- android - 多次调用 OnPrimaryClipChangedListener
- android - 无法更新 RecyclerView 中的 TextView 字段
- android.database.CursorIndexOutOfBoundsException : Index 0 requested, 光标大小为 0
- android - 使用 AppCompat 时,我们是否需要明确指定其 UI 组件(Spinner、EditText)颜色
在我的 Android 应用程序中,我想使用 DESede/CBC/PKCS5Padding 加密密码,我的解决方案适用于 Lollipop(5.x)、Android KitKat(4.4.x) 和 Android Jelly Bean(4.3.x)
private static final String KEY = "a2[..]";
private static final String SALT = "t[..]";
private static final String IV = "u[..]";
private static final String DES_EDE_PKCS5 = "DESede/CBC/PKCS5Padding"
public static String encrypt(String password) {
byte[] byteSalt = Base64.decode(SALT, Base64.DEFAULT);
byte[] bytesIv = Base64.decode(IV, Base64.DEFAULT);
String mdp = "";
try {
SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
KeySpec spec = new PBEKeySpec(KEY.toCharArray(), byteSalt, NB_ITER_RFC, SIZE_KEY);
SecretKey secretKey = factory.generateSecret(spec);
Cipher c = Cipher.getInstance(DES_EDE_PKCS5);
IvParameterSpec ivParam = new IvParameterSpec(bytesIv);
c.init(Cipher.ENCRYPT_MODE, secretKey, ivParam);
byte[] encrypted = c.doFinal(password.getBytes("UTF-8"));
mdp = Base64.encodeToString(encrypted, Base64.DEFAULT);
}
catch [..]
return mdp;
}
但它不适用于以下版本(4.2.x 及以下),此加密密码似乎会随机更改,例如:
D/andro-Chiffrement-encrypt(10739): password chiffré = P7vWc+7hFuUaWQghVeO+zA==
D/andro-Chiffrement-encrypt(10739): password chiffré = jGr6nlvnYLd/AK/d7nkUrA==
D/andro-Chiffrement-encrypt(10739): password chiffré = I2weyEddIav7EulAiuQDbg==
D/andro-Chiffrement-encrypt(10739): password chiffré = HF7OFpUXYuwOm81WekReDg==
如何解决 Android 4.2.x 上的这个问题?
我在 Bouncy CaSTLe 库中发现了这一点,但我没有找到如何实现“IV”( vector 生成器)。你有什么想法吗?
PKCS5S2ParametersGenerator gen = new PKCS5S2ParametersGenerator();
gen.init(PBEParametersGenerator.PKCS12PasswordToBytes(passCharArray), byteSalt, NB_ITER_RFC);
KeyParameter params = (KeyParameter) gen.generateDerivedParameters(SIZE_KEY);
String password2 = Base64.encodeToString(params.getKey(), Base64.DEFAULT);
最佳答案
从 Android 4.4 开始,SecretKeyFactory API 发生了变化。也许这会有所帮助:
In Android 4.3 and earlier platform versions, the javax.crypto.SecretKeyFactory implementation of the PBKDF2WithHmacSHA1 key-generation algorithm only uses the lower 8 bits of Java characters in passphrases. In Android 4.4, the algorithm is changed to use all available bits in Unicode characters, in compliance with recommendations in PCKS #5.
This change could affect applications that use symmetric encryption and meet all of the following conditions: 1. Use SecretKeyFactory to generate symmetric keys, and 2. Use PBKDF2WithHmacSHA1 as their key-generation algorithm for SecretKeyFactory, and 3. Allow Unicode input for passphrases
原文如下:
https://plus.google.com/+AndroidDevelopers/posts/fTY97ekzn6Z
在这里您可以了解 SecretKeyFactory Api 的更改:
http://android-developers.blogspot.it/2013/12/changes-to-secretkeyfactory-api-in.html
关于java - 在 Android 4.2 及更早版本中使用 PBKDF2WithHmacSHA1 和 DESede/CBC/PKCS5Padding,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/28347341/
我安装了 fakeLoader (jquery 预加载器)但我无法在页面加载前显示它。 在 mozilla 中它几乎可以正常工作(奇怪的是......),但在 Chrome 和 Opera 中,页面首
我试图通过以下代码在触摸事件上移动 ImageView: public class ScrollableImageView extends ImageView { private Gestur
我是一名优秀的程序员,十分优秀!