-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
1 changed file
with
129 additions
and
0 deletions.
There are no files selected for viewing
129 changes: 129 additions & 0 deletions
129
app/src/main/java/com/ervin/mvp/utils/KeyStoreEncryption.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,129 @@ | ||
| package com.ervin.mvp.utils; | ||
|
|
||
| import android.content.Context; | ||
| import android.security.KeyPairGeneratorSpec; | ||
| import android.security.keystore.KeyProperties; | ||
| import android.util.Base64; | ||
|
|
||
| import java.io.ByteArrayInputStream; | ||
| import java.io.ByteArrayOutputStream; | ||
| import java.math.BigInteger; | ||
| import java.security.InvalidAlgorithmParameterException; | ||
| import java.security.KeyPairGenerator; | ||
| import java.security.KeyStore; | ||
| import java.security.NoSuchAlgorithmException; | ||
| import java.security.NoSuchProviderException; | ||
| import java.security.interfaces.RSAPrivateKey; | ||
| import java.security.interfaces.RSAPublicKey; | ||
| import java.util.ArrayList; | ||
| import java.util.Calendar; | ||
|
|
||
| import javax.crypto.Cipher; | ||
| import javax.crypto.CipherInputStream; | ||
| import javax.crypto.CipherOutputStream; | ||
| import javax.security.auth.x500.X500Principal; | ||
|
|
||
| /** | ||
| * Created by Ervin on 2018/1/30. | ||
| * | ||
| * android keystore 特别适合用来存储运行时数据比如(账户密码,token),动态生成密钥,使用公钥给数据加密,用私钥解密 | ||
| */ | ||
|
|
||
| public class KeyStoreEncryption { | ||
|
|
||
| public static void createNewKeys(String alias,Context context){ | ||
|
|
||
| Calendar start = Calendar.getInstance(); | ||
| Calendar end = Calendar.getInstance(); | ||
| end.add(Calendar.YEAR, 1); | ||
| try { | ||
| KeyPairGeneratorSpec spec = new KeyPairGeneratorSpec.Builder(context) | ||
| .setAlias(alias) | ||
| .setSubject(new X500Principal("CN=Gyenno, OU=Gyenno, O=Gyenno, L=ShenZheng, ST=GuangDong, C=CN")) | ||
| .setSerialNumber(BigInteger.ONE) | ||
| .setStartDate(start.getTime()) | ||
| .setEndDate(end.getTime()) | ||
| .build(); | ||
| KeyPairGenerator generator = KeyPairGenerator.getInstance(KeyProperties.KEY_ALGORITHM_EC, "AndroidKeyStore"); | ||
| generator.initialize(spec); | ||
|
|
||
| generator.generateKeyPair(); | ||
|
|
||
|
|
||
| } catch (NoSuchAlgorithmException e) { | ||
| e.printStackTrace(); | ||
| } catch (NoSuchProviderException e) { | ||
| e.printStackTrace(); | ||
| } catch (InvalidAlgorithmParameterException e) { | ||
| e.printStackTrace(); | ||
| } | ||
| } | ||
|
|
||
| /** | ||
| * 加密 | ||
| * @param alias | ||
| * @param data | ||
| */ | ||
| public byte[] encryptString(String alias,String data){ | ||
| byte[] encryptByte = new byte[16]; | ||
| try { | ||
| KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore"); | ||
| keyStore.load(null); | ||
| KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry)keyStore.getEntry(alias, null); | ||
| RSAPublicKey publicKey = (RSAPublicKey) privateKeyEntry.getCertificate().getPublicKey(); | ||
|
|
||
|
|
||
| Cipher input = Cipher.getInstance("RSA/ECB/PKCS1Padding", "AndroidOpenSSL"); | ||
| input.init(Cipher.ENCRYPT_MODE, publicKey); | ||
|
|
||
| ByteArrayOutputStream outputStream = new ByteArrayOutputStream(); | ||
| CipherOutputStream cipherOutputStream = new CipherOutputStream( | ||
| outputStream, input); | ||
| cipherOutputStream.write(data.getBytes("UTF-8")); | ||
| cipherOutputStream.close(); | ||
|
|
||
| encryptByte = outputStream.toByteArray(); | ||
| } catch (Exception e) { | ||
|
|
||
| } | ||
| return encryptByte; | ||
| } | ||
|
|
||
| /** | ||
| * 解密 | ||
| * @param alias | ||
| */ | ||
| public String decryptString(String alias,String encryptData) { | ||
| String decryData = ""; | ||
| try { | ||
| KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore"); | ||
| keyStore.load(null); | ||
| KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry)keyStore.getEntry(alias, null); | ||
| RSAPrivateKey privateKey = (RSAPrivateKey) privateKeyEntry.getPrivateKey(); | ||
|
|
||
| Cipher output = Cipher.getInstance("RSA/ECB/PKCS1Padding", "AndroidOpenSSL"); | ||
| output.init(Cipher.DECRYPT_MODE, privateKey); | ||
|
|
||
| CipherInputStream cipherInputStream = new CipherInputStream( | ||
| new ByteArrayInputStream(Base64.decode(encryptData, Base64.DEFAULT)), output); | ||
| ArrayList<Byte> values = new ArrayList<>(); | ||
| int nextByte; | ||
| while ((nextByte = cipherInputStream.read()) != -1) { | ||
| values.add((byte)nextByte); | ||
| } | ||
|
|
||
| byte[] bytes = new byte[values.size()]; | ||
| for(int i = 0; i < bytes.length; i++) { | ||
| bytes[i] = values.get(i).byteValue(); | ||
| } | ||
|
|
||
| decryData = new String(bytes, 0, bytes.length, "UTF-8"); | ||
|
|
||
|
|
||
|
|
||
| } catch (Exception e) { | ||
|
|
||
| } | ||
| return decryData; | ||
| } | ||
| } |