Android中資料的加密解密
開發中我們經常會和伺服器打交道:最終的目的就是和資料打交道,但是這往往出現一個問題就是
資料的安全性問題,比如說我們把資料傳送給伺服器,伺服器返回資料給我們,
這其中牽涉到很重要的安全性問題:分3步來解決這個問題
1:首先我們新建一個類用來加密和解密如下所示:
* * Created by acer-pc on 2018/6/22. */ public class EncryptUtil { private static final String ALGORITHM = "AES/ECB/PKCS5Padding"; // 加密祕鑰 private static final String AES_KEY = "XXX(我們自己設定)"; private static SecretKeySpec secretKeySpec; /** * 前臺傳輸資料解密 * * @param rawJson 原始JSON * @return 解密後的Map */ public static <T extends BaseResult> T decrypt(String rawJson, Class<T> tClass) { T result=null; try { Cipher cipher = Cipher.getInstance(ALGORITHM); cipher.init(Cipher.DECRYPT_MODE, getAesKey()); byte[] paramBytes = cipher.doFinal(Base64.decode(rawJson.getBytes("UTF-8"), Base64.NO_WRAP)); String paramJson = new String(paramBytes); result = GsonUtil.fromJson(paramJson, tClass); } catch (NoSuchPaddingException e) { e.printStackTrace(); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } catch (InvalidKeyException e) { e.printStackTrace(); } catch (BadPaddingException e) { e.printStackTrace(); } catch (IllegalBlockSizeException e) { e.printStackTrace(); } catch (UnsupportedEncodingException e) { e.printStackTrace(); } return result; } /** * 資料傳輸過程中需要加密設定 * @param rawMap * @return */ public static String encrypt(Map<String, String> rawMap) { String result = ""; try { Cipher cipher = Cipher.getInstance(ALGORITHM); cipher.init(Cipher.ENCRYPT_MODE, getAesKey()); String rawJson = GsonUtil.toJson(rawMap); byte[] paramBytes = cipher.doFinal(rawJson.getBytes("UTF-8")); result = Base64.encodeToString(paramBytes, Base64.NO_WRAP); } catch (NoSuchPaddingException e) { e.printStackTrace(); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } catch (InvalidKeyException e) { e.printStackTrace(); } catch (BadPaddingException e) { e.printStackTrace(); } catch (IllegalBlockSizeException e) { e.printStackTrace(); } catch (UnsupportedEncodingException e) { e.printStackTrace(); } return result; } private static SecretKeySpec getAesKey() { if (secretKeySpec != null) { return secretKeySpec; } try { secretKeySpec = new SecretKeySpec(AES_KEY.getBytes("UTF-8"), "AES"); } catch (UnsupportedEncodingException e) { e.printStackTrace(); } return secretKeySpec; } }
2:其中的BaseResult如下(要解析的資料的根類,放資料的類要繼承這個類):
public class BaseResult { private int result; private String message; public int getResult() { return result; } public void setResult(int result) { this.result = result; } public String getMessage() { return message; } public void setMessage(String message) { this.message = message; } }
3:當我們在主類中(或者Fragment中)使用的時候如下:
//載入資料 public void initData() { //這裡利用執行緒池使得執行緒線上程池中執行防止程式卡死 APIConfig.getDataIntoView(new Runnable() { @Override public void run() { Map<String, String> map = new HashMap<>(); map.put("token", RuntimeConfig.user.getToken()); String paramJson = EncryptUtil.encrypt(map); String url = "http://這裡是我們的目標網址"; String rs = HttpUtil.GetDataFromNetByPost(url, new ParamsBuilder().addParam("paramJson", paramJson).getParams()); // rs判空 final DiaryDetailResult result = EncryptUtil.decrypt(rs, DiaryDetailResult.class); UIUtils.runOnUIThread(new Runnable() { @Override public void run() { //這裡禁用 if (result != null && result.getResult() == APIConfig.CODE_SUCCESS) { Diary diaryData = result.getData().getContent(); //接下來對解析出的資料進行自己的操作 。。。。。。。。。。。。 } else { // Toast彈出載入失敗; } } }); } }); }
3:大功告成!