我有在Android中使用的加密/解密密码。它适用于Android 4.4
static void setKey(byte[] keybytes, byte[] iv) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, InvalidAlgorithmParameterException {
key = new SecretKeySpec(keybytes, "AES");
ivspec = new IvParameterSpec(iv);
encryptcipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
encryptcipher.init(Cipher.ENCRYPT_MODE, key,ivspec);
decryptcipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
decryptcipher.init(Cipher.DECRYPT_MODE, key,ivspec);
}
但是,每当我在Android 4.3上运行时,我都会收到此错误
07-25 17:17:25.917: W/System.err(27544): java.lang.RuntimeException: java.security.NoSuchAlgorithmException: SecureRandom SHA1PRNG implementation not found
07-25 17:17:25.927: W/System.err(27544): at java.security.SecureRandom.<init>(SecureRandom.java:100)
07-25 17:17:25.927: W/System.err(27544): at javax.crypto.Cipher.init(Cipher.java:564)
07-25 17:17:25.927: W/System.err(27544): at com.chatads.sdk.bm.a(SourceFile:56)
07-25 17:17:25.927: W/System.err(27544): at com.chatads.sdk.x.a(SourceFile:241)
07-25 17:17:25.927: W/System.err(27544): at com.chatads.sdk.ax.run(SourceFile:66)
07-25 17:17:25.927: W/System.err(27544): at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:390)
07-25 17:17:25.927: W/System.err(27544): at java.util.concurrent.FutureTask.run(FutureTask.java:234)
07-25 17:17:25.927: W/System.err(27544): at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$201(ScheduledThreadPoolExecutor.java:153)
07-25 17:17:25.927: W/System.err(27544): at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:267)
07-25 17:17:25.927: W/System.err(27544): at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1080)
07-25 17:17:25.927: W/System.err(27544): at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:573)
07-25 17:17:25.927: W/System.err(27544): at java.lang.Thread.run(Thread.java:841)
07-25 17:17:25.927: W/System.err(27544): Caused by: java.security.NoSuchAlgorithmException: SecureRandom SHA1PRNG implementation not found
07-25 17:17:25.927: W/System.err(27544): at java.security.Provider$Service.newInstance(Provider.java:1000)
07-25 17:17:25.927: W/System.err(27544): at java.security.SecureRandom.<init>(SecureRandom.java:97)
07-25 17:17:25.927: W/System.err(27544): ... 11 more
07-25 17:17:25.927: W/System.err(27544): Caused by: java.lang.IllegalAccessException: access to class not allowed
07-25 17:17:25.927: W/System.err(27544): at java.lang.Class.newInstanceImpl(Native Method)
07-25 17:17:25.927: W/System.err(27544): at java.lang.Class.newInstance(Class.java:1130)
07-25 17:17:25.927: W/System.err(27544): at java.security.Provider$Service.newInstance(Provider.java:998)
07-25 17:17:25.927: W/System.err(27544): ... 12 more
我运行了这段代码
Provider[] providers = Security.getProviders();
for (Provider provider : providers) {
Log.i("CRYPTO","provider: "+provider.getName());
Set<Provider.Service> services = provider.getServices();
for (Provider.Service service : services) {
Log.i("CRYPTO"," algorithm: "+service.getAlgorithm());
}
}
在这里找到What crypto algorithms does Android support?
所有AES,AES / CBC / PKCS5Padding和SHA1PRNG都出现在输出中。这是Android的错误吗?或者我做错了什么?
答案 0 :(得分:1)
我想出了如何保证我需要的算法的存在。首先,我下载了Spongey Castle并将其添加到我的构建路径
我使用此代码
将SC添加为提供者static {
Security.insertProviderAt(new org.spongycastle.jce.provider.BouncyCastleProvider(), 1);
}
这样做后,我仍然遇到与以前相同的错误,然后将我的代码更改为
static void setKey(byte[] keybytes, byte[] iv) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, InvalidAlgorithmParameterException, NoSuchProviderException
{
/**
* crypto is specifically stated here because without using AndroidOpenSSL for the SHA1PRNG breaks on some phones,
* PRNGFixes.apply() should be called if using this
* https://android-developers.blogspot.com/2013/08/some-securerandom-thoughts.html
*/
random = SecureRandom.getInstance("SHA1PRNG", "Crypto");
key = new SecretKeySpec(keybytes, "AES");
ivspec = new IvParameterSpec(iv);
encryptcipher = Cipher.getInstance("AES/CFB/NoPadding", "SC");
encryptcipher.init(Cipher.ENCRYPT_MODE, key, ivspec, random);
decryptcipher = Cipher.getInstance("AES/CFB/NoPadding", "SC");
decryptcipher.init(Cipher.DECRYPT_MODE, key, ivspec, random);
}
修复了我的所有问题,但是后来存在使用Crypto的安全问题,因此我在https://android-developers.blogspot.com/2013/08/some-securerandom-thoughts.html下载了PRNGFix,并在我使用加密库之前在应用程序的其他地方调用了应用
答案 1 :(得分:0)
简单地移除现有的BC,并添加一个新的BC适用于我
static {
Security.removeProvider("BC");
Security.addProvider(new org.spongycastle.jce.provider.BouncyCastleProvider());
}