我正在使用 Volley 将数据发送到我的服务器,并将所有必要的数据放入 stringRequest 的 header 和正文中。
发送请求后,我可以使用 WireShark 捕获数据包,并且可以从 header 中的 token 查看所有已发送的数据正文中的所有字段(userId 等)。
如何使用 Volley 在网络连接中使用加密?
有没有办法加密请求头和请求体中的数据?
最佳答案
可以使用AES算法
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
public class AESEncryptionDecryption {
private static final byte[] keyValue =
new byte[]{'c', 'o', 'd', 'i', 'n', 'g', 'a', 'f', 'f', 'a', 'i', 'r', 's', 'c', 'o', 'm'};
public static String encrypt(String cleartext)
throws Exception {
byte[] rawKey = getRawKey();
byte[] result = encrypt(rawKey, cleartext.getBytes());
return toHex(result);
}
public static String decrypt(String encrypted)
throws Exception {
byte[] enc = toByte(encrypted);
byte[] result = decrypt(enc);
return new String(result);
}
private static byte[] getRawKey() throws Exception {
SecretKey key = new SecretKeySpec(keyValue, "AES");
byte[] raw = key.getEncoded();
return raw;
}
private static byte[] encrypt(byte[] raw, byte[] clear) throws Exception {
SecretKey skeySpec = new SecretKeySpec(raw, "AES");
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.ENCRYPT_MODE, skeySpec);
byte[] encrypted = cipher.doFinal(clear);
return encrypted;
}
private static byte[] decrypt(byte[] encrypted)
throws Exception {
SecretKey skeySpec = new SecretKeySpec(keyValue, "AES");
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.DECRYPT_MODE, skeySpec);
byte[] decrypted = cipher.doFinal(encrypted);
return decrypted;
}
public static byte[] toByte(String hexString) {
int len = hexString.length() / 2;
byte[] result = new byte[len];
for (int i = 0; i < len; i++)
result[i] = Integer.valueOf(hexString.substring(2 * i, 2 * i + 2),
16).byteValue();
return result;
}
public static String toHex(byte[] buf) {
if (buf == null)
return "";
StringBuffer result = new StringBuffer(2 * buf.length);
for (int i = 0; i < buf.length; i++) {
appendHex(result, buf[i]);
}
return result.toString();
}
private final static String HEX = "0123456789ABCDEF";
private static void appendHex(StringBuffer sb, byte b) {
sb.append(HEX.charAt((b >> 4) & 0x0f)).append(HEX.charAt(b & 0x0f));
}
加密用这个方法
String encrypted = "";
try {
encrypted = AESEncryptionDecryption.encrypt(plain_text);
Log.d(Constants.firebase_app, "encrypted:" + encrypted);
} catch (Exception e) {
e.printStackTrace();
}
解密用这个方法
String decrypted = "";
try {
decrypted = AESEncryptionDecryption.decrypt(encrypted);
Log.d(Constants.firebase_app, "decrypted:" + decrypted);
} catch (Exception e) {
e.printStackTrace();
}
关于android - 对 http 请求进行 Volley 加密,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/47198539/