我想从SD卡加密图像并使用AES再次将其存储在SD卡中。主要思想是应用程序浏览图像,然后在按下按钮时对其进行加密,然后将其存储在SD卡中。所以我的形象是安全的。
我已经成功使用本教程http://www.androidsnippets.com/encryptdecrypt-strings中的AES进行字符串加密,但我不知道如何使用图像,而不是字符串。
这是我用字符串做的方式:
public static String encrypt(String seed, String cleartext) throws Exception
{
byte[] rawKey = getRawKey(seed.getBytes());
byte[] result = encrypt(rawKey, cleartext.getBytes());
return toHex(result);
}
private static byte[] encrypt(byte[] raw, byte[] clear) throws Exception
{
SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.ENCRYPT_MODE, skeySpec);
byte[] encrypted = cipher.doFinal(clear);
return encrypted;
}
有人可以帮我提供示例代码,如何使用AES加密图像吗?
也许它必须使用I / O文件流,但我不知道如何使用此代码实现。
答案 0 :(得分:64)
如果您输入密码的用户输入,请务必阅读this answer。
你应该看看: CipherInputStream和CipherOutputStream。它们用于加密和解密字节流。
我有一个名为cleartext的文件。该文件包含:
Hi, I'm a clear text. How are you? That's awesome!
现在,您有一个encrypt()功能:
static void encrypt() throws IOException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException {
// Here you read the cleartext.
FileInputStream fis = new FileInputStream("data/cleartext");
// This stream write the encrypted text. This stream will be wrapped by another stream.
FileOutputStream fos = new FileOutputStream("data/encrypted");
// Length is 16 byte
// Careful when taking user input!!! https://stackoverflow.com/a/3452620/1188357
SecretKeySpec sks = new SecretKeySpec("MyDifficultPassw".getBytes(), "AES");
// Create cipher
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.ENCRYPT_MODE, sks);
// Wrap the output stream
CipherOutputStream cos = new CipherOutputStream(fos, cipher);
// Write bytes
int b;
byte[] d = new byte[8];
while((b = fis.read(d)) != -1) {
cos.write(d, 0, b);
}
// Flush and close streams.
cos.flush();
cos.close();
fis.close();
}
执行此功能后,应该有一个文件名encrypted。该文件包含加密字符。
对于解密,您拥有decrypt功能:
static void decrypt() throws IOException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException {
FileInputStream fis = new FileInputStream("data/encrypted");
FileOutputStream fos = new FileOutputStream("data/decrypted");
SecretKeySpec sks = new SecretKeySpec("MyDifficultPassw".getBytes(), "AES");
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.DECRYPT_MODE, sks);
CipherInputStream cis = new CipherInputStream(fis, cipher);
int b;
byte[] d = new byte[8];
while((b = cis.read(d)) != -1) {
fos.write(d, 0, b);
}
fos.flush();
fos.close();
cis.close();
}
执行解密后,应该有一个名为decrypted的文件。该文件包含自由文本。
你写的是“noob”但是根据加密的使用情况,如果你没有以正确的方式做到这一点,你可能会造成很大的伤害。了解你的工具!
使用CipherOutputStream Oracle documentation:
SecretKeySpec skeySpec = new SecretKeySpec(y.getBytes(), "AES");
FileInputStream fis;
FileOutputStream fos;
CipherOutputStream cos;
// File you are reading from
fis = new FileInputStream("/tmp/a.txt");
// File output
fos = new FileOutputStream("/tmp/b.txt");
// Here the file is encrypted. The cipher1 has to be created.
// Key Length should be 128, 192 or 256 bit => i.e. 16 byte
SecretKeySpec skeySpec = new SecretKeySpec("MyDifficultPassw".getBytes(), "AES");
Cipher cipher1 = Cipher.getInstance("AES");
cipher1.init(Cipher.ENCRYPT_MODE, skeySpec);
cos = new CipherOutputStream(fos, cipher1);
// Here you read from the file in fis and write to cos.
byte[] b = new byte[8];
int i = fis.read(b);
while (i != -1) {
cos.write(b, 0, i);
i = fis.read(b);
}
cos.flush();
因此,加密应该有效。当您反转该过程时,您应该能够读取解密的字节。
答案 1 :(得分:0)
从android 10开始,存在巨大的存储限制,因此与File类相比,DocumentFile将变得很常见。所以我也使用Uri提供答案。
fun Activity.encrypt(curLocUri: Uri, newLocUri: Uri, password: String, salt: String) : Boolean{
// opening file input/outputStreams
val fis = contentResolver.openInputStream(curLocUri) ?: return false
val fos = contentResolver.openOutputStream(newLocUri) ?: return false
try {
var key: ByteArray = ("$salt$password").toByteArray(Charsets.UTF_8)
val sha: MessageDigest = MessageDigest.getInstance("SHA-1")
key = sha.digest(key)
key = key.copyOf(16)
val sks = SecretKeySpec(key, "AES")
val cipher: Cipher = Cipher.getInstance("AES")
cipher.init(Cipher.ENCRYPT_MODE, sks)
val cos = CipherOutputStream(fos, cipher)
var b: Int
val d = ByteArray(8)
while (fis.read(d).also { b = it } != -1) {
cos.write(d, 0, b)
}
cos.flush()
cos.close()
return true
} catch (e: Throwable){
fis.close()
fos.close()
return false
}
}
fun Activity.decrypt(curLocUri: Uri, newLocUri: Uri, password: String, salt: String): Boolean {
// opening file input/outputStreams
val fis = contentResolver.openInputStream(curLocUri) ?: return false
val fos = contentResolver.openOutputStream(newLocUri) ?: return false
try {
var key: ByteArray = ("$salt$password").toByteArray(Charsets.UTF_8)
val sha = MessageDigest.getInstance("SHA-1")
key = sha.digest(key)
key = Arrays.copyOf(key, 16)
val sks = SecretKeySpec(key, "AES")
val cipher = Cipher.getInstance("AES")
cipher.init(Cipher.DECRYPT_MODE, sks)
val cis = CipherInputStream(fis, cipher)
var b: Int
val d = ByteArray(8)
while (cis.read(d).also { b = it } != -1) {
fos.write(d, 0, b)
}
fos.flush()
fos.close()
cis.close()
return true
} catch (e: Throwable){
fos.flush()
fos.close()
return false
}
}
这里Uri是从onActivityResult的文件选择器接收的。
例如,您可以找到它here