RSA在生产Android的左右键,但错解密 [英] RSA in android producing right keys but wrong decryption
本文介绍了RSA在生产Android的左右键,但错解密的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我试图加密使用PHP和Android MySQL数据库的用户名和密码的数据。我保持的数据作为 BLOB 与数据库在公钥沿类型MySQL数据库。
注意:检索与完成提交使用HTTP中的 JSON格式完成
但是:我收到的错误数据(容易看到在日志下面的(SID,一个)用于(用户名,解密后的密码),并得到(YzJsawo =,YzJsawo =))尽管使用Base64encoding检索数据。(我已经与CHAR和VARCHAR,但没有成功尝试过)。
请帮忙我有我的项目提交的明天。担心。如果在所有的u认为,美将无法读我写了,请给我提供了上述问题的替代或者类似的问题讨论的链接(虽然我无法找到一个)code。
下面就是我要做的。
加密部分
\r
\r\r
\r保护字符串doInBackground(字符串参数... args){\r
\r
runOnUiThread(新的Runnable(){\r
公共无效的run(){\r
。userStr = inputUsername.getText()的toString();\r
。passStr = inputPassword.getText()的toString();\r
confirmpass = inputConfirmPass.getText()的toString()。\r
\r
如果(userStr.equals()|| passStr.equals()|| confirmpass.equals())\r
{\r
Toast.makeText(getApplicationContext()中输入的所有字段,Toast.LENGTH_SHORT).show();\r
}\r
其他\r
{\r
如果(passStr.equals(confirmpass))\r
{\r
//使用编码算法RSA的字符串\r
\r
//原始文本\r
有效= 1;\r
\r
//生成的1024位RSA加密和解密密钥对\r
重点公钥= NULL;\r
重点privateKey = NULL;\r
串publicKeyStr;\r
尝试{\r
KPG的KeyPairGenerator = KeyPairGenerator.getInstance(RSA);\r
kpg.initialize(1024);\r
密钥对KP = kpg.genKeyPair();\r
公钥= kp.getPublic();\r
privateKey = kp.getPrivate();\r
}赶上(例外五){\r
Log.e(,RSA密钥对误差);\r
}\r
\r
字节[] EN codedUser = NULL,连接codedPassword = NULL;\r
\r
//改变公共密钥字符串str的活动之间传输它\r
publicKeyStr = Base64.en codeToString(publicKey.getEn $ C $的cd(),Base64.DEFAULT);\r
\r
尝试{\r
//用户名编码\r
// EN code。与RSA私钥的原始数据\r
密码C = Cipher.getInstance(RSA / ECB / PKCS1Padding);\r
c.init(Cipher.ENCRYPT_MODE,privateKey);\r
EN codedUser = c.doFinal(Base64.en code(userStr.getBytes(UTF-8),Base64.DEFAULT));\r
\r
//编码密码\r
EN codedPassword = c.doFinal(Base64.en code(passStr.getBytes(UTF-8),Base64.DEFAULT));\r
}赶上(例外五){\r
Log.e(错误类型:,RSA加密错误);\r
}\r
\r
串UsernameStrEncod,PasswordStrEncod;\r
UsernameStrEncod = Base64.en codeToString(EN codedUser,Base64.DEFAULT);\r
PasswordStrEncod = Base64.en codeToString(EN codedPassword,Base64.DEFAULT);\r
\r
\r
清单<&的NameValuePair GT; PARAMS =新的ArrayList<&的NameValuePair GT;();\r
params.add(新BasicNameValuePair(用户名,UsernameStrEncod));\r
params.add(新BasicNameValuePair(密码,PasswordStrEncod));\r
params.add(新BasicNameValuePair(公钥,publicKeyStr));\r
//获取JSON对象\r
//注意,创建产品网址接受POST方法\r
JSONObject的JSON = jsonParser.makeHtt prequest(url_register_user,POST,则params);\r
\r
//检查日志猫来回响应\r
Log.d(创建回应,json.toString());\r
\r
//检查成功标记\r
尝试{\r
INT成功= json.getInt(TAG_SUCCESS);\r
\r
如果(成功== 1){\r
//创建成功产品\r
意图I =新意图(getApplicationContext(),LoginActivity.class);\r
//i.putExtra(\"en$c$cdUser恩codedUser);\r
//i.putExtra(\"publicKey,publicKeyStr);\r
startActivity(ⅰ);\r
\r
//关闭此屏幕\r
完成();\r
}其他{\r
//创建失败产品\r
}\r
}赶上(JSONException E){\r
e.printStackTrace();\r
}\r
}\r
其他\r
Toast.makeText(getApplicationContext(),这两个密码不匹配,Toast.LENGTH_SHORT).show();\r
}\r
}\r
});\r
返回null;\r
} \r
解密部分
\r
\r\r
\r保护字符串doInBackground(字符串... PARAMS)\r
{\r
\r
//从后台线程更新界面\r
runOnUiThread(新的Runnable(){\r
公共无效的run(){\r
//检查成功标记\r
诠释成功;\r
INT发现= 0;\r
尝试{\r
\r
//的EditText变量初始化\r
inputUsername =(EditText上)findViewById(R.id.UsernameID);\r
控件inputPassword =(EditText上)findViewById(R.id.PasswordID);\r
\r
//转换的EditText串\r
。用户= inputUsername.getText()的toString();\r
。密码= inputPassword.getText()的toString();\r
\r
如果(user.equals()||(password.equals()))\r
Toast.makeText(getApplicationContext(),同时输入域,Toast.LENGTH_SHORT).show();\r
//大厦参数\r
其他\r
{\r
清单<&的NameValuePair GT; PARAMS =新的ArrayList<&的NameValuePair GT;();\r
params.add(新BasicNameValuePair(username的用户));\r
params.add(新BasicNameValuePair(密码,密码));\r
Log.d(用户名,密码);\r
//通过HTTP请求获得产品的详细信息\r
//注意产品的详细信息URL会使用GET请求\r
JSONObject的JSON = jsonParser.makeHtt prequest(url_login_details,GET,则params);\r
\r
//检查你的日志,JSON响应\r
Log.d(登录详细信息,json.toString());\r
\r
// JSON的成功标签\r
成功= json.getInt(TAG_SUCCESS);\r
如果(成功== 1)\r
{\r
//成功接收产品的详细信息\r
JSONArray userArray = json.getJSONArray(TAG_USER); // JSON数组\r
为(中间体J = 0;(J&下; userArray.length())及及(发现== 0); ++ j)条\r
{\r
//从JSON数组的第一个产品对象\r
JSONObject的userObj = userArray.getJSONObject(J);\r
字符串U = userObj.getString(TAG_USERNAME);\r
串P = userObj.getString(TAG_PASSWORD);\r
字符串公钥= userObj.getString(TAG_PUBLICKEY);\r
\r
Log.d(usernameBlob:U);\r
Log.d(passwordBlob:页);\r
Log.d(PUBLICKEYBLOB:公钥);\r
\r
//解码从数据库获得的数据\r
字节[] UsernameByteDecod = NULL,PasswordByteDecod = NULL;\r
字符串UsernameStrDecod = NULL,PasswordStrDecod = NULL;\r
尝试{\r
//转换字符串公钥到密钥类型\r
字节[] = keyBytes Base64.de code(publicKey.getBytes(UTF-8),Base64.DEFAULT);\r
X509En codedKeySpec规格=新X509En codedKeySpec(keyBytes);\r
的KeyFactory的KeyFactory = KeyFactory.getInstance(RSA);\r
公钥公钥= keyFactory.generatePublic(规范);\r
\r
\r
\r
密码C = Cipher.getInstance(RSA / ECB / PKCS1Padding);\r
c.init(Cipher.DECRYPT_MODE,公钥);\r
\r
//解码数据\r
UsernameByteDecod = c.doFinal(Base64.de code(u.getBytes(UTF-8),Base64.DEFAULT));\r
PasswordByteDecod = c.doFinal(Base64.de code(u.getBytes(UTF-8),Base64.DEFAULT));\r
UsernameStrDecod = Base64.en codeToString(UsernameByteDecod,Base64.DEFAULT);\r
PasswordStrDecod = Base64.en codeToString(PasswordByteDecod,Base64.DEFAULT);\r
\r
Log.d(用户名,UsernameStrDecod);\r
Log.d(密码:,PasswordStrDecod);\r
}赶上(例外五){\r
Log.e(RSA错误:,RSA解密错误);\r
e.printStackTrace();\r
}\r
如果((user.equals(UsernameStrDecod))及及(password.equals(PasswordStrDecod)))\r
{\r
找到= 1;\r
}\r
否则,如果(user.equals(U))\r
{\r
Toast.makeText(getApplicationContext(),密码不正确,Toast.LENGTH_SHORT).show();\r
突破;\r
}\r
其他\r
{\r
\r
}\r
//在显示的EditText产品数据\r
}\r
}\r
其他\r
{\r
Toast.makeText(getApplicationContext(),您还没有注册,点击这里注册,Toast.LENGTH_SHORT).show();\r
意图I =新意图(getApplicationContext(),RegisterActivity.class);\r
startActivity(ⅰ);\r
\r
\r
}\r
如果(找到== 1)\r
{\r
Toast.makeText(getApplicationContext(),欢迎+用户,Toast.LENGTH_SHORT).show();\r
意图I =新意图(getApplicationContext(),MainActivity.class);\r
startActivity(ⅰ);\r
\r
//完成();\r
\r
}\r
否则,如果(找到== 0)\r
{\r
Toast.makeText(getApplicationContext(),您还没有注册,点击这里注册,Toast.LENGTH_SHORT).show();\r
意图I =新意图(getApplicationContext(),RegisterActivity.class);\r
startActivity(ⅰ);\r
\r
//完成();\r
}\r
}\r
}赶上(JSONException E){\r
e.printStackTrace();\r
}\r
}\r
});\r
\r
返回null;\r
} \r
PHP脚本加密后插入数据
\r
\r\r
\r< PHP\r
\r
/ *\r
*继code将创建一个新的产品行\r
*所有产品的详细信息,从HTTP POST请求读\r
* /\r
\r
//数组JSON响应\r
$响应=阵列();\r
\r
//检查必填字段\r
如果(使用isset($ _ POST [用户名])及和放大器;使用isset($ _ POST ['密码'])及和放大器;使用isset($ _ POST ['公钥']))\r
{\r
\r
$用户名= $ _ POST [用户名];\r
$密码= $ _ POST ['密码'];\r
$公钥= $ _ POST ['公钥'];\r
\r
//其中包括DB连接类\r
require_once __DIR__。 /users_db_connect.php';\r
\r
//连接到数据库\r
$ DB =新DB_CONNECT();\r
\r
// MySQL的插入新行\r
$结果= mysql_query(插入用户(用户名,密码,公钥)VALUES('$用户名,密码$,$公钥'));\r
\r
//检查是否插入行或不\r
如果($结果){\r
//成功插入到数据库\r
$响应[成功] = 1;\r
$响应[消息] =全成注册。\r
\r
//呼应JSON响应\r
回声json_en code($响应);\r
}其他{\r
//没有插入一行\r
$响应[成功] = 0;\r
$响应[消息] =!哎呀发生错误。\r
\r
//呼应JSON响应\r
回声json_en code($响应);\r
}\r
}其他{\r
//必填字段缺失\r
$响应[成功] = 0;\r
$响应[消息] =必填字段(s)是失踪;\r
\r
//呼应JSON响应\r
回声json_en code($响应);\r
}\r
?> \r
PHP脚本,用于检索数据和事后解密它
\r
\r\r
\r< PHP\r
\r
/ *\r
*继code将列出所有产品\r
*\r
* /\r
\r
//数组JSON响应\r
$响应=阵列();\r
\r
//其中包括DB连接类\r
require_once __DIR__。 /users_db_connect.php';\r
\r
//连接到数据库\r
$ DB =新DB_CONNECT();\r
\r
//从产品表中的所有产品\r
$结果= mysql_query(SELECT * FROM用户)或死亡(mysql_error());\r
\r
//检查空结果\r
如果(mysql_num_rows($结果)大于0){\r
//通过所有结果循环\r
//产品节点\r
$响应[用户] =阵列();\r
\r
而($行= mysql_fetch_array($结果)){\r
//临时用户阵\r
$产品=阵列();\r
$产品[用户名] = $行[用户名];\r
$产品[密码] = $行[密码];\r
$产品[公钥] = $行[公钥];\r
\r
//推单一产品到最终响应数组\r
array_push($响应[用户],$产品);\r
}\r
//成功\r
$响应[成功] = 1;\r
\r
//呼应JSON响应\r
回声json_en code($响应);\r
}其他{\r
//没有发现产品\r
$响应[成功] = 0;\r
$响应[消息] =找不到用户;\r
\r
//回声没有用户JSON\r
回声json_en code($响应);\r
}\r
?> \r
的logcat
\r
\r\r
\r 05-03 23:58:53.584:D / SID(26226):一个\r
05-03 23:58:53.640:D /登录信息(26226): {\"user\":[{\"username\":\"oBYxmonY0wmJhVbCZ69S\\/OJYiVt7socheDmRfJM1vUyw1ACBA9ZraePdFJsvbYSjce\\/UhxemRE+x\
RyF4d2GYLxfw+s0sw6Xo0P7T5bJ2gDqw7Grn+aAolhS4xzPnZm\\/tytTVHVgyqdx\\/UbWn8txu8h5D\
Vj8WmLa0IstgcmvHRtQ=\
\",\"password\":\"j\\/iLoIjK5a1vJulTE4Hv7ofMQF48krK3xiDiBwGOJBsK7eGGnRskwjV+xUyT+jT3IeWQHbLncdWD\
eG9HrQKiM2kE+t5SQ6CkCXVTcfWg8\\/axmQC+UQt\\/Q3s81UC64AMVBB0J0\\/cZrdGeAQ8bGGVDkwC2\
f9WTl8RoAiMmpl6Q7gs=\
\",\"publickey\":\"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCxZzks60BsVN6D\\/2wJhXrURkzuDvljjEcN3hW6\
4JbjxK4UJb5T0uVtzULvyfceHcySlhqo2AcP0s+EybPuaZ+dwI1Mhd7VYg1Xeyz5EvLStAOreY3G\
3yweb4sryGvcty88Q4XkC\\/KrcURGAT8QBzNVSc9cHJa+qPf1\\/t+Eb9Yb3wIDAQAB\
\"},{\"username\":\"YjvJ6eNMNtU649ZgordslPURCNOt8ZgfkAm5WzNzlxxYZiYldAIg3PeOHjiOUsIunZuLlQ7\\/uJG2\
9GBCTRDbQJeqOJ\\/YaFePEjuydEHyN7CAay4ocUklVQkTdgSLkTEtU+RFifqGs3fM67fyQD3w8xq6\
yHb3vZMdJ3AS8cFS0fM=\
\",\"password\":\"fr+vrqHzYBgvuHAnaRpNb+V9I0hn9crCuHNabF0v\\/8PAY3a11fnE9v924sUTcgh4BDJVSzp\\/sSxQ\
L1i7noh45buKPrZEz6BfGgiGqpwbjXTLKIyuNFjIyA3qbBFs9rxhYS00AsKmKO+zoB5AZ+I4amQQ\
wa3QKC\\/wtHjPtV7BfwY=\
\",\"publickey\":\"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDG9gggL32xWWArvV2FClklGPGUZPpsHUavy+l7\
GME2RwuI+nlARq9dM4TGyAY2A6APTj\\/lD6\\/uVfmvFvuo1MC2OSGBNNYNngoJ+J1Bg9kjwJUEktEF\
sO2L0iCTu0EQM+1SXlWe20k2sp4UmKdP0Rx3L8NqhbJLLoPLfA5qhCwNDQIDAQAB\
\"}],\"success\":1}\r
05-03 23:58:53.640:D / usernameBlob:(26226):oBYxmonY0wmJhVbCZ69S / OJYiVt7socheDmRfJM1vUyw1ACBA9ZraePdFJsvbYSjce / UhxemRE + X\r
05-03 23:58:53.640:D / usernameBlob:(26226):RyF4d2GYLxfw + s0sw6Xo0P7T5bJ2gDqw7Grn + aAolhS4xzPnZm / tytTVHVgyqdx / UbWn8txu8h5D\r
05-03 23:58:53.640:D / usernameBlob:(26226):Vj8WmLa0IstgcmvHRtQ =\r
05-03 23:58:53.640:D / passwordBlob:(26226):焦耳/ iLoIjK5a1vJulTE4Hv7ofMQF48krK3xiDiBwGOJBsK7eGGnRskwjV + xUyT + jT3IeWQHbLncdWD\r
05-03 23:58:53.640:D / passwordBlob:(26226):eG9HrQKiM2kE + t5SQ6CkCXVTcfWg8 / axmQC + UQt / Q3s81UC64AMVBB0J0 / cZrdGeAQ8bGGVDkwC2\r
05-03 23:58:53.640:D / passwordBlob:(26226):f9WTl8RoAiMmpl6Q7gs =\r
05-03 23:58:53.640:D / PUBLICKEYBLOB:(26226):MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCxZzks60BsVN6D / 2wJhXrURkzuDvljjEcN3hW6\r
05-03 23:58:53.640:D / PUBLICKEYBLOB:(26226):4JbjxK4UJb5T0uVtzULvyfceHcySlhqo2AcP0s + EybPuaZ + dwI1Mhd7VYg1Xeyz5EvLStAOreY3G\r
05-03 23:58:53.640:D / PUBLICKEYBLOB:(26226):3yweb4sryGvcty88Q4XkC / KrcURGAT8QBzNVSc9cHJa + qPf1 / T + Eb9Yb3wIDAQAB\r
05-03 23:58:53.641:D /用户名:(26226):YzJsawo =\r
05-03 23:58:53.641:D /密码:(26226):YzJsawo =\r
05-03 23:58:53.641:D / usernameBlob:(26226):YjvJ6eNMNtU649ZgordslPURCNOt8ZgfkAm5WzNzlxxYZiYldAIg3PeOHjiOUsIunZuLlQ7 / uJG2\r
05-03 23:58:53.641:D / usernameBlob:(26226):9GBCTRDbQJeqOJ / YaFePEjuydEHyN7CAay4ocUklVQkTdgSLkTEtU + RFifqGs3fM67fyQD3w8xq6\r
05-03 23:58:53.641:D / usernameBlob:(26226):yHb3vZMdJ3AS8cFS0fM =\r
05-03 23:58:53.641:D / passwordBlob:(26226):FR + vrqHzYBgvuHAnaRpNb + V9I0hn9crCuHNabF0v / 8PAY3a11fnE9v924sUTcgh4BDJVSzp / sSxQ\r
05-03 23:58:53.641:D / passwordBlob:(26226):L1i7noh45buKPrZEz6BfGgiGqpwbjXTLKIyuNFjIyA3qbBFs9rxhYS00AsKmKO + zoB5AZ + I4amQQ\r
05-03 23:58:53.641:D / passwordBlob:(26226):wa3QKC / wtHjPtV7BfwY =\r
05-03 23:58:53.641:D / PUBLICKEYBLOB:(26226):MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDG9gggL32xWWArvV2FClklGPGUZPpsHUavy + 17\r
05-03 23:58:53.641:D / PUBLICKEYBLOB:(26226):GME2RwuI + nlARq9dM4TGyAY2A6APTj / LD6 / uVfmvFvuo1MC2OSGBNNYNngoJ + J1Bg9kjwJUEktEF\r
05-03 23:58:53.641:D / PUBLICKEYBLOB:(26226):sO2L0iCTu0EQM + 1SXlWe20k2sp4UmKdP0Rx3L8NqhbJLLoPLfA5qhCwNDQIDAQAB\r
05-03 23:58:53.647:D /用户名:(26226):YzJsawo =\r
05-03 23:58:53.647:D /密码:(26226):YzJsawo = \r
解决方案
看看这个
< PHP
$ hashedpassword =隐窝(詹姆斯); / *回声$ hashedpassword;
* /
如果(password_verify('詹姆斯',$ hashedpassword)){
回声'密码是有效的!';
}其他{
回声无效的密码。;
}
?>
I am trying to encrypt username and password data in MySQL database using PHP and Android. I am keeping the data as a BLOB type in MySQL DB along with the public key in the Database. NOTE : Retrieval and Submission of done is done in JSON format using HTTP.
But : I am getting the wrong data(easily visible in log below that (sid,a) is used for (username,password) and (YzJsawo=,YzJsawo=) is obtained) after decryption despite using Base64encoding to retrieve the data.(I have already tried it with CHAR and VARCHAR but no success).
Please help I have my project submission tomorrow. Worried. If at all u think that u won't be able to read the code that i have written please provide me with an alternative for above problem or a link where similar problem is discussed(Although i couldn't find one).
Here is what I am trying to do.
Encryption Part
protected String doInBackground(String... args) {
runOnUiThread(new Runnable() {
public void run() {
userStr = inputUsername.getText().toString();
passStr = inputPassword.getText().toString();
confirmpass = inputConfirmPass.getText().toString();
if(userStr.equals("") || passStr.equals("") || confirmpass.equals(""))
{
Toast.makeText(getApplicationContext(),"Enter all the fields" ,Toast.LENGTH_SHORT).show();
}
else
{
if(passStr.equals(confirmpass))
{
//Encoding the string using RSA Algorithm
// Original text
valid=1;
// Generate key pair for 1024-bit RSA encryption and decryption
Key publicKey = null;
Key privateKey = null;
String publicKeyStr;
try {
KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
kpg.initialize(1024);
KeyPair kp = kpg.genKeyPair();
publicKey = kp.getPublic();
privateKey = kp.getPrivate();
} catch (Exception e) {
Log.e("", "RSA key pair error");
}
byte[] encodedUser = null,encodedPassword = null;
//Changing public key to str to transfer it between activities
publicKeyStr = Base64.encodeToString(publicKey.getEncoded(), Base64.DEFAULT);
try {
//Encoding Username
// Encode the original data with RSA private key
Cipher c = Cipher.getInstance("RSA/ECB/PKCS1Padding");
c.init(Cipher.ENCRYPT_MODE, privateKey);
encodedUser = c.doFinal(Base64.encode(userStr.getBytes("utf-8"),Base64.DEFAULT));
//Encoding Password
encodedPassword = c.doFinal(Base64.encode(passStr.getBytes("utf-8"),Base64.DEFAULT));
} catch (Exception e) {
Log.e("Error Type:", "RSA encryption error");
}
String UsernameStrEncod,PasswordStrEncod;
UsernameStrEncod = Base64.encodeToString(encodedUser, Base64.DEFAULT);
PasswordStrEncod = Base64.encodeToString(encodedPassword, Base64.DEFAULT);
List<NameValuePair> params = new ArrayList<NameValuePair>();
params.add(new BasicNameValuePair("username", UsernameStrEncod));
params.add(new BasicNameValuePair("password", PasswordStrEncod));
params.add(new BasicNameValuePair("publickey", publicKeyStr));
// getting JSON Object
// Note that create product url accepts POST method
JSONObject json = jsonParser.makeHttpRequest(url_register_user,"POST", params);
// check log cat fro response
Log.d("Create Response", json.toString());
// check for success tag
try {
int success = json.getInt(TAG_SUCCESS);
if (success == 1) {
// successfully created product
Intent i = new Intent(getApplicationContext(), LoginActivity.class);
//i.putExtra("encodedUser", encodedUser);
//i.putExtra("publicKey", publicKeyStr);
startActivity(i);
// closing this screen
finish();
} else {
// failed to create product
}
} catch (JSONException e) {
e.printStackTrace();
}
}
else
Toast.makeText(getApplicationContext(),"Both the passwords do not match" ,Toast.LENGTH_SHORT).show();
}
}
});
return null;
}
Decryption Part
protected String doInBackground(String... params)
{
// updating UI from Background Thread
runOnUiThread(new Runnable() {
public void run() {
// Check for success tag
int success;
int found=0;
try {
//EditText variable initialization
inputUsername = (EditText) findViewById(R.id.UsernameID);
inputPassword = (EditText) findViewById(R.id.PasswordID);
//Converting EditText to string
user = inputUsername.getText().toString();
password = inputPassword.getText().toString();
if(user.equals("") || (password.equals("")))
Toast.makeText(getApplicationContext(),"Enter Both the fields" ,Toast.LENGTH_SHORT).show();
// Building Parameters
else
{
List<NameValuePair> params = new ArrayList<NameValuePair>();
params.add(new BasicNameValuePair("username", user));
params.add(new BasicNameValuePair("password", password));
Log.d(user,password);
// getting product details by making HTTP request
// Note that product details url will use GET request
JSONObject json = jsonParser.makeHttpRequest(url_login_details, "GET", params);
// check your log for json response
Log.d("Login Details", json.toString());
// json success tag
success = json.getInt(TAG_SUCCESS);
if (success == 1)
{
// successfully received product details
JSONArray userArray = json.getJSONArray(TAG_USER); // JSON Array
for(int j=0; (j<userArray.length()) && (found==0); ++j)
{
// get first product object from JSON Array
JSONObject userObj = userArray.getJSONObject(j);
String u = userObj.getString(TAG_USERNAME);
String p = userObj.getString(TAG_PASSWORD);
String publicKey = userObj.getString(TAG_PUBLICKEY);
Log.d("usernameBlob:", u);
Log.d("passwordBlob:", p);
Log.d("publickeyBlob:", publicKey);
//Decoding the data obtained from DB
byte[] UsernameByteDecod = null, PasswordByteDecod = null;
String UsernameStrDecod = null,PasswordStrDecod = null;
try {
//Converting the string public key into key type
byte[] keyBytes = Base64.decode(publicKey.getBytes("utf-8"),Base64.DEFAULT);
X509EncodedKeySpec spec = new X509EncodedKeySpec(keyBytes);
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
PublicKey publickey = keyFactory.generatePublic(spec);
Cipher c = Cipher.getInstance("RSA/ECB/PKCS1Padding");
c.init(Cipher.DECRYPT_MODE, publickey);
//Decoding the data
UsernameByteDecod = c.doFinal(Base64.decode(u.getBytes("UTF-8"),Base64.DEFAULT));
PasswordByteDecod = c.doFinal(Base64.decode(u.getBytes("UTF-8"),Base64.DEFAULT));
UsernameStrDecod = Base64.encodeToString(UsernameByteDecod, Base64.DEFAULT);
PasswordStrDecod = Base64.encodeToString(PasswordByteDecod, Base64.DEFAULT);
Log.d("Username:",UsernameStrDecod);
Log.d("Password:",PasswordStrDecod);
} catch (Exception e) {
Log.e("RSA Error:", "RSA decryption error");
e.printStackTrace();
}
if((user.equals(UsernameStrDecod)) && (password.equals(PasswordStrDecod)))
{
found=1;
}
else if(user.equals(u))
{
Toast.makeText(getApplicationContext(),"Password is Incorrect" ,Toast.LENGTH_SHORT).show();
break;
}
else
{
}
// display product data in EditText
}
}
else
{
Toast.makeText(getApplicationContext(),"You are not registered, Register Here" ,Toast.LENGTH_SHORT).show();
Intent i = new Intent(getApplicationContext(), RegisterActivity.class);
startActivity(i);
}
if(found==1)
{
Toast.makeText(getApplicationContext(),"Welcome "+ user ,Toast.LENGTH_SHORT).show();
Intent i = new Intent(getApplicationContext(), MainActivity.class);
startActivity(i);
//finish();
}
else if(found==0)
{
Toast.makeText(getApplicationContext(),"You are not registered, Register Here" ,Toast.LENGTH_SHORT).show();
Intent i = new Intent(getApplicationContext(), RegisterActivity.class);
startActivity(i);
//finish();
}
}
} catch (JSONException e) {
e.printStackTrace();
}
}
});
return null;
}
PHP Script for Inserting data after Encryption
<?php
/*
* Following code will create a new product row
* All product details are read from HTTP Post Request
*/
// array for JSON response
$response = array();
// check for required fields
if (isset($_POST['username']) && isset($_POST['password']) && isset($_POST['publickey']))
{
$username = $_POST['username'];
$password = $_POST['password'];
$publickey = $_POST['publickey'];
// include db connect class
require_once __DIR__ . '/users_db_connect.php';
// connecting to db
$db = new DB_CONNECT();
// mysql inserting a new row
$result = mysql_query("INSERT INTO user(username, password, publickey) VALUES('$username', '$password', '$publickey')");
// check if row inserted or not
if ($result) {
// successfully inserted into database
$response["success"] = 1;
$response["message"] = "Successfull Registration.";
// echoing JSON response
echo json_encode($response);
} else {
// failed to insert row
$response["success"] = 0;
$response["message"] = "Oops! An error occurred.";
// echoing JSON response
echo json_encode($response);
}
} else {
// required field is missing
$response["success"] = 0;
$response["message"] = "Required field(s) is missing";
// echoing JSON response
echo json_encode($response);
}
?>
PHP Script for retrieving data and Decrypting it afterwards
<?php
/*
* Following code will list all the products
*
*/
// array for JSON response
$response = array();
// include db connect class
require_once __DIR__ . '/users_db_connect.php';
// connecting to db
$db = new DB_CONNECT();
// get all products from products table
$result = mysql_query("SELECT * FROM user") or die(mysql_error());
// check for empty result
if (mysql_num_rows($result) > 0) {
// looping through all results
// products node
$response["user"] = array();
while ($row = mysql_fetch_array($result)) {
// temp user array
$product = array();
$product["username"] = $row["username"];
$product["password"] = $row["password"];
$product["publickey"] = $row["publickey"];
// push single product into final response array
array_push($response["user"], $product);
}
// success
$response["success"] = 1;
// echoing JSON response
echo json_encode($response);
} else {
// no products found
$response["success"] = 0;
$response["message"] = "No user found";
// echo no users JSON
echo json_encode($response);
}
?>
Logcat
05-03 23:58:53.584: D/sid(26226): a
05-03 23:58:53.640: D/Login Details(26226): {"user":[{"username":"oBYxmonY0wmJhVbCZ69S\/OJYiVt7socheDmRfJM1vUyw1ACBA9ZraePdFJsvbYSjce\/UhxemRE+x\nRyF4d2GYLxfw+s0sw6Xo0P7T5bJ2gDqw7Grn+aAolhS4xzPnZm\/tytTVHVgyqdx\/UbWn8txu8h5D\nVj8WmLa0IstgcmvHRtQ=\n","password":"j\/iLoIjK5a1vJulTE4Hv7ofMQF48krK3xiDiBwGOJBsK7eGGnRskwjV+xUyT+jT3IeWQHbLncdWD\neG9HrQKiM2kE+t5SQ6CkCXVTcfWg8\/axmQC+UQt\/Q3s81UC64AMVBB0J0\/cZrdGeAQ8bGGVDkwC2\nf9WTl8RoAiMmpl6Q7gs=\n","publickey":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCxZzks60BsVN6D\/2wJhXrURkzuDvljjEcN3hW6\n4JbjxK4UJb5T0uVtzULvyfceHcySlhqo2AcP0s+EybPuaZ+dwI1Mhd7VYg1Xeyz5EvLStAOreY3G\n3yweb4sryGvcty88Q4XkC\/KrcURGAT8QBzNVSc9cHJa+qPf1\/t+Eb9Yb3wIDAQAB\n"},{"username":"YjvJ6eNMNtU649ZgordslPURCNOt8ZgfkAm5WzNzlxxYZiYldAIg3PeOHjiOUsIunZuLlQ7\/uJG2\n9GBCTRDbQJeqOJ\/YaFePEjuydEHyN7CAay4ocUklVQkTdgSLkTEtU+RFifqGs3fM67fyQD3w8xq6\nyHb3vZMdJ3AS8cFS0fM=\n","password":"fr+vrqHzYBgvuHAnaRpNb+V9I0hn9crCuHNabF0v\/8PAY3a11fnE9v924sUTcgh4BDJVSzp\/sSxQ\nL1i7noh45buKPrZEz6BfGgiGqpwbjXTLKIyuNFjIyA3qbBFs9rxhYS00AsKmKO+zoB5AZ+I4amQQ\nwa3QKC\/wtHjPtV7BfwY=\n","publickey":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDG9gggL32xWWArvV2FClklGPGUZPpsHUavy+l7\nGME2RwuI+nlARq9dM4TGyAY2A6APTj\/lD6\/uVfmvFvuo1MC2OSGBNNYNngoJ+J1Bg9kjwJUEktEF\nsO2L0iCTu0EQM+1SXlWe20k2sp4UmKdP0Rx3L8NqhbJLLoPLfA5qhCwNDQIDAQAB\n"}],"success":1}
05-03 23:58:53.640: D/usernameBlob:(26226): oBYxmonY0wmJhVbCZ69S/OJYiVt7socheDmRfJM1vUyw1ACBA9ZraePdFJsvbYSjce/UhxemRE+x
05-03 23:58:53.640: D/usernameBlob:(26226): RyF4d2GYLxfw+s0sw6Xo0P7T5bJ2gDqw7Grn+aAolhS4xzPnZm/tytTVHVgyqdx/UbWn8txu8h5D
05-03 23:58:53.640: D/usernameBlob:(26226): Vj8WmLa0IstgcmvHRtQ=
05-03 23:58:53.640: D/passwordBlob:(26226): j/iLoIjK5a1vJulTE4Hv7ofMQF48krK3xiDiBwGOJBsK7eGGnRskwjV+xUyT+jT3IeWQHbLncdWD
05-03 23:58:53.640: D/passwordBlob:(26226): eG9HrQKiM2kE+t5SQ6CkCXVTcfWg8/axmQC+UQt/Q3s81UC64AMVBB0J0/cZrdGeAQ8bGGVDkwC2
05-03 23:58:53.640: D/passwordBlob:(26226): f9WTl8RoAiMmpl6Q7gs=
05-03 23:58:53.640: D/publickeyBlob:(26226): MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCxZzks60BsVN6D/2wJhXrURkzuDvljjEcN3hW6
05-03 23:58:53.640: D/publickeyBlob:(26226): 4JbjxK4UJb5T0uVtzULvyfceHcySlhqo2AcP0s+EybPuaZ+dwI1Mhd7VYg1Xeyz5EvLStAOreY3G
05-03 23:58:53.640: D/publickeyBlob:(26226): 3yweb4sryGvcty88Q4XkC/KrcURGAT8QBzNVSc9cHJa+qPf1/t+Eb9Yb3wIDAQAB
05-03 23:58:53.641: D/Username:(26226): YzJsawo=
05-03 23:58:53.641: D/Password:(26226): YzJsawo=
05-03 23:58:53.641: D/usernameBlob:(26226): YjvJ6eNMNtU649ZgordslPURCNOt8ZgfkAm5WzNzlxxYZiYldAIg3PeOHjiOUsIunZuLlQ7/uJG2
05-03 23:58:53.641: D/usernameBlob:(26226): 9GBCTRDbQJeqOJ/YaFePEjuydEHyN7CAay4ocUklVQkTdgSLkTEtU+RFifqGs3fM67fyQD3w8xq6
05-03 23:58:53.641: D/usernameBlob:(26226): yHb3vZMdJ3AS8cFS0fM=
05-03 23:58:53.641: D/passwordBlob:(26226): fr+vrqHzYBgvuHAnaRpNb+V9I0hn9crCuHNabF0v/8PAY3a11fnE9v924sUTcgh4BDJVSzp/sSxQ
05-03 23:58:53.641: D/passwordBlob:(26226): L1i7noh45buKPrZEz6BfGgiGqpwbjXTLKIyuNFjIyA3qbBFs9rxhYS00AsKmKO+zoB5AZ+I4amQQ
05-03 23:58:53.641: D/passwordBlob:(26226): wa3QKC/wtHjPtV7BfwY=
05-03 23:58:53.641: D/publickeyBlob:(26226): MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDG9gggL32xWWArvV2FClklGPGUZPpsHUavy+l7
05-03 23:58:53.641: D/publickeyBlob:(26226): GME2RwuI+nlARq9dM4TGyAY2A6APTj/lD6/uVfmvFvuo1MC2OSGBNNYNngoJ+J1Bg9kjwJUEktEF
05-03 23:58:53.641: D/publickeyBlob:(26226): sO2L0iCTu0EQM+1SXlWe20k2sp4UmKdP0Rx3L8NqhbJLLoPLfA5qhCwNDQIDAQAB
05-03 23:58:53.647: D/Username:(26226): YzJsawo=
05-03 23:58:53.647: D/Password:(26226): YzJsawo=
解决方案
have a look at this
<?php
$hashedpassword = crypt("james");
/*echo $hashedpassword;
*/
if (password_verify('james', $hashedpassword)) {
echo 'Password is valid!';
} else {
echo 'Invalid password.';
}
?>
这篇关于RSA在生产Android的左右键,但错解密的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
