· 9 years ago · Nov 02, 2016, 06:20 AM
1import android.content.Context;
2import android.util.Base64;
3
4import java.io.InputStream;
5import java.security.PublicKey;
6import java.security.SecureRandom;
7import java.security.cert.CertificateFactory;
8import java.security.cert.X509Certificate;
9
10import javax.crypto.Cipher;
11import javax.crypto.KeyGenerator;
12import javax.crypto.Mac;
13import javax.crypto.SecretKey;
14import javax.crypto.spec.IvParameterSpec;
15import javax.crypto.spec.SecretKeySpec;
16
17/**
18 * Created by chenfeng on 16/4/5.
19 */
20public class CertManager {
21
22 /**
23 * 产生éšæœºå¯†é’¥
24 *
25 * @param size 长度
26 * @return éšæœºå¯†é’¥
27 */
28 public static byte[] getRandom(int size) throws Exception {
29 KeyGenerator kgen = KeyGenerator.getInstance("AES");
30 SecureRandom sr = SecureRandom.getInstance("SHA1PRNG", "Crypto");
31 kgen.init(size * 8, sr);
32 SecretKey sKey = kgen.generateKey();
33 byte[] raw = sKey.getEncoded();
34 return raw;
35
36 }
37
38
39 /**
40 * 从domain.crtä¸èŽ·å–公钥
41 *
42 * @param context
43 * @return
44 */
45 public static PublicKey getPublicKey(Context context) throws Exception {
46 //从rawä¸è¯»å–è¯ä¹¦æ–‡ä»¶
47 InputStream is = context.getResources().openRawResource(R.raw.domain);
48 //创建X509工厂类
49 CertificateFactory cf = CertificateFactory.getInstance("X.509");
50 //创建è¯ä¹¦å¯¹è±¡
51 X509Certificate cert = (X509Certificate) cf.generateCertificate(is);
52 //获å–公钥
53 PublicKey publicKey = cert.getPublicKey();
54 //å…³é—输入æµ
55 is.close();
56 return publicKey;
57
58 }
59
60
61 /**
62 * 对è¦åŠ 密的报文plainText使用AES-CBCåŠ å¯†ï¼Œå¾—åˆ°åŠ å¯†åŽçš„报文并base64ç¼–ç
63 *
64 * @param randomKey éšæœºå¯†é’¥
65 * @param plainText å¾…åŠ å¯†çš„å—符串
66 * @return åŠ å¯†å¹¶B64转ç åŽçš„å—节数组
67 */
68 public static byte[] encryptByRandomKey(byte[] randomKey, String plainText) throws Exception {
69
70 byte[] AESKey = CertManager.subBytes(randomKey, 0, 32);//å‰32ä½ä½œä¸ºAESçš„KEY
71 byte[] iv = CertManager.subBytes(randomKey, 32, 16);//åŽ16ä½ä½œä¸ºAESçš„IV
72
73 SecretKeySpec spec = new SecretKeySpec(AESKey, "AES");
74 Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");//"算法/模å¼/è¡¥ç æ–¹å¼"
75 IvParameterSpec ivParameterSpec = new IvParameterSpec(iv);
76 cipher.init(Cipher.ENCRYPT_MODE, spec, ivParameterSpec);
77 byte[] encrypted = cipher.doFinal(plainText.getBytes("UTF-8"));
78 return Base64.encode(encrypted, Base64.NO_WRAP);
79 }
80
81
82 /**
83 * 使用公钥è¯ä¹¦åŠ 密并base64ç¼–ç
84 *
85 * @param key è¯ä¹¦å…¬é’¥
86 * @param plainText å¾…åŠ å¯†æ•°æ®
87 * @return åŠ å¯†å¹¶B64转ç åŽçš„å—节数组
88 */
89 public static byte[] encryptByPublciKey(PublicKey key, byte[] plainText) throws Exception {
90 Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");//"算法/模å¼/è¡¥ç æ–¹å¼"
91 cipher.init(Cipher.ENCRYPT_MODE, key);
92 byte[] encrypted = cipher.doFinal(plainText);
93 return Base64.encode(encrypted, Base64.NO_WRAP);
94
95 }
96
97
98 /**
99 * 创建HMACç¾å
100 *
101 * @param encryptedBody å¾…ç¾åæ•°æ®
102 * @param accessSecret Secret
103 * @return ç¾å并且Base64åŽçš„å—符串
104 */
105 public static String hmacSha256(byte[] encryptedBody, String accessSecret) throws Exception {
106 Mac mac = Mac.getInstance("HmacSHA256");
107 SecretKey secret = new SecretKeySpec(accessSecret.getBytes("UTF-8"), "HMACSHA256");
108 mac.init(secret);
109 byte[] bytes = mac.doFinal(encryptedBody);
110 return Base64.encodeToString(bytes, Base64.NO_WRAP);
111
112 }
113
114
115 /**
116 * 从一个byte[]数组ä¸æˆªå–一部分
117 *
118 * @param src
119 * @param begin
120 * @param count
121 * @return
122 */
123 public static byte[] subBytes(byte[] src, int begin, int count) {
124 byte[] bs = new byte[count];
125 for (int i = begin; i < begin + count; i++) bs[i - begin] = src[i];
126 return bs;
127 }
128
129}