Detailed explanation Android uses socket to encrypt and transmit large files

Android

preface

Data encryption is a technology with a long history. It refers to transforming plaintext into ciphertext through encryption algorithm and encryption key, while decryption restores ciphertext into plaintext through decryption algorithm and decryption key. Its core is cryptography.

Data encryption is still the most reliable way for computer system to protect information. It uses cryptographic technology to encrypt information and realize information concealment, so as to protect the security of information.

When socket is used for file transfer in the project, it needs to be encrypted first. In the process of implementation, we have stepped on some pits. The following is a summary of the implementation process.

DES encryption

Since the DES encryption algorithm is used in the encryption process, the DES encryption code is pasted below:

Output:

Encrypted data: encryption and decryption

Encrypted data: rt6xe06pelmlzmavxrbfcq==

Decrypted data: encryption and decryption

Socket client part code:

Socket server part code:

Data encryption transmission

Next, encrypt and decrypt the transmission data

Scheme 1: directly encrypt and decrypt the IO stream

Client changes are as follows:

Server change code:

After executing the code, the server will report the following exception when decrypting:

javax.crypto.BadPaddingException: pad block corrupted

The reason for the guess error is that the data will be filled in during encryption, and then packet loss occurs during IO streaming, so the decryption will report an exception.

The result of encryption is a byte array. These encrypted bytes cannot find the corresponding characters in the code table (such as UTF-8 code table), and there will be garbled code. When the garbled string is converted into a byte array again, the length will change, resulting in decryption failure, so the converted data is unsafe.

So I tried to use the nopadding filling mode. Although it can be decrypted successfully, it was found in the test that the content of general files, such as. Txt files, can be displayed normally, but. APK and other files will be prompted with errors such as abnormal parsing package.

Scheme 2: use character stream

Using Base64 to encode the byte array, any byte can be mapped into the corresponding Base64 character, and then can be restored to the byte array, which is conducive to the preservation of encrypted data in transmission, so the conversion is safe. Similarly, it is safe to convert byte arrays to hexadecimal strings.

Since the client reads a byte stream from the input file, it needs to convert the byte stream into a character stream first, while the server needs to convert the character stream into a byte stream after receiving it, and then write it to the file. In the test, it is found that the character stream can be decrypted successfully, but it is a continuous process to convert the file into character stream for transmission, and the writing and writing of the file are cumbersome, and there will be many problems in the operation process.

Scheme 3: use cipherinputstream and cipheroutputstream

During use, it is found that only when the cipheroutputstream stream is closed, the cipherinputstream will receive data. Obviously, this scheme has to pass.

Scheme 4: use sslsocket

Using sslsocket on Android will be a little complicated. First, the client and server need to generate secret keys and certificates. The format of Android certificate must also be BKS format (Java uses JKS format). Generally speaking, we can only generate JKS certificate library by using JDK's keytool. If we generate BKS, we need to download bouncy castle library.

When all the above are ready, you will find the following exception if you use it above Android 6.0:

javax.net.ssl.SSLHandshakeException: Handshake Failed

Exception reason: the sslsocket signature algorithm defaults to DSA. Since Android 6.0 (API 23), the keystore has changed and no longer supports DSA, but ECDSA is still supported.

Therefore, if you want to use sslsocket above Android 6.0, you need to change the DSA to ECDSA... Org feels that the pit is deeper and deeper, and you can't see the end... So you decide to change your mind to solve the problem of socket encryption. Since it is difficult to encrypt and decrypt the file while transmitting, can the client encrypt the file before transmitting it, and then transmit it, and then decrypt the file after the server successfully receives the file. So there is the following scheme.

Scheme 5: first encrypt the file, then transmit it, and then decrypt the file after the server successfully receives the file

The encryption and decryption code of the file is as follows:

Using the above scheme perfectly bypasses some of the problems mentioned above, and successfully realizes the encrypted transmission of files using socket.

summary

For the use of any technology, it is necessary to understand the underlying principles. Otherwise, it's easy to get confused and don't know why!

The above is the whole content of this article. I hope it will be helpful to your study, and I hope you can support programming tips.

The content of this article comes from the network collection of netizens. It is used as a learning reference. The copyright belongs to the original author.
THE END
分享
二维码
< <上一篇
下一篇>>