在Android中保护用户的应用内部文件夹 [英] Protect app internal folder from users in android
问题描述
如何通过限制用户打开应用程序内部文件夹中的数据来提供安全性,即使设备已经生根,
我遇到AES加密的一种方法,但我想知道是他们的方式,我们可以这样做到一个文件夹,或者我们可以创建一个文件,我们可以在其中访问已下载的必要图像或pdf,并且与最终用户保持距离。
How to provide security to data which were stored in app internal folder by restricting user to open it even if the device is rooted, One method i have encountered AES Encryption but i want to know is their way we can do this to a folder or can we create a file in which we can access necessary image or pdf which were downloaded and stay far reach from end user.
推荐答案
对于加密
public void encryptFile(View v) {
Bitmap bitmap = BitmapFactory.decodeFile(Environment.getExternalStorageDirectory() + "/img.png");
// Write image data to ByteArrayOutputStream
ByteArrayOutputStream baos = new ByteArrayOutputStream();
bitmap.compress(Bitmap.CompressFormat.PNG, 100, baos);
// Encrypt and save the image
saveFile(encrypt(key, baos.toByteArray()), "enimg.png");
Toast.makeText(getApplicationContext(), "The image is encrypted", Toast.LENGTH_LONG).show();
image.setImageURI(Uri.parse(Environment.getExternalStorageDirectory() + "enimg.png"));
}
private byte[] encrypt(byte[] skey, byte[] data) {
SecretKeySpec skeySpec = new SecretKeySpec(skey, "AES");
Cipher cipher;
byte[] encrypted = null;
try {
// Get Cipher instance for AES algorithm
cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
// Initialize cipher
cipher.init(Cipher.ENCRYPT_MODE, skeySpec, new IvParameterSpec(iv));
// Encrypt the image byte data
encrypted = cipher.doFinal(data);
} catch (Exception e) {
e.printStackTrace();
}
return encrypted;
}
解密
public void decryptFile(View v) {
try {
// Create FileInputStream to read from the encrypted image file
FileInputStream fis = new FileInputStream(Environment.getExternalStorageDirectory() + "/enimg.png");
// Save the decrypted image
saveFile(decrypt(key, fis), "deimg.png");
Toast.makeText(getApplicationContext(), "The image is decrypted", Toast.LENGTH_LONG).show();
image.setImageURI(Uri.parse(Environment.getExternalStorageDirectory() + "/deimg.png"));
} catch (FileNotFoundException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
private byte[] decrypt(byte[] skey, FileInputStream fis) {
SecretKeySpec skeySpec = new SecretKeySpec(skey, "AES");
Cipher cipher;
byte[] decryptedData = null;
CipherInputStream cis = null;
try {
cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
cipher.init(Cipher.DECRYPT_MODE, skeySpec, new IvParameterSpec(iv));
// Create CipherInputStream to read and decrypt the image data
cis = new CipherInputStream(fis, cipher);
// Write encrypted image data to ByteArrayOutputStream
ByteArrayOutputStream buffer = new ByteArrayOutputStream();
byte[] data = new byte[2048];
while ((cis.read(data)) != -1) {
buffer.write(data);
}
buffer.flush();
decryptedData = buffer.toByteArray();
} catch (Exception e) {
e.printStackTrace();
} finally {
try {
fis.close();
cis.close();
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
return decryptedData;
}
将这些文件保存在某个位置
To save these file at a location
public void saveFile(byte[] data, String outFileName) {
FileOutputStream fos = null;
try {
fos = new FileOutputStream(Environment.getExternalStorageDirectory() + File.separator + outFileName);
fos.write(data);
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
} finally {
try {
fos.close();
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
}
密钥用于加密并解密声明全局 //获取密钥
key = getKey();
// Get IV
iv = getIV();
the key is made to encrypt and decrypt declare it global // Get key
key = getKey();
// Get IV
iv = getIV();
private static byte[] getKey() {
KeyGenerator keyGen;
byte[] dataKey = null;
try {
// Generate 256-bit key
keyGen = KeyGenerator.getInstance("AES");
keyGen.init(256);
SecretKey secretKey = keyGen.generateKey();
dataKey = secretKey.getEncoded();
} catch (NoSuchAlgorithmException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
return dataKey;
}
对于加密jst需要调用函数 encryptFile
和 decryptFile
进行解密
For encryption jst need to call the function encryptFile
and decryptFile
for decryption
这篇关于在Android中保护用户的应用内部文件夹的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!