这里重点给出AES256的加解密方法(服务器端同样适用),需要注意的是:
1."AES/ECB/PKCS7Padding"是用于随机产生加密串,以防每次加密生成的加密串都一样。
2.这里需要传入一个16位的字符串用于生成加密key,需要和服务器端一起制定,使用同一字符串,否则加解密失败
public class AES256EncryptionUtil { public static final String TAG = AES256EncryptionUtil.class.getSimpleName(); public static final String ALGORITHM = "AES/ECB/PKCS7Padding"; private static String mPassword = ""; /** * 一次性设置password,后面无需再次设置 * @param password */ public static void setPassword(String password){ mPassword = password; } /** * 生成key * @param password * @return * @throws Exception */ private static byte[] getKeyByte(String password) throws Exception { byte[] seed = new byte[24]; if(!TextUtils.isEmpty(password)) { seed = password.getBytes(); } return seed; } /** * 加密 * @param data * @return */ public static String encrypt(String data) throws Exception{ String string = ""; byte[] keyByte = getKeyByte(mPassword); SecretKeySpec keySpec = new SecretKeySpec(keyByte,"AES"); //生成加密解密需要的Key byte[] byteContent = data.getBytes("utf-8"); Cipher cipher = Cipher.getInstance(ALGORITHM, "BC"); cipher.init(Cipher.ENCRYPT_MODE, keySpec); byte[] result = cipher.doFinal(byteContent); string = parseByte2HexStr(result); //转成String return string; } /** * 解密 * @param data * @return */ public static String decrypt(String data) throws Exception{ String string = ""; byte[] keyByte = getKeyByte(mPassword); byte[] byteContent = parseHexStr2Byte(data); //转成byte Cipher cipher = Cipher.getInstance(ALGORITHM, "BC"); SecretKeySpec keySpec = new SecretKeySpec(keyByte,"AES"); //生成加密解密需要的Key cipher.init(Cipher.DECRYPT_MODE, keySpec); byte[] decoded = cipher.doFinal(byteContent); string = new String(decoded); return string; } /** * 转化为String * @param buf * @return */ private static String parseByte2HexStr(byte buf[]) { StringBuffer sb = new StringBuffer(); for (int i = 0; i < buf.length; i++) { String hex = Integer.toHexString(buf[i] & 0xFF); if (hex.length() == 1) { hex = '0' + hex; } sb.append(hex.toUpperCase()); } return sb.toString(); } /** * 将16进制转换为二进制 * @param hexStr * @return */ private static byte[] parseHexStr2Byte(String hexStr) { if (hexStr.length() < 1) return null; byte[] result = new byte[hexStr.length() / 2]; for (int i = 0; i < hexStr.length() / 2; i++) { int high = Integer.parseInt(hexStr.substring(i * 2, i * 2 + 1), 16); int low = Integer.parseInt(hexStr.substring(i * 2 + 1, i * 2 + 2), 16); result[i] = (byte) (high * 16 + low); } return result; } }
服务器端可能存在问题:
Java本身限制密钥的长度最多128位,而AES256需要的密钥长度是256位,因此需要到Java官网上下载一个Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files。在Java SE的下载页面下面的Additional Resources那里会有下载链接。下载后打开压缩包,里面有两个jar文件。把这两个jar文件解压到JRE目录下的lib/security文件夹,覆盖原来的文件。这样Java就不再限制密钥的长度了。
下面这种方法也可以,但是Java服务器端却会报错,安卓使用就没有问题: