1

我想SharedPreferences使用 gson 存储一个加密的 Profile 对象。

这是我的代码:

public void saveProfile(Profile newProfile) {
  try {
    Log.i(C.TAG, newProfile.toString());

    SharedPreferences.Editor editor = prefs.edit();
    String profileJSONfied = new Gson().toJson(newProfile);
    Log.i(C.TAG, profileJSONfied);

    byte[] cleartext = profileJSONfied.getBytes(HTTP.UTF_8);
    Log.i(C.TAG, cleartext.toString());

    Cipher cipher = Cipher.getInstance("DES");
    cipher.init(Cipher.ENCRYPT_MODE, key);
    String encrypedProfile = Base64.encodeToString(cipher.doFinal(cleartext), Base64.DEFAULT);
    Log.i(C.TAG, encrypedProfile);

    editor.putString(PROFILE, encrypedProfile);
    editor.commit();
    profile = newProfile;
  } catch (Exception e) {
    Log.i(C.TAG, e.getMessage());
  }
}

public Profile loadProfile() {
  try {
    Cipher cipher = Cipher.getInstance("DES");
    cipher.init(Cipher.DECRYPT_MODE, key);

    Log.i(C.TAG, prefs.getString(PROFILE, null));

    // byte[] plainTextProfileBytes = Base64.decode(cipher.doFinal(prefs.getString(PROFILE, null).getBytes(HTTP.UTF_8)), Base64.DEFAULT);
    byte[] plainTextProfileBytes = Base64.decode(prefs.getString(PROFILE, null).getBytes(HTTP.UTF_8), Base64.DEFAULT);
    Log.i(C.TAG, new String(plainTextProfileBytes, HTTP.UTF_8));

    profile = new Gson().fromJson(new String(plainTextProfileBytes, HTTP.UTF_8), PROFILE_TYPE);
    Log.i(C.TAG, profile.toString());

  } catch (Exception e) {
    Log.i(C.TAG, e.getMessage());
  }
  return profile;
}

这是一个输出示例(按 Log 的顺序排列):

saveProfile:
Profile@4146a1d8

{"email":"aaa","firstName":"aaa","lastName":"aaa","postal":"aaa" 等...}

[B@414819b0

+nLS7XhRoIFPBeC11 /h6mMz6hFfc8js03QJ8VwVZH+dPBeC11/h6mJ448CLGPNzz+bU669XpAI8VXchYQJr7mgDwHpeoSrP4BMACydjKpC8Q9atbk9xz6HNqDpNOiqaa75hFM+r9pzm55/E2E2tdjz4s5OzNNppAPzmtS69tZAZLPuYt1kvnJehHa6fDt2o5UCv6VukCwvVgt+UDcCqCKvF22Iv6vdMXWTcm


At this point I think everything went as expected. 问题出在下面,破译操作


loadProfile:


�r��xQ��O���z����W��;4�|WY�O���z��8�"�<��:������]�X @��������J�����ʤ/�[��s�sj�N����E3��9���6k]�>,���6�@?9� K�mdK>�-�K�%�Gk�÷j9P+�V���`��p*�*�v؋��Y7&���-A

java.lang.IllegalStateException: Expected BEGIN_OBJECT but was STRING at line 1 column 21

如果我不是:

byte[] plainTextProfileBytes = Base64.decode(prefs.getString(PROFILE,null).getBytes(HTTP.UTF_8), Base64.DEFAULT);

我用:

byte[] plainTextProfileBytes = Base64.decode(cipher.doFinal(prefs.getString(PROFILE, null).getBytes(HTTP.UTF_8)), Base64.DEFAULT);

错误将是:

pad block corrupted

我在这里想念什么?
谢谢你的时间。

4

1 回答 1

1

所以,我找到了解决方案!
对于初学者,我已经更改了一些代码。我创建了一个 myPBEkey 类,它有两种方法,加密和解密,都返回一个带有各自“opmode”的 Cipher 对象:

然后我将我的 saveProfile 和 loadProfile 方法代码更改为:

public void saveProfile(Profile newProfile) {
    try {
            SharedPreferences.Editor editor = prefs.edit();

            String profileJSONfied = new Gson().toJson(newProfile);             
            byte[] encryptedProfile = pbeKey.encrypt().doFinal(profileJSONfied.getBytes(HTTP.UTF_8));       
            byte[] encryptedProfileBase64 = Base64.encode(encryptedProfile, Base64.DEFAULT);            

            editor.putString(PROFILE, new String(encryptedProfileBase64, HTTP.UTF_8));
            editor.commit();
            profile = newProfile;
    } catch (Exception e) {
            Log.i(C.TAG, e.getMessage());
    }
}



public Profile loadProfile() {
    if (profile == null) {
        try {                   
            byte[] decodedProfileBase64 = Base64.decode(prefs.getString(PROFILE, null), Base64.DEFAULT);
            byte[] plainTextProfileBytes = pbeKey.decrypt().doFinal(decodedProfileBase64);

            profile = new Gson().fromJson(new String(plainTextProfileBytes, HTTP.UTF_8), PROFILE_TYPE);

        } catch (Exception e) {
            Log.i(C.TAG, e.getMessage());
    }
return profile;

我认为解决问题的方法是将加密/解密与Base64编码/解码分开,所以首先我们加密然后对加密进行编码byte[],最后存储它。解密时也是如此,首先我们解码加密的 base64 配置文件,然后解密解码的 byte[]. 瞧!

感谢您的宝贵时间,希望对您有所帮助。

于 2013-05-20T10:26:01.187 回答