开发中我们经常会和服务器打交道:最终的目的就是和数据打交道,但是这往往出现一个问题就是,数据的安全性问题,比如说我们把数据发送给服务器,服务器返回数据给我们,这其中牵涉到很重要的安全性问题:分3步来解决这个问题。
1:首先我们新建一个类用来加密和解密如下所示:
- *
- * Created by acer-pc on 2018/6/22.
- */
- public class EncryptUtil {
- private static final String ALGORITHM = "AES/ECB/PKCS5Padding";
- // 加密秘钥
- private static final String AES_KEY = "XXX(我们自己设置)";
- private static SecretKeySpec secretKeySpec;
- /**
- * 前台传输数据解密
- *
- * @param rawJson 原始JSON
- * @return 解密后的Map
- */
- public static <T extends BaseResult> T decrypt(String rawJson, Class<T> tClass) {
- T result=null;
- try {
- Cipher cipher = Cipher.getInstance(ALGORITHM);
- cipher.init(Cipher.DECRYPT_MODE, getAesKey());
- byte[] paramBytes = cipher.doFinal(Base64.decode(rawJson.getBytes("UTF-8"), Base64.NO_WRAP));
- String paramJson = new String(paramBytes);
- result = GsonUtil.fromJson(paramJson, tClass);
- } catch (NoSuchPaddingException e) {
- e.printStackTrace();
- } catch (NoSuchAlgorithmException e) {
- e.printStackTrace();
- } catch (InvalidKeyException e) {
- e.printStackTrace();
- } catch (BadPaddingException e) {
- e.printStackTrace();
- } catch (IllegalBlockSizeException e) {
- e.printStackTrace();
- } catch (UnsupportedEncodingException e) {
- e.printStackTrace();
- }
- return result;
- }
- /**
- * 数据传输过程中需要加密设置
- * @param rawMap
- * @return
- */
- public static String encrypt(Map<String, String> rawMap) {
- String result = "";
- try {
- Cipher cipher = Cipher.getInstance(ALGORITHM);
- cipher.init(Cipher.ENCRYPT_MODE, getAesKey());
- String rawJson = GsonUtil.toJson(rawMap);
- byte[] paramBytes = cipher.doFinal(rawJson.getBytes("UTF-8"));
- result = Base64.encodeToString(paramBytes, Base64.NO_WRAP);
- } catch (NoSuchPaddingException e) {
- e.printStackTrace();
- } catch (NoSuchAlgorithmException e) {
- e.printStackTrace();
- } catch (InvalidKeyException e) {
- e.printStackTrace();
- } catch (BadPaddingException e) {
- e.printStackTrace();
- } catch (IllegalBlockSizeException e) {
- e.printStackTrace();
- } catch (UnsupportedEncodingException e) {
- e.printStackTrace();
- }
- return result;
- }
- private static SecretKeySpec getAesKey() {
- if (secretKeySpec != null) {
- return secretKeySpec;
- }
- try {
- secretKeySpec = new SecretKeySpec(AES_KEY.getBytes("UTF-8"), "AES");
- } catch (UnsupportedEncodingException e) {
- e.printStackTrace();
- }
- return secretKeySpec;
- }
- }
2:其中的BaseResult如下(要解析的数据的根类,放数据的类要继承这个类):
- public class BaseResult {
- private int result;
- private String message;
- public int getResult() {
- return result;
- }
- public void setResult(int result) {
- this.result = result;
- }
- public String getMessage() {
- return message;
- }
- public void setMessage(String message) {
- this.message = message;
- }
- }
3:当我们在主类中(或者Fragment中)使用的时候如下:
- //加载数据
- public void initData() {
- //这里利用线程池使得线程在线程池中运行防止程序卡死
- APIConfig.getDataIntoView(new Runnable() {
- @Override
- public void run() {
- Map<String, String> map = new HashMap<>();
- map.put("token", RuntimeConfig.user.getToken());
- String paramJson = EncryptUtil.encrypt(map);
- String url = "http://这里是我们的目标网址";
- String rs = HttpUtil.GetDataFromNetByPost(url,
- new ParamsBuilder().addParam("paramJson", paramJson).getParams());
- // rs判空
- final DiaryDetailResult result = EncryptUtil.decrypt(rs, DiaryDetailResult.class);
- UIUtils.runOnUIThread(new Runnable() {
- @Override
- public void run() {
- //这里禁用
- if (result != null && result.getResult() == APIConfig.CODE_SUCCESS) {
- Diary diaryData = result.getData().getContent();
- //接下来对解析出的数据进行自己的操作
- 。。。。。。。。。。。。
- } else {
- // Toast弹出加载失败;
- }
- }
- });
- }
- });
- }
3:大功告成!
