我正在开发一个 android 应用程序,我需要对它的一个方面使用加密。我对我使用的算法(AES、DES、RSA 等)真的漠不关心。我知道 Java 有一个加密包,但我一点也不熟悉。有人可以发布一个关于如何执行加密/解密功能的示例吗?
最佳答案
java AES 库中有一个缺陷,它允许监听器在适当的情况下解密发送的数据包。见 Padding Oracle Exploit Tool vs Apache MyFaces .
话虽如此,请查看此 SO 问题 Java 256bit AES Encryption .
Bouncy CaSTLe AES 示例被盗取自:http://www.java2s.com/Code/Java/Security/EncryptionanddecryptionwithAESECBPKCS7Padding.htm
import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;
public class MainClass {
public static void main(String[] args) throws Exception {
Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
byte[] input = "www.java2s.com".getBytes();
byte[] keyBytes = new byte[] { 0x00, 0x01, 0x02, 0x03, 0x04,
0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c,
0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14,
0x15, 0x16, 0x17 };
SecretKeySpec key = new SecretKeySpec(keyBytes, "AES");
Cipher cipher = Cipher.getInstance("AES/ECB/PKCS7Padding", "BC");
System.out.println(new String(input));
// encryption pass
cipher.init(Cipher.ENCRYPT_MODE, key);
byte[] cipherText = new byte[cipher.getOutputSize(input.length)];
int ctLength = cipher.update(input, 0, input.length, cipherText, 0);
ctLength += cipher.doFinal(cipherText, ctLength);
System.out.println(new String(cipherText));
System.out.println(ctLength);
// decryption pass
cipher.init(Cipher.DECRYPT_MODE, key);
byte[] plainText = new byte[cipher.getOutputSize(ctLength)];
int ptLength = cipher.update(cipherText, 0, ctLength, plainText, 0);
ptLength += cipher.doFinal(plainText, ptLength);
System.out.println(new String(plainText));
System.out.println(ptLength);
}
}
关于java - 安卓加密,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/3150830/