版权声明:本文为博主原创文章,转载请标明出处。 https://blog.csdn.net/chaoyu168/article/details/78742974
概念不再罗嗦,百度。主要就是三步:创建Cipher对象,初始化Cipher,加密解密
AES加密算法模式有四种:ECB、CBC、CFB、OFB
要想AES加密,至少需要一个16位的密钥,如果是非ECB模式的加密,至少还得需要密钥偏移量。
AES工具类:
package com.example.xiaobai.aes;
import android.util.Log;
import java.io.UnsupportedEncodingException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidKeySpecException;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;
/**
* Created by xiaobai on 2017/12/7/007.
*/
public class AES {
private final String KEY_GENERATION_ALG = "PBEWITHSHAANDTWOFISH-CBC";
// private final String KEY_GENERATION_ALG = "PBKDF2WithHmacSHA1";
private final int HASH_ITERATIONS = 10000;
private final int KEY_LENGTH = 128;
private char[] humanPassphrase = { 'P', 'e', 'r', ' ', 'v', 'a', 'l', 'l',
'u', 'm', ' ', 'd', 'u', 'c', 'e', 's', ' ', 'L', 'a', 'b', 'a',
'n', 't' };// per vallum duces labant
private byte[] salt = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0xA, 0xB, 0xC, 0xD,
0xE, 0xF }; // must save this for next time we want the key
private PBEKeySpec myKeyspec = new PBEKeySpec(humanPassphrase, salt,
HASH_ITERATIONS, KEY_LENGTH);
private final String CIPHERMODEPADDING = "AES/CBC/PKCS5Padding";// AES/CBC/PKCS7Padding
private SecretKeyFactory keyfactory = null;
private SecretKey sk = null;
private SecretKeySpec skforAES = null;
private static String ivParameter = "1234567890123456";// 密钥默认偏移,可更改
// private byte[] iv = { 0xA, 1, 0xB, 5, 4, 0xF, 7, 9, 0x17, 3, 1, 6, 8,
// 0xC,
// 0xD, 91 };
private byte[] iv = ivParameter.getBytes();
private IvParameterSpec IV;
String sKey = "1234567890123456";// key必须为16位,可更改为自己的key
public AES() {
try {
keyfactory = SecretKeyFactory.getInstance(KEY_GENERATION_ALG);
sk = keyfactory.generateSecret(myKeyspec);
} catch (NoSuchAlgorithmException nsae) {
Log.e("AESdemo",
"no key factory support for PBEWITHSHAANDTWOFISH-CBC");
} catch (InvalidKeySpecException ikse) {
Log.e("AESdemo", "invalid key spec for PBEWITHSHAANDTWOFISH-CBC");
}
// This is our secret key. We could just save this to a file instead of
// regenerating it
// each time it is needed. But that file cannot be on the device (too
// insecure). It could
// be secure if we kept it on a server accessible through https.
// byte[] skAsByteArray = sk.getEncoded();
byte[] skAsByteArray;
try {
skAsByteArray = sKey.getBytes("ASCII");
skforAES = new SecretKeySpec(skAsByteArray, "AES");
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
}
IV = new IvParameterSpec(iv);
}
public String encrypt(byte[] plaintext) {
byte[] ciphertext = encrypt(CIPHERMODEPADDING, skforAES, IV, plaintext);
String base64_ciphertext = Base64.encode(ciphertext);
return base64_ciphertext;
}
public String decrypt(String ciphertext_base64) {
byte[] s = Base64.decode(ciphertext_base64);
String decrypted = new String(decrypt(CIPHERMODEPADDING, skforAES, IV,
s));
return decrypted;
}
// Use this method if you want to add the padding manually
// AES deals with messages in blocks of 16 bytes.
// This method looks at the length of the message, and adds bytes at the end
// so that the entire message is a multiple of 16 bytes.
// the padding is a series of bytes, each set to the total bytes added (a
// number in range 1..16).
private byte[] addPadding(byte[] plain) {
byte plainpad[] = null;
int shortage = 16 - (plain.length % 16);
// if already an exact multiple of 16, need to add another block of 16
// bytes
if (shortage == 0)
shortage = 16;
// reallocate array bigger to be exact multiple, adding shortage bits.
plainpad = new byte[plain.length + shortage];
for (int i = 0; i < plain.length; i++) {
plainpad[i] = plain[i];
}
for (int i = plain.length; i < plain.length + shortage; i++) {
plainpad[i] = (byte) shortage;
}
return plainpad;
}
// Use this method if you want to remove the padding manually
// This method removes the padding bytes
private byte[] dropPadding(byte[] plainpad) {
byte plain[] = null;
int drop = plainpad[plainpad.length - 1]; // last byte gives number of
// bytes to drop
// reallocate array smaller, dropping the pad bytes.
plain = new byte[plainpad.length - drop];
for (int i = 0; i < plain.length; i++) {
plain[i] = plainpad[i];
plainpad[i] = 0; // don't keep a copy of the decrypt
}
return plain;
}
private byte[] encrypt(String cmp, SecretKey sk, IvParameterSpec IV,
byte[] msg) {
try {
Cipher c = Cipher.getInstance(cmp);
c.init(Cipher.ENCRYPT_MODE, sk, IV);
return c.doFinal(msg);
} catch (NoSuchAlgorithmException nsae) {
Log.e("AESdemo", "no cipher getinstance support for " + cmp);
} catch (NoSuchPaddingException nspe) {
Log.e("AESdemo", "no cipher getinstance support for padding " + cmp);
} catch (InvalidKeyException e) {
Log.e("AESdemo", "invalid key exception");
} catch (InvalidAlgorithmParameterException e) {
Log.e("AESdemo", "invalid algorithm parameter exception");
} catch (IllegalBlockSizeException e) {
Log.e("AESdemo", "illegal block size exception");
} catch (BadPaddingException e) {
Log.e("AESdemo", "bad padding exception");
}
return null;
}
private byte[] decrypt(String cmp, SecretKey sk, IvParameterSpec IV,
byte[] ciphertext) {
try {
Cipher c = Cipher.getInstance(cmp);
c.init(Cipher.DECRYPT_MODE, sk, IV);
return c.doFinal(ciphertext);
} catch (NoSuchAlgorithmException nsae) {
Log.e("AESdemo", "no cipher getinstance support for " + cmp);
} catch (NoSuchPaddingException nspe) {
Log.e("AESdemo", "no cipher getinstance support for padding " + cmp);
} catch (InvalidKeyException e) {
Log.e("AESdemo", "invalid key exception");
} catch (InvalidAlgorithmParameterException e) {
Log.e("AESdemo", "invalid algorithm parameter exception");
} catch (IllegalBlockSizeException e) {
Log.e("AESdemo", "illegal block size exception");
} catch (BadPaddingException e) {
Log.e("AESdemo", "bad padding exception");
e.printStackTrace();
}
return null;
}
}Base64:
package com.example.xiaobai.aes;
/**
* Created by xiaobai on 2017/12/7/007.
*/
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.OutputStream;
public class Base64 {
private static final char[] legalChars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"
.toCharArray();
public static String encode(byte[] data) {
int start = 0;
int len = data.length;
StringBuffer buf = new StringBuffer(data.length * 3 / 2);
int end = len - 3;
int i = start;
int n = 0;
while (i <= end) {
int d = ((((int) data[i]) & 0x0ff) << 16)
| ((((int) data[i + 1]) & 0x0ff) << 8)
| (((int) data[i + 2]) & 0x0ff);
buf.append(legalChars[(d >> 18) & 63]);
buf.append(legalChars[(d >> 12) & 63]);
buf.append(legalChars[(d >> 6) & 63]);
buf.append(legalChars[d & 63]);
i += 3;
if (n++ >= 14) {
n = 0;
buf.append(" ");
}
}
if (i == start + len - 2) {
int d = ((((int) data[i]) & 0x0ff) << 16)
| ((((int) data[i + 1]) & 255) << 8);
buf.append(legalChars[(d >> 18) & 63]);
buf.append(legalChars[(d >> 12) & 63]);
buf.append(legalChars[(d >> 6) & 63]);
buf.append("=");
} else if (i == start + len - 1) {
int d = (((int) data[i]) & 0x0ff) << 16;
buf.append(legalChars[(d >> 18) & 63]);
buf.append(legalChars[(d >> 12) & 63]);
buf.append("==");
}
return buf.toString();
}
private static int decode(char c) {
if (c >= 'A' && c <= 'Z')
return ((int) c) - 65;
else if (c >= 'a' && c <= 'z')
return ((int) c) - 97 + 26;
else if (c >= '0' && c <= '9')
return ((int) c) - 48 + 26 + 26;
else
switch (c) {
case '+':
return 62;
case '/':
return 63;
case '=':
return 0;
default:
throw new RuntimeException("unexpected code: " + c);
}
}
/**
* Decodes the given Base64 encoded String to a new byte array. The byte
* array holding the decoded data is returned.
*/
public static byte[] decode(String s) {
ByteArrayOutputStream bos = new ByteArrayOutputStream();
try {
decode(s, bos);
} catch (IOException e) {
throw new RuntimeException();
}
byte[] decodedBytes = bos.toByteArray();
try {
bos.close();
bos = null;
} catch (IOException ex) {
System.err.println("Error while decoding BASE64: " + ex.toString());
}
return decodedBytes;
}
private static void decode(String s, OutputStream os) throws IOException {
int i = 0;
int len = s.length();
while (true) {
while (i < len && s.charAt(i) <= ' ')
i++;
if (i == len)
break;
int tri = (decode(s.charAt(i)) << 18)
+ (decode(s.charAt(i + 1)) << 12)
+ (decode(s.charAt(i + 2)) << 6)
+ (decode(s.charAt(i + 3)));
os.write((tri >> 16) & 255);
if (s.charAt(i + 2) == '=')
break;
os.write((tri >> 8) & 255);
if (s.charAt(i + 3) == '=')
break;
os.write(tri & 255);
i += 4;
}
}
}
主函数调用:
import android.os.Bundle;
import android.support.v7.app.AppCompatActivity;
import android.util.Log;
public class MainActivity extends AppCompatActivity {
@Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_main);
String input = "hello AES!";
byte[] mBytes = null;
AES mAes = new AES();
try {
mBytes = input.getBytes("UTF8");
String enString = mAes.encrypt(mBytes);
Log.i("AES encode text is ", enString);
String deString = mAes.decrypt(enString);
Log.i("AES decode text is ", deString);
} catch (Exception e) {
}
}
}打印的结果:
12-07 16:27:35.826 23284-23284/com.example.xiaobai.aes I/AES encode text is: 7P9hogAc+Mn0QKyGRCRA9w==
12-07 16:27:35.827 23284-23284/com.example.xiaobai.aes I/AES decode text is: hello AES!
![[RK3568][Android11]FDE(全磁盘加密)FBE(全文件加密)简介](https://ucc.alicdn.com/pic/developer-ecology/flpoyxxpghoxi_de8ea1c639164ff2b9ea5e1c4c74f7bf.jpg?x-oss-process=image/resize,h_160,m_lfit)