Android中AES密钥的生成
目前我正在为AES加密/解密生成密钥。密钥基于密码和每个用户的随机密码。我的第一个想法是用算法“PBKDF2WithHmacSHA1”创建一个SecretKeyFactory。问题是Android目前不支持它 通过搜索,我找到了埃里克森的答案,他建议出于同样的目的使用该算法()。我的问题是,如果我使用“PBEWITHSA256和256BITAES-CBC-BC”而不是“PBKDF2WithHmacSHA1”,加密过程会有多大不同?关于如何在安卓系统中以安全的方式为AES生成密钥,还有其他想法,而不仅仅是将密码与密钥中的盐进行散列(我不认为可以采用这种方法)。正如名字所说,“pbewithsha256和256biates-CBC-BC”将使用SHA256作为HMAC,而不是使用SHA1。因为这是一个不同的算法,它将为所选密码生成不同的密钥 如果您只在android上加密/解密,这应该没问题。正如名字所说,“pbewithsha256和256biates-CBC-BC”将使用SHA256作为HMAC,而不是使用SHA1。因为这是一个不同的算法,它将为所选密码生成不同的密钥 如果您只在android上加密/解密,这应该没问题。试试这个:Android中AES密钥的生成,android,eclipse,aes,Android,Eclipse,Aes,目前我正在为AES加密/解密生成密钥。密钥基于密码和每个用户的随机密码。我的第一个想法是用算法“PBKDF2WithHmacSHA1”创建一个SecretKeyFactory。问题是Android目前不支持它 通过搜索,我找到了埃里克森的答案,他建议出于同样的目的使用该算法()。我的问题是,如果我使用“PBEWITHSA256和256BITAES-CBC-BC”而不是“PBKDF2WithHmacSHA1”,加密过程会有多大不同?关于如何在安卓系统中以安全的方式为AES生成密钥,还有其他想法,而
public static String encrypt(String seed, String cleartext) throws Exception {
byte[] rawKey = getRawKey(seed.getBytes("UTF-16"));
byte[] result = encrypt(rawKey, cleartext.getBytes("UTF-16"));
return toHex(result);
}
public static String decrypt(String seed, String encrypted) throws Exception {
byte[] rawKey = getRawKey(seed.getBytes("UTF-16"));
byte[] enc = toByte(encrypted);
byte[] result = decrypt(rawKey, enc);
return new String(result);
}
private static byte[] getRawKey(byte[] seed) throws Exception {
KeyGenerator kgen = KeyGenerator.getInstance("AES");
SecureRandom sr = SecureRandom.getInstance("SHA1PRNG");
sr.setSeed(seed);
kgen.init(128, sr); // 192 and 256 bits may not be available
SecretKey skey = kgen.generateKey();
byte[] raw = skey.getEncoded();
return raw;
}
private static byte[] encrypt(byte[] raw, byte[] clear) throws Exception {
SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.ENCRYPT_MODE, skeySpec);
byte[] encrypted = cipher.doFinal(clear);
return encrypted;
}
private static byte[] decrypt(byte[] raw, byte[] encrypted) throws Exception {
SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.DECRYPT_MODE, skeySpec);
byte[] decrypted = cipher.doFinal(encrypted);
return decrypted;
}
public static String toHex(String txt) {
return toHex(txt.getBytes());
}
public static String fromHex(String hex) {
return new String(toByte(hex));
}
public static byte[] toByte(String hexString) {
int len = hexString.length()/2;
byte[] result = new byte[len];
for (int i = 0; i < len; i++)
result[i] = Integer.valueOf(hexString.substring(2*i, 2*i+2), 16).byteValue();
return result;
}
public static String toHex(byte[] buf) {
if (buf == null)
return "";
StringBuffer result = new StringBuffer(2*buf.length);
for (int i = 0; i < buf.length; i++) {
appendHex(result, buf[i]);
}
return result.toString();
}
private final static String HEX = "0123456789ABCDEF";
private static void appendHex(StringBuffer sb, byte b) {
sb.append(HEX.charAt((b>>4)&0x0f)).append(HEX.charAt(b&0x0f));
}
publicstaticstringencrypt(字符串种子、字符串明文)引发异常{
byte[]rawKey=getRawKey(seed.getBytes(“UTF-16”);
字节[]结果=加密(rawKey,cleartext.getBytes(“UTF-16”);
返回到hex(结果);
}
公共静态字符串解密(字符串种子、字符串加密)引发异常{
byte[]rawKey=getRawKey(seed.getBytes(“UTF-16”);
字节[]enc=toByte(加密);
字节[]结果=解密(rawKey,enc);
返回新字符串(结果);
}
私有静态字节[]getRawKey(字节[]种子)引发异常{
KeyGenerator kgen=KeyGenerator.getInstance(“AES”);
SecureRandom sr=SecureRandom.getInstance(“SHA1PRNG”);
高级种子(种子);
kgen.init(128,sr);//192和256位可能不可用
SecretKey skey=kgen.generateKey();
字节[]原始=skey.getEncoded();
返回原材料;
}
私有静态字节[]加密(字节[]原始,字节[]清除)引发异常{
SecretKeySpec skeySpec=新SecretKeySpec(原始,“AES”);
Cipher Cipher=Cipher.getInstance(“AES”);
cipher.init(cipher.ENCRYPT_模式,skeySpec);
字节[]加密=cipher.doFinal(清除);
返回加密;
}
私有静态字节[]解密(字节[]原始,字节[]加密)引发异常{
SecretKeySpec skeySpec=新SecretKeySpec(原始,“AES”);
Cipher Cipher=Cipher.getInstance(“AES”);
cipher.init(cipher.DECRYPT_模式,skeySpec);
字节[]解密=cipher.doFinal(加密);
返回解密;
}
公共静态字符串toHex(字符串txt){
返回到hex(txt.getBytes());
}
公共静态字符串fromHex(字符串十六进制){
返回新字符串(toByte(hex));
}
公共静态字节[]toByte(字符串hexString){
int len=hexString.length()/2;
字节[]结果=新字节[len];
对于(int i=0;i>4)和0x0f)).append(十六进制字符(b和0x0f));
}
public static String encrypt(String seed, String cleartext) throws Exception {
byte[] rawKey = getRawKey(seed.getBytes("UTF-16"));
byte[] result = encrypt(rawKey, cleartext.getBytes("UTF-16"));
return toHex(result);
}
public static String decrypt(String seed, String encrypted) throws Exception {
byte[] rawKey = getRawKey(seed.getBytes("UTF-16"));
byte[] enc = toByte(encrypted);
byte[] result = decrypt(rawKey, enc);
return new String(result);
}
private static byte[] getRawKey(byte[] seed) throws Exception {
KeyGenerator kgen = KeyGenerator.getInstance("AES");
SecureRandom sr = SecureRandom.getInstance("SHA1PRNG");
sr.setSeed(seed);
kgen.init(128, sr); // 192 and 256 bits may not be available
SecretKey skey = kgen.generateKey();
byte[] raw = skey.getEncoded();
return raw;
}
private static byte[] encrypt(byte[] raw, byte[] clear) throws Exception {
SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.ENCRYPT_MODE, skeySpec);
byte[] encrypted = cipher.doFinal(clear);
return encrypted;
}
private static byte[] decrypt(byte[] raw, byte[] encrypted) throws Exception {
SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.DECRYPT_MODE, skeySpec);
byte[] decrypted = cipher.doFinal(encrypted);
return decrypted;
}
public static String toHex(String txt) {
return toHex(txt.getBytes());
}
public static String fromHex(String hex) {
return new String(toByte(hex));
}
public static byte[] toByte(String hexString) {
int len = hexString.length()/2;
byte[] result = new byte[len];
for (int i = 0; i < len; i++)
result[i] = Integer.valueOf(hexString.substring(2*i, 2*i+2), 16).byteValue();
return result;
}
public static String toHex(byte[] buf) {
if (buf == null)
return "";
StringBuffer result = new StringBuffer(2*buf.length);
for (int i = 0; i < buf.length; i++) {
appendHex(result, buf[i]);
}
return result.toString();
}
private final static String HEX = "0123456789ABCDEF";
private static void appendHex(StringBuffer sb, byte b) {
sb.append(HEX.charAt((b>>4)&0x0f)).append(HEX.charAt(b&0x0f));
}
publicstaticstringencrypt(字符串种子、字符串明文)引发异常{
byte[]rawKey=getRawKey(seed.getBytes(“UTF-16”);
字节[]结果=加密(rawKey,cleartext.getBytes(“UTF-16”);
返回到hex(结果);
}
公共静态字符串解密(字符串种子、字符串加密)引发异常{
byte[]rawKey=getRawKey(seed.getBytes(“UTF-16”);
字节[]enc=toByte(加密);
字节[]结果=解密(rawKey,enc);
返回新字符串(结果);
}
私有静态字节[]getRawKey(字节[]种子)引发异常{
KeyGenerator kgen=KeyGenerator.getInstance(“AES”);
SecureRandom sr=SecureRandom.getInstance(“SHA1PRNG”);
高级种子(种子);
kgen.init(128,sr);//192和256位可能不可用
SecretKey skey=kgen.generateKey();
字节[]原始=skey.getEncoded();
返回原材料;
}
私有静态字节[]加密(字节[]原始,字节[]清除)引发异常{
SecretKeySpec skeySpec=新SecretKeySpec(原始,“AES”);
密码ci