if (defaultObject instanceof Double){
String string = sp.getString(key, Double.toString((Double) defaultObject));
if (!string.equals(Double.toString((Double) defaultObject))) {
byte[] decryptBytes = AndroidKeyStoreRSAUtils.decryptByPrivateKey(
Base64Decoder.decodeToBytes(string));
return Double.valueOf(new String(decryptBytes));
}
return (Double) defaultObject;
}
} catch (Exception e) {
e.printStackTrace();
}
return null;
}
/**
-
将对象储存到sharepreference
-
@param key
-
@param device
-
@param
*/
public static boolean saveDeviceData(Context context, String key, T device, RSAPublicKey publicKey) {
if (mSharedPreferences == null) {
mSharedPreferences = context.getSharedPreferences(FILE_NAME, Context.MODE_PRIVATE);
}
ByteArrayOutputStream baos = new ByteArrayOutputStream();
try { //Device为自定义类
// 创建对象输出流,并封装字节流
ObjectOutputStream oos = new ObjectOutputStream(baos);
// 将对象写入字节流
oos.writeObject(device);
// 将字节流编码成base64的字符串
String oAuth_Base64 = new String(Base64.encode
(baos.toByteArray(), Base64.DEFAULT));
byte[] encryptBytes = AndroidKeyStoreRSAUtils.encryptByPublicKey(oAuth_Base64.getBytes(),
publicKey.getEncoded());
mSharedPreferences.edit().putString(key, Base64Encoder.encode(encryptBytes)).apply();
return true;
} catch (Exception e) {
e.printStackTrace();
return false;
}
}
/**
最后的最后
对于程序员来说,要学习的知识内容、技术有太多太多,要想不被环境淘汰就只有不断提升自己,从来都是我们去适应环境,而不是环境来适应我们!
当你有了学习线路,学习哪些内容,也知道以后的路怎么走了,理论看多了总要实践的
最后,互联网不存在所谓的寒冬,只是你没有努力罢了!
网上学习资料一大堆,但如果学到的知识不成体系,遇到问题时只是浅尝辄止,不再深入研究,那么很难做到真正的技术提升。
一个人可以走的很快,但一群人才能走的更远!不论你是正从事IT行业的老鸟或是对IT行业感兴趣的新人,都欢迎加入我们的的圈子(技术交流、学习资源、职场吐槽、大厂内推、面试辅导),让我们一起学习成长!
ey) {
if (mSharedPreferences == null) {
mSharedPreferences = context.getSharedPreferences(FILE_NAME, Context.MODE_PRIVATE);
}
ByteArrayOutputStream baos = new ByteArrayOutputStream();
try { //Device为自定义类
// 创建对象输出流,并封装字节流
ObjectOutputStream oos = new ObjectOutputStream(baos);
// 将对象写入字节流
oos.writeObject(device);
// 将字节流编码成base64的字符串
String oAuth_Base64 = new String(Base64.encode
(baos.toByteArray(), Base64.DEFAULT));
byte[] encryptBytes = AndroidKeyStoreRSAUtils.encryptByPublicKey(oAuth_Base64.getBytes(),
publicKey.getEncoded());
mSharedPreferences.edit().putString(key, Base64Encoder.encode(encryptBytes)).apply();
return true;
} catch (Exception e) {
e.printStackTrace();
return false;
}
}
/**
最后的最后
对于程序员来说,要学习的知识内容、技术有太多太多,要想不被环境淘汰就只有不断提升自己,从来都是我们去适应环境,而不是环境来适应我们!
当你有了学习线路,学习哪些内容,也知道以后的路怎么走了,理论看多了总要实践的
[外链图片转存中…(img-gJlpKNcb-1714647565061)]
最后,互联网不存在所谓的寒冬,只是你没有努力罢了!
网上学习资料一大堆,但如果学到的知识不成体系,遇到问题时只是浅尝辄止,不再深入研究,那么很难做到真正的技术提升。
一个人可以走的很快,但一群人才能走的更远!不论你是正从事IT行业的老鸟或是对IT行业感兴趣的新人,都欢迎加入我们的的圈子(技术交流、学习资源、职场吐槽、大厂内推、面试辅导),让我们一起学习成长!