在作公司项目时,提到要有安全整改,例如须要将保存到sharedPreference中的密码等敏感信息,进行加密保存。 在网上查找了关于AES的一些加密解密方法,但有些方法能够进行加密,但解密的不是原来的值,下面的方法是通过本身验证后能够使用的: public static final String AES_KEY_NUMBER = "hpgaerjnaoouekvs"; private final static String HEX = "0123456789ABCDEF"; public static String encryptAES(String cleartext,String seed) { try { KeyGenerator kgen = KeyGenerator.getInstance("AES"); SecureRandom sr = SecureRandom.getInstance("SHA1PRNG", "Crypto"); sr.setSeed(seed.getBytes()); kgen.init(128, sr); // 192 and 256 bits may not be available SecretKey skey = kgen.generateKey(); byte[] raw = skey.getEncoded(); SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES"); Cipher cipher = Cipher.getInstance("AES"); cipher.init(Cipher.ENCRYPT_MODE, skeySpec, new IvParameterSpec(new byte[cipher.getBlockSize()])); byte[] encrypted = cipher.doFinal(cleartext.getBytes()); if (encrypted == null) return ""; StringBuffer result = new StringBuffer(2 * encrypted.length); for (int i = 0; i < encrypted.length; i++) { result.append(HEX.charAt((encrypted[i] >> 4) & 0x0f)).append(HEX.charAt(encrypted[i] & 0x0f)); } return result.toString(); } catch (Exception e) { e.printStackTrace(); return ""; } } public static String decryptAES(String encrypted,String seed) { try { KeyGenerator kgen = KeyGenerator.getInstance("AES"); SecureRandom sr = SecureRandom.getInstance("SHA1PRNG", "Crypto"); sr.setSeed(seed.getBytes()); kgen.init(128, sr); // 192 and 256 bits may not be available SecretKey skey = kgen.generateKey(); byte[] raw = skey.getEncoded(); int len = encrypted.length() / 2; byte[] result = new byte[len]; for (int i = 0; i < len; i++) result[i] = Integer.valueOf(encrypted.substring(2 * i, 2 * i + 2), 16).byteValue(); SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES"); Cipher cipher = Cipher.getInstance("AES"); cipher.init(Cipher.DECRYPT_MODE, skeySpec, new IvParameterSpec(new byte[cipher.getBlockSize()])); byte[] decrypted = cipher.doFinal(result); return new String(decrypted); } catch (Exception e) { e.printStackTrace(); return ""; } } 此方法可用,若是要使用Base64的,不过对于使用SVN的开发的话,导包是会遇到困难的,代码以下: /** * AES 加密 * * @param content * @param key * @return */ public static String encryptAES(String content, String key) { try { byte[] byteContent = content.getBytes("UTF-8"); // 注意,为了能与 iOS 统一 // 这里的 key 不能够使用 KeyGenerator、SecureRandom、SecretKey 生成 byte[] enCodeFormat = key.getBytes(); SecretKeySpec secretKeySpec = new SecretKeySpec(enCodeFormat, "AES"); byte[] initParam = AES_KEY_NUMBER.getBytes(); IvParameterSpec ivParameterSpec = new IvParameterSpec(initParam); // 指定加密的算法、工做模式和填充方式 Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); cipher.init(Cipher.ENCRYPT_MODE, secretKeySpec, ivParameterSpec); byte[] encryptedBytes = cipher.doFinal(byteContent); // 一样对加密后数据进行 base64 编码 BASE64Encoder encoder = new BASE64Encoder(); return encoder.encode(encryptedBytes); } catch (Exception e) { // TODO Auto-generated catch block e.printStackTrace(); return ""; } } /** * AES 解密 * * @param content * @param key * @return */ public static String decryptAES(String content, String key) { try { // base64 解码 BASE64Decoder decoder = new BASE64Decoder(); byte[] encryptedBytes = decoder.decodeBuffer(content); byte[] enCodeFormat = key.getBytes(); SecretKeySpec secretKey = new SecretKeySpec(enCodeFormat, "AES"); byte[] initParam = AES_KEY_NUMBER.getBytes(); IvParameterSpec ivParameterSpec = new IvParameterSpec(initParam); Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); cipher.init(Cipher.DECRYPT_MODE, secretKey, ivParameterSpec); byte[] result = cipher.doFinal(encryptedBytes); return new String(result, "UTF-8"); } catch (Exception e) { // TODO Auto-generated catch block e.printStackTrace(); return ""; } }