android 之 AES加密 解密
之前呢,一直用md5加密,感觉不是很高,并且还容易泄密,听说有被攻击的可能,所以最近研究了下AES(有写只是自己的见解,请大家勿喷啊)
不多说了,在app中一般的家里都在登录和修改用户这里
我在这里去说下,我在这里为什么要使用他,使用的时间间隔在7天
废话不多说了 直接上代码吧 《如果有问题的可以在我博客里留言,可以相互讨论学习》
公共方法 Utils
/** * 连接字符串 * @param join * @param strAry * @return */ public static String join(String join, String[] strAry) { StringBuffer sb = new StringBuffer(); for (int i = 0; i < strAry.length; i++) { if (i == (strAry.length - 1)) { sb.append(strAry[i]); } else { sb.append(strAry[i]).append(join); } } return new String(sb); } /** * 时间见个 * @return */ public static String getUtc() { SimpleDateFormat df = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");//设置日期格式 Date curDate = new Date(System.currentTimeMillis());//获取当前时间 String date=df.format(curDate); try { Date d1 = df.parse(date); Date d2 = df.parse("1970-01-01 00:00:00"); long diff = d1.getTime() - d2.getTime(); long days = diff / 1000; return String.valueOf(days); } catch (Exception e) { e.printStackTrace(); } return ""; }
AesOperator类
import javax.crypto.Cipher; import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.SecretKeySpec; import Decoder.BASE64Decoder; import Decoder.BASE64Encoder; /** * Created by FlyMe0116 on 2016/4/13 0013. * <p> * AES 是一种可逆加密算法,对用户的敏感信息加密处理 对原始数据进行AES加密后,在进行Base64编码转化; */ public class AESOperator { /* * 加密用的Key 可以用26个字母和数字组成 此处使用AES-128-CBC加密模式,key需要为16位。 */ public static String sKey = "flyMe2016"; public static String ivParameter = "0183539607427309"; private static AESOperator instance = null; private AESOperator() { } public static AESOperator getInstance() { if (instance == null) instance = new AESOperator(); return instance; } public static String Encrypt(String encData, String secretKey, String vector) throws Exception { if (secretKey == null) { return null; } if (secretKey.length() != 16) { return null; } Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); byte[] raw = secretKey.getBytes(); SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES"); IvParameterSpec iv = new IvParameterSpec(vector.getBytes());// 使用CBC模式,需要一个向量iv,可增加加密算法的强度 cipher.init(Cipher.ENCRYPT_MODE, skeySpec, iv); byte[] encrypted = cipher.doFinal(encData.getBytes("utf-8")); return new BASE64Encoder().encode(encrypted);// 此处使用BASE64做转码。 } // 加密 public static String encrypt(String sSrc) throws Exception { Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); byte[] raw = sKey.getBytes(); SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES"); IvParameterSpec iv = new IvParameterSpec(ivParameter.getBytes());// 使用CBC模式,需要一个向量iv,可增加加密算法的强度 cipher.init(Cipher.ENCRYPT_MODE, skeySpec, iv); byte[] encrypted = cipher.doFinal(sSrc.getBytes("utf-8")); return new BASE64Encoder().encode(encrypted);// 此处使用BASE64做转码。 } // 解密 public String decrypt(String sSrc) throws Exception { try { byte[] raw = sKey.getBytes("ASCII"); SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES"); Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); IvParameterSpec iv = new IvParameterSpec(ivParameter.getBytes()); cipher.init(Cipher.DECRYPT_MODE, skeySpec, iv); byte[] encrypted1 = new BASE64Decoder().decodeBuffer(sSrc);// 先用base64解密 byte[] original = cipher.doFinal(encrypted1); String originalString = new String(original, "utf-8"); return originalString; } catch (Exception ex) { return null; } } public String decrypt(String sSrc, String key, String ivs) throws Exception { try { byte[] raw = key.getBytes("ASCII"); SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES"); Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); IvParameterSpec iv = new IvParameterSpec(ivs.getBytes()); cipher.init(Cipher.DECRYPT_MODE, skeySpec, iv); byte[] encrypted1 = new BASE64Decoder().decodeBuffer(sSrc);// 先用base64解密 byte[] original = cipher.doFinal(encrypted1); String originalString = new String(original, "utf-8"); return originalString; } catch (Exception ex) { return null; } } public static String encodeBytes(byte[] bytes) { StringBuffer strBuf = new StringBuffer(); for (int i = 0; i < bytes.length; i++) { strBuf.append((char) (((bytes[i] >> 4) & 0xF) + ((int) 'a'))); strBuf.append((char) (((bytes[i]) & 0xF) + ((int) 'a'))); } return strBuf.toString(); } public static void main(String[] args) throws Exception { // 需要加密的字串 String cSrc = "[{\"request_no\":\"1001\",\"service_code\":\"FS0001\",\"contract_id\":\"100002\",\"order_id\":\"0\",\"phone_id\":\"13913996922\",\"plat_offer_id\":\"100094\",\"channel_id\":\"1\",\"activity_id\":\"100045\"}]"; // 加密 long lStart = System.currentTimeMillis(); String enString = AESOperator1.getInstance().encrypt(cSrc); System.out.println("加密后的字串是:" + enString); long lUseTime = System.currentTimeMillis() - lStart; System.out.println("加密耗时:" + lUseTime + "毫秒"); // 解密 lStart = System.currentTimeMillis(); String DeString = AESOperator1.getInstance().decrypt(enString); System.out.println("解密后的字串是:" + DeString); lUseTime = System.currentTimeMillis() - lStart; System.out.println("解密耗时:" + lUseTime + "毫秒"); } }
Example 类
/** * Created by FlyMe0116 on 2016/4/9 0009. * json web token example */ public class Example { public static String newuserAppId = "100110"; public static String newuserAppUser = "flyMeAndroid"; public static String url = "http://192.168.1.15:8090/api/Auth/GetAccessToken?"; static String DUOSHUO_SHORTNAME = "test"; static String DUOSHUO_SECRET = "3d990d2276917dfac04467df11fff26d"; public static void main(String[] args) { test2(); } private void test1() { JSONObject userInfo = new JSONObject(); userInfo.put("short_name", DUOSHUO_SHORTNAME);//必须项 userInfo.put("user_key", "1");//必须项 userInfo.put("name", "网站用户A");//可选项 Payload payload = new Payload(userInfo); JWSHeader header = new JWSHeader(JWSAlgorithm.HS256); header.setContentType("jwt"); // Create JWS object JWSObject jwsObject = new JWSObject(header, payload); // Create HMAC signer JWSSigner signer = new MACSigner(DUOSHUO_SECRET.getBytes()); try { jwsObject.sign(signer); } catch (JOSEException e) { System.err.println("Couldn't sign JWS object: " + e.getMessage()); return; } // Serialise JWS object to compact format String token = jwsObject.serialize(); System.out.println("Serialised JWS object: " + token); //示例输出结果为eyJhbGciOiJIUzI1NiIsImN0eSI6Imp3dCJ9.eyJ1c2VyX2tleSI6IjEiLCJuYW1lIjoi572R56uZ55So5oi3QSIsInNob3J0X25hbWUiOiJ0ZXN0In0.NXKDXwXThzFkyfl_k_-p6mfM5cpOFppvfdIjrjEq14I } private static void test2() { String timeStamp = Utils.getUtc(); System.out.println("===" + timeStamp); try { String signature = signatureString("flyMe2016", timeStamp, newuserAppId); String appended = "&signature=" + signature + "×tamp=" + timeStamp + "&username=" + newuserAppUser + "&appid=" + newuserAppId; String queryUrl = url + appended; System.out.println(queryUrl); } catch (Exception e) { e.printStackTrace(); } } private static String signatureString(String appSecret, String timeStamp, String appId) throws Exception { String[] arrTmp = {appId, appSecret, timeStamp}; Arrays.sort(arrTmp); String tmpStr = Utils.join("", arrTmp);//arrTmp[0]+arrTmp[1]+arrTmp[2]; //tmpStr = AESOperator.encrypt(tmpStr); System.out.println("===" + tmpStr); tmpStr = AESOperator1.encrypt(tmpStr); System.out.println("===" + tmpStr); return URLEncoder.encode(tmpStr,"UTF-8"); // return Uri.encode(tmpStr); // URLEncoder.encode(string, "UTF-8"); //return Uri.encode(tmpStr, "UTF-8"); } }