如何在android中加密和解密我的应用程序数据库

时间:2013-07-26 05:39:56

标签: android encryption sqlite

我的问题是如何使用加密算法保护我的应用程序数据库文件如果我使用硬编码密钥然后在反编译它之后也将是可访问的。如果设备已植根然后任何人都可以访问我的db文件所以我想保护我的数据库任何人都无法访问或阅读。提前谢谢

2 个答案:

答案 0 :(得分:2)

    package com.kushal.utils;

    import java.security.spec.KeySpec;
    import javax.crypto.Cipher;
    import javax.crypto.SecretKey;
    import javax.crypto.SecretKeyFactory;
    import javax.crypto.spec.DESedeKeySpec;
    import sun.misc.BASE64Decoder;
    import sun.misc.BASE64Encoder;

    public class DESedeEncryption {

        private static final String UNICODE_FORMAT = "UTF8";
        public static final String DESEDE_ENCRYPTION_SCHEME = "DESede";
        private KeySpec myKeySpec;
        private SecretKeyFactory mySecretKeyFactory;
        private Cipher cipher;
        byte[] keyAsBytes;
        private String myEncryptionKey;
        private String myEncryptionScheme;
        SecretKey key;

        public DESedeEncryption() throws Exception
        {
            myEncryptionKey = "ThisIsSecretEncryptionKey";
            myEncryptionScheme = DESEDE_ENCRYPTION_SCHEME;
            keyAsBytes = myEncryptionKey.getBytes(UNICODE_FORMAT);
            myKeySpec = new DESedeKeySpec(keyAsBytes);
            mySecretKeyFactory = SecretKeyFactory.getInstance(myEncryptionScheme);
            cipher = Cipher.getInstance(myEncryptionScheme);
            key = mySecretKeyFactory.generateSecret(myKeySpec);
        }

        /**
         * Method To Encrypt The String
         */
        public String encrypt(String unencryptedString) {
            String encryptedString = null;
            try {
                cipher.init(Cipher.ENCRYPT_MODE, key);
                byte[] plainText = unencryptedString.getBytes(UNICODE_FORMAT);
                byte[] encryptedText = cipher.doFinal(plainText);
                BASE64Encoder base64encoder = new BASE64Encoder();
                encryptedString = base64encoder.encode(encryptedText);
            } catch (Exception e) {
                e.printStackTrace();
            }
            return encryptedString;
        }
        /**
         * Method To Decrypt An Ecrypted String
         */
        public String decrypt(String encryptedString) {
            String decryptedText=null;
            try {
                cipher.init(Cipher.DECRYPT_MODE, key);
                BASE64Decoder base64decoder = new BASE64Decoder();
                byte[] encryptedText = base64decoder.decodeBuffer(encryptedString);
                byte[] plainText = cipher.doFinal(encryptedText);
                decryptedText= bytes2String(plainText);
            } catch (Exception e) {
                e.printStackTrace();
            }
            return decryptedText;
        }
        /**
         * Returns String From An Array Of Bytes
         */
        private static String bytes2String(byte[] bytes) {
            StringBuffer stringBuffer = new StringBuffer();
            for (int i = 0; i < bytes.length; i++) {
                stringBuffer.append((char) bytes[i]);
            }
            return stringBuffer.toString();
        }

        /**
         * Testing The DESede Encryption And Decryption Technique
         */
        public static void main(String args []) throws Exception
        {
            DESedeEncryption myEncryptor= new DESedeEncryption();

            String stringToEncrypt="Sanjaal.com";
            String encrypted=myEncryptor.encrypt(stringToEncrypt);
            String decrypted=myEncryptor.decrypt(encrypted);

            System.out.println("String To Encrypt: "+stringToEncrypt);
            System.out.println("Encrypted Value :" + encrypted);
            System.out.println("Decrypted Value :"+decrypted);

        }

    }

output:
String To Encrypt: Sanjaal.com
Encrypted Value :aArhqI25Y1SkYrdv9gxYDQ==
Decrypted Value :Sanjaal.com

http://sanjaal.com/java/189/java-encryption/tutorial-encryption-and-decryption-using-desede-triple-des-in-java/

答案 1 :(得分:0)

使用sqlite cipher加密您的数据库。并将您的密钥存储在parts中。并在运行时生成密钥。你不能阻止任何人去编译你的申请。你所能做的就是让反编译器很难理解你的算法。你可以尝试对你的应用程序进行模糊处理。

使用dexGuard加密应用程序的字符串。