个人中心
gpt4 book ai didi

java - 在 Android 4.2 及更早版本中使用 PBKDF2WithHmacSHA1 和 DESede/CBC/PKCS5Padding

转载 作者:太空宇宙 更新时间:2023-11-04 14:10:47 29 4
gpt4 key购买 nike

在我的 Android 应用程序中,我想使用 DESede/CBC/PKCS5Padding 加密密码,我的解决方案适用于 Lollipop(5.x)、Android KitKat(4.4.x) 和 Android Jelly Bean(4.3.x)

private static final String KEY = "a2[..]";
private static final String SALT = "t[..]";
private static final String IV = "u[..]";
private static final String DES_EDE_PKCS5 = "DESede/CBC/PKCS5Padding"

public static String encrypt(String password) {
    byte[] byteSalt = Base64.decode(SALT, Base64.DEFAULT);
    byte[] bytesIv = Base64.decode(IV, Base64.DEFAULT);
    String mdp = "";        
    try {           
        SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");          
        KeySpec spec = new PBEKeySpec(KEY.toCharArray(), byteSalt, NB_ITER_RFC, SIZE_KEY);          
        SecretKey secretKey = factory.generateSecret(spec);             
        Cipher c = Cipher.getInstance(DES_EDE_PKCS5);           
        IvParameterSpec ivParam = new IvParameterSpec(bytesIv);         
        c.init(Cipher.ENCRYPT_MODE, secretKey, ivParam);                
        byte[] encrypted = c.doFinal(password.getBytes("UTF-8"));
        mdp = Base64.encodeToString(encrypted, Base64.DEFAULT);                 
    }
    catch [..]
    return mdp;
}

但它不适用于以下版本(4.2.x 及以下),此加密密码似乎会随机更改,例如:

D/andro-Chiffrement-encrypt(10739): password chiffré = P7vWc+7hFuUaWQghVeO+zA==
D/andro-Chiffrement-encrypt(10739): password chiffré = jGr6nlvnYLd/AK/d7nkUrA==
D/andro-Chiffrement-encrypt(10739): password chiffré = I2weyEddIav7EulAiuQDbg==
D/andro-Chiffrement-encrypt(10739): password chiffré = HF7OFpUXYuwOm81WekReDg==

如何解决 Android 4.2.x 上的这个问题?

我在 Bouncy CaSTLe 库中发现了这一点,但我没有找到如何实现“IV”( vector 生成器)。你有什么想法吗?

PKCS5S2ParametersGenerator gen = new PKCS5S2ParametersGenerator();
gen.init(PBEParametersGenerator.PKCS12PasswordToBytes(passCharArray), byteSalt, NB_ITER_RFC);
KeyParameter params = (KeyParameter) gen.generateDerivedParameters(SIZE_KEY);
String password2 = Base64.encodeToString(params.getKey(), Base64.DEFAULT);

最佳答案

从 Android 4.4 开始,SecretKeyFactory API 发生了变化。也许这会有所帮助:

In Android 4.3 and earlier platform versions, the javax.crypto.SecretKeyFactory implementation of the PBKDF2WithHmacSHA1 key-generation algorithm only uses the lower 8 bits of Java characters in passphrases. In Android 4.4, the algorithm is changed to use all available bits in Unicode characters, in compliance with recommendations in PCKS #5.

This change could affect applications that use symmetric encryption and meet all of the following conditions: 1. Use SecretKeyFactory to generate symmetric keys, and 2. Use PBKDF2WithHmacSHA1 as their key-generation algorithm for SecretKeyFactory, and 3. Allow Unicode input for passphrases

原文如下:

https://plus.google.com/+AndroidDevelopers/posts/fTY97ekzn6Z

在这里您可以了解 SecretKeyFactory Api 的更改:

http://android-developers.blogspot.it/2013/12/changes-to-secretkeyfactory-api-in.html

关于java - 在 Android 4.2 及更早版本中使用 PBKDF2WithHmacSHA1 和 DESede/CBC/PKCS5Padding,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/28347341/

29 4 0
文章推荐: Java - 如何读取 7z 的输出?
文章推荐: c# - 从包含 '\0' 个字符的非托管 C++ DLL 返回 LPTSTR
文章推荐: c++ - 3d 空间中的文本 - 如何回车? (openGL, C++, OSX)
文章推荐: java - 当incrementalCompileWarnings标志设置为true时GWT "No source code is available for type"
太空宇宙
个人简介

我是一名优秀的程序员,十分优秀!

滴滴打车优惠券免费领取
滴滴打车优惠券
全站热门文章
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com