gpt4 book ai didi

java - 在 Android 4.2 及更早版本中使用 PBKDF2WithHmacSHA1 和 DESede/CBC/PKCS5Padding

转载 作者:太空宇宙 更新时间:2023-11-04 14:10:47 29 4
gpt4 key购买 nike

在我的 Android 应用程序中,我想使用 DESede/CBC/PKCS5Padding 加密密码,我的解决方案适用于 Lollipop(5.x)、Android KitKat(4.4.x) 和 Android Jelly Bean(4.3.x)

private static final String KEY = "a2[..]";
private static final String SALT = "t[..]";
private static final String IV = "u[..]";
private static final String DES_EDE_PKCS5 = "DESede/CBC/PKCS5Padding"

public static String encrypt(String password) {
byte[] byteSalt = Base64.decode(SALT, Base64.DEFAULT);
byte[] bytesIv = Base64.decode(IV, Base64.DEFAULT);
String mdp = "";
try {
SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
KeySpec spec = new PBEKeySpec(KEY.toCharArray(), byteSalt, NB_ITER_RFC, SIZE_KEY);
SecretKey secretKey = factory.generateSecret(spec);
Cipher c = Cipher.getInstance(DES_EDE_PKCS5);
IvParameterSpec ivParam = new IvParameterSpec(bytesIv);
c.init(Cipher.ENCRYPT_MODE, secretKey, ivParam);
byte[] encrypted = c.doFinal(password.getBytes("UTF-8"));
mdp = Base64.encodeToString(encrypted, Base64.DEFAULT);
}
catch [..]
return mdp;
}

但它不适用于以下版本(4.2.x 及以下),此加密密码似乎会随机更改,例如:

D/andro-Chiffrement-encrypt(10739): password chiffré = P7vWc+7hFuUaWQghVeO+zA==
D/andro-Chiffrement-encrypt(10739): password chiffré = jGr6nlvnYLd/AK/d7nkUrA==
D/andro-Chiffrement-encrypt(10739): password chiffré = I2weyEddIav7EulAiuQDbg==
D/andro-Chiffrement-encrypt(10739): password chiffré = HF7OFpUXYuwOm81WekReDg==

如何解决 Android 4.2.x 上的这个问题?

我在 Bouncy CaSTLe 库中发现了这一点,但我没有找到如何实现“IV”( vector 生成器)。你有什么想法吗?

PKCS5S2ParametersGenerator gen = new PKCS5S2ParametersGenerator();
gen.init(PBEParametersGenerator.PKCS12PasswordToBytes(passCharArray), byteSalt, NB_ITER_RFC);
KeyParameter params = (KeyParameter) gen.generateDerivedParameters(SIZE_KEY);
String password2 = Base64.encodeToString(params.getKey(), Base64.DEFAULT);

最佳答案

从 Android 4.4 开始,SecretKeyFactory API 发生了变化。也许这会有所帮助:

In Android 4.3 and earlier platform versions, the javax.crypto.SecretKeyFactory implementation of the PBKDF2WithHmacSHA1 key-generation algorithm only uses the lower 8 bits of Java characters in passphrases. In Android 4.4, the algorithm is changed to use all available bits in Unicode characters, in compliance with recommendations in PCKS #5.

This change could affect applications that use symmetric encryption and meet all of the following conditions: 1. Use SecretKeyFactory to generate symmetric keys, and 2. Use PBKDF2WithHmacSHA1 as their key-generation algorithm for SecretKeyFactory, and 3. Allow Unicode input for passphrases

原文如下:

https://plus.google.com/+AndroidDevelopers/posts/fTY97ekzn6Z

在这里您可以了解 SecretKeyFactory Api 的更改:

http://android-developers.blogspot.it/2013/12/changes-to-secretkeyfactory-api-in.html

关于java - 在 Android 4.2 及更早版本中使用 PBKDF2WithHmacSHA1 和 DESede/CBC/PKCS5Padding,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/28347341/

29 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com