我正在尝试在我的 Android 应用程序中进行 AES 加密/解密。我尝试过像 Encryption 这样的库, java-aes-crypto以及
中描述的实现- Data Encryption and Decryption in Android ;
- Securely store user credentials (抛出最后一个字节异常);
- AES Encryption Decryption in Android
无论我使用什么方法,解密部分都与原始数据不同。我总是得到这样的结果:
03-09 21:58:33.457 30329-30329/org.androidapp.test E/ERROR: BEFORE: sDuKOoRteaEUFtA3P0SllSTCpgKJN75FuyPLxdp/ctM=
03-09 21:58:33.459 30329-30329/org.androidapp.test E/ERROR: AFTER: PBSqM3jHZhemw48wd44pKg==
我现在正在做的一个简单例子:
private static byte[] seedValue = {
0x2d, 0x2a, 0x2d, 0x42, 0x55, 0x49, 0x4c, 0x44, 0x41, 0x43, 0x4f, 0x44, 0x45, 0x2d, 0x2a, 0x2d
};
private static String ALGORITHM = "AES";
private static SecretKeySpec secretKey = new SecretKeySpec(seedValue, "AES");
public static String encrypt( String data ) throws Exception {
try {
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.ENCRYPT_MODE, secretKey);
byte[] cipherText = cipher.doFinal(data.getBytes("UTF8"));
String encryptedString = new String(Base64.encode(cipherText ,Base64.DEFAULT ) );
return encryptedString;
} catch (Exception e) {
e.printStackTrace();
}
return null;
}
public static String decrypt(String data) throws Exception {
try {
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.DECRYPT_MODE, secretKey);
byte[] cipherText = Base64.decode(data.getBytes("UTF8"), Base64.DEFAULT);
String decryptedString = new String(cipher.doFinal(cipherText),"UTF-8");
return decryptedString;
} catch (Exception e) {
e.printStackTrace();
}
return null;
}
使用这些方法的示例(使用 Jackson 来读取和写入对象):
public static void writeSecurityInfo( String fileName, POJO pojo ){
try{
FileUtil.verifyFile( fileName );
ObjectMapper mapper = new ObjectMapper();
File file = new File( Environment.getExternalStorageDirectory(), fileName );
try {
pojo.setName( CryptUtils.encrypt( pojo.getName() ) );
pojo.setAddress( CryptUtils.encrypt( pojo.getAddress() ) );
}
catch( Exception e ){
e.printStackTrace();
}
ObjectWriter writer = mapper.writer( new DefaultPrettyPrinter() );
writer.writeValue( file, securityPOJO );
}
catch( IOException e ){
e.printStackTrace();
}
}
供阅读:
public static POJO readSecurityInfo( String fileName ){
try {
File file = new File( Environment.getExternalStorageDirectory(), fileName );
ObjectMapper mapper = new ObjectMapper();
InputStream inputStream = new FileInputStream( file );
POJO pojo = mapper.readValue( inputStream, POJO.class );
Log.e("ERROR", "BEFORE: "+ pojo.getName());
securityPOJO.setName( CryptUtils.decrypt( pojo.getName() ) );
Log.e("ERROR", "AFTER: "+ pojo.getName());
pojo.setAddress( CryptUtils.decrypt( pojo.getAddress() ) );
return pojo;
}
catch( Exception e ){
e.printStackTrace();
}
return null;
}
没有成功。 使用 AES 时我做错了什么吗?
最佳答案
我没有发现您的加密和解密方法有任何错误。我用简单的文本测试了它:
try {
String test = encrypt("My name is Nam");
Log.e("TEST", "xxxx encrypted: "+ test);
Log.e("TEST", "xxxx decrypted: "+ decrypt(test));
} catch (Exception e) {
e.printStackTrace();
}
结果是正确的:
03-10 11:12:38.987 31251-31251/? E/TEST: xxxx encrypted: bR80WEK9pa3eicMjCZCtQg== 03-10 11:12:38.987 31251-31251/? E/TEST: xxxx decrypted: My name is Nam
所以,也许你写的日志不正确:
Log.e("ERROR", "AFTER: "+ pojo.getName());
应该是:
Log.e("ERROR", "AFTER: "+ securityPOJO.getName());
或
Log.e("ERROR", "AFTER: "+ CryptUtils.decrypt( pojo.getName() ));
注意:我编写了一个关于使用更安全的加密/解密的示例 in github如果你想检查的话。
关于java - Android AES 加密/解密结果不正确,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/42708450/