From c96a3660d8257820c55bc3f1429c07adc364fe7d Mon Sep 17 00:00:00 2001
From: Runt <qingingrunt2010@qq.com>
Date: Tue, 05 Aug 2025 12:57:13 +0000
Subject: [PATCH] 加解密优化
---
libmvi/src/main/java/com/runt/open/mvi/retrofit/utils/RetrofitUtils.java | 2 +-
libmvi/src/main/java/com/runt/open/mvi/retrofit/converter/DecryptGsonResponseBodyConverter.java | 7 ++-----
libmvi/src/main/java/com/runt/open/mvi/retrofit/Interceptor/HttpLoggingInterceptor.java | 12 +++++++++++-
libmvi/build.gradle.kts | 2 +-
libmvi/src/main/java/com/runt/open/mvi/retrofit/Interceptor/OpenInterceptor.java | 2 +-
libmvi/src/main/java/com/runt/open/mvi/data/PhoneDevice.java | 3 +--
libmvi/src/main/java/com/runt/open/mvi/retrofit/utils/RSAUtils.java | 23 +++++++++++++++++++++--
7 files changed, 38 insertions(+), 13 deletions(-)
diff --git a/libmvi/build.gradle.kts b/libmvi/build.gradle.kts
index 7283dbf..ee0f47d 100644
--- a/libmvi/build.gradle.kts
+++ b/libmvi/build.gradle.kts
@@ -22,7 +22,7 @@
}
release {
isMinifyEnabled = false
- buildConfigField("String","HOST_IP_ADDR","\"http://192.168.28.175:8888/advert/\"")
+ buildConfigField("String","HOST_IP_ADDR","\"http://www.hefan.space/advert/\"")
proguardFiles(getDefaultProguardFile("proguard-android-optimize.txt") , "proguard-rules.pro")
}
}
diff --git a/libmvi/src/main/java/com/runt/open/mvi/data/PhoneDevice.java b/libmvi/src/main/java/com/runt/open/mvi/data/PhoneDevice.java
index 01ebede..87984e3 100644
--- a/libmvi/src/main/java/com/runt/open/mvi/data/PhoneDevice.java
+++ b/libmvi/src/main/java/com/runt/open/mvi/data/PhoneDevice.java
@@ -4,7 +4,6 @@
import android.os.Build;
import com.runt.open.mvi.retrofit.utils.NetWorkUtils;
-import com.runt.open.mvi.utils.DeviceIdUtils;
/**
@@ -20,7 +19,7 @@
static PhoneDevice device;
public static void setDevice(Context context) {
- device = new PhoneDevice(Build.BRAND,Build.MODEL,Build.VERSION.SDK_INT+"",Build.VERSION.RELEASE, DeviceIdUtils.getDeviceId(context), NetWorkUtils.getNetIp());
+ device = new PhoneDevice(Build.BRAND,Build.MODEL,Build.VERSION.SDK_INT+"",Build.VERSION.RELEASE, "", NetWorkUtils.getNetIp());
}
public static PhoneDevice getDevice() {
diff --git a/libmvi/src/main/java/com/runt/open/mvi/retrofit/Interceptor/HttpLoggingInterceptor.java b/libmvi/src/main/java/com/runt/open/mvi/retrofit/Interceptor/HttpLoggingInterceptor.java
index 72d9512..18ef45b 100644
--- a/libmvi/src/main/java/com/runt/open/mvi/retrofit/Interceptor/HttpLoggingInterceptor.java
+++ b/libmvi/src/main/java/com/runt/open/mvi/retrofit/Interceptor/HttpLoggingInterceptor.java
@@ -5,6 +5,7 @@
import com.runt.open.mvi.retrofit.net.NetWorkCost;
import com.runt.open.mvi.retrofit.net.NetWorkListener;
import com.runt.open.mvi.retrofit.utils.HttpPrintUtils;
+import com.runt.open.mvi.retrofit.utils.RSAUtils;
import org.json.JSONArray;
import org.json.JSONException;
@@ -205,7 +206,16 @@
if (contentLength != 0) {
String str = buffer.clone().readString(charset);
if(str.trim().indexOf("{") == 0) {
- logArrays.add(new JSONObject(str).toString(4));
+ JSONObject object = new JSONObject(str);
+ if(object.has("body")){
+ try {
+ logArrays.add(new JSONObject(RSAUtils.decryptVerify(object.getString("body"))).toString(4));
+ } catch (Exception e) {
+ throw new RuntimeException(e);
+ }
+ }else{
+ logArrays.add(object.toString(4));
+ }
}else if(str.trim().indexOf("[") == 0) {
logArrays.add(new JSONArray(str).toString(4));
}else{
diff --git a/libmvi/src/main/java/com/runt/open/mvi/retrofit/Interceptor/OpenInterceptor.java b/libmvi/src/main/java/com/runt/open/mvi/retrofit/Interceptor/OpenInterceptor.java
index 3af2d03..29eab9b 100644
--- a/libmvi/src/main/java/com/runt/open/mvi/retrofit/Interceptor/OpenInterceptor.java
+++ b/libmvi/src/main/java/com/runt/open/mvi/retrofit/Interceptor/OpenInterceptor.java
@@ -33,7 +33,7 @@
public class OpenInterceptor implements Interceptor {
protected final Charset UTF8 = Charset.forName("UTF-8");
- protected final String ENCRYPT = "encrypt";
+ protected final String ENCRYPT = "body";
@Override
public Response intercept(Chain chain) throws IOException {
diff --git a/libmvi/src/main/java/com/runt/open/mvi/retrofit/converter/DecryptGsonResponseBodyConverter.java b/libmvi/src/main/java/com/runt/open/mvi/retrofit/converter/DecryptGsonResponseBodyConverter.java
index 44e36e4..d5c71b7 100644
--- a/libmvi/src/main/java/com/runt/open/mvi/retrofit/converter/DecryptGsonResponseBodyConverter.java
+++ b/libmvi/src/main/java/com/runt/open/mvi/retrofit/converter/DecryptGsonResponseBodyConverter.java
@@ -13,7 +13,6 @@
import com.runt.open.mvi.utils.GsonUtils;
import org.json.JSONException;
-import org.json.JSONObject;
import java.io.ByteArrayInputStream;
import java.io.IOException;
@@ -36,7 +35,7 @@
private final TypeAdapter<T> adapter;
private final Charset UTF_8 = Charset.forName("UTF-8");
private final boolean transHump;//驼峰转换
- private final String ENCRYPT = "encrypt";
+ private final String ENCRYPT = "body";
public DecryptGsonResponseBodyConverter(Gson gson, TypeAdapter<T> adapter, boolean transHump) {
this.gson = gson;
@@ -88,9 +87,7 @@
if(TextUtils.isEmpty(body)){
}else if(body.indexOf("{") == 0) {
- JSONObject json = new JSONObject(body);
- body = RSAUtils.decrypt(json.getString(ENCRYPT), RSAUtils.getPublicKey(RSAUtils.PUBLIC_KEY));//
- //Log.e("Converter", "decryptJsonStr body:" + body);
+ body = RSAUtils.decryptVerify(body,ENCRYPT);
}
return transHump? GsonUtils.toHumpJson(body):body;
}
diff --git a/libmvi/src/main/java/com/runt/open/mvi/retrofit/utils/RSAUtils.java b/libmvi/src/main/java/com/runt/open/mvi/retrofit/utils/RSAUtils.java
index 5bbd89d..9ca8b42 100644
--- a/libmvi/src/main/java/com/runt/open/mvi/retrofit/utils/RSAUtils.java
+++ b/libmvi/src/main/java/com/runt/open/mvi/retrofit/utils/RSAUtils.java
@@ -2,6 +2,8 @@
import android.util.Base64;
+import org.json.JSONObject;
+
import java.io.ByteArrayOutputStream;
import java.security.Key;
import java.security.KeyFactory;
@@ -19,7 +21,7 @@
public class RSAUtils {
//客户端私钥
- public static final String PRIVATE_KEY = "MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBALBGei0scHoOjTLImPHvASaGqYNrdLie0ckWp74Nkqv7FVeXPOvWEG8_jRJCVjJ1grr8SGd9sVY2sxn5XIz7fUEBfx7Vm8m0DaCNBWJpFLGw9xiaVZ2AUKoNyTD4NgZobbwZbt6ZNB6_fggPrGF18pq6GPyCndX1JW8ZiZKj33VBAgMBAAECgYB0q-EX3y7_CnyYXT8l-mxHhJ_T9R6HR89QimcyGqe2nvRMSjSvX7r29xg3OqL0uORzQKHnpcDncELw8SQ5yAbpENeIsD0dvdFlkoyFYU4ljeUbJ46binwwg20TNARjTbpNos9zbhTPh8qixdblxppXA1WC18HtXhixgca5bNG9lQJBAPQfNdpNdDL9l8Tw4hYVuDMszcFuZYbHbm0S4xcwqj-dXNWBztNf5W_K92-N5GIoHbOypkGzjlBjSZi_oKA0HusCQQC42irhw682CG44mKdP6YRDxy6OaauVX4yE9WnsbO8JFSSc9ZCKMMD0F3NGtytDrVMAJxG1iPWXa4ptEdtgwCmDAkAUW1npR1YuPllekdu4jb0bf1v1ClirAYxiyhVnxKYdweiQ4U827yM5zEoP4lwuFzxK1NXqWqe-alkjxK8HTPFbAkAviQLf_adP2MknSrIzzZQSreTeAHR8PA7xnf54KucpScOZjVh3AOSNoH4nYDEC_U5LysA2E5s8Lg5xz9a_QYsrAkEAwV6gNED7_SYDsYyEWimQ6znUb_QSY-sSChnSCY-ILG1wpynBHw_t1Oi3ljl6gL_cYKG1O3uwOtvZtb-Vr1bNkQ";
+ public static final String PRIVATE_KEY = "MIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBALmG22Y82CPx/n7yE6Y/lh33ZoQxWdp9LeWH7DN07dp/5Od9PY6Eix2XBjI4mRWoRv71gtbA3+nq9aaztibWGvjD/akMGTTgWD2BXQI3kw4CrGI0P1YzoFFM0oGUqd9duUzJpl8Lpq/3JpB1vo+c6EsVqggWJoPpIJNb2pcEBC3fAgMBAAECgYEAmmd5C3KR9AB/7Qjtf4wmFJSFNnmYLXXHD+N6miyzlAii6mHaLFV1LlA1sPBXv6WISMLtfGuTLywD/BRPAa1pTbrQTz3BDvtHHrCaL124ZdIr1j49TGyyYRCplwDoP9QWKTtEcZ6mP0P0rzh2Zfe2nBaJDn2qFPmYd9P4WBGMW1kCQQDop0oMK/oDc7gFQqXf0CnEETsOjJrvVzOuRue54WLl1H62PXhsGFzNvlm4J4OqMlLpnX6et7dzgX2MAVlJKP3jAkEAzCTqOo1l/E5bN00HFcQ3odCr5Pi985OK17R1ueAiLoY6g3I6O88zDWCiB5XmQPMSJ6QcNPIxAsJI6JGVqMZQ1QJACyhStci6IcY/8gijOdua1StaYLU/jPDqqpX98P0tKAaL2SOTjeORN9DELr++YcAuF8QU2XnIE4MHSVqbNJYBrwJBAKxkwCiSH/3hbcZVlhYbjZ9oyMCkDkUT47wk+QXu8O65C9DVNbgsUcCKSkp9m+RdYId5XxiXLixWRZug1fGhB8ECQQDTPTxN9RhunrUaT0brQsd+0btrYMrm/suaBzJyBpspFzjxRcM+AhlAHa1szkMqE6r01ZHCFQopaZEWijeh4Kgf";
//服务器公钥
public static final String PUBLIC_KEY = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVj4BkEYtlv8z4quUUrkRvW4xuWQvXegMuLKPQZky8LObbxfFZniSvQ4gllFlyFuCjeeInjyQFPC3ARdbihV3P88drBsB2gCG9lwlCkgMjZfSc/hxC4VirsHbGGSIN5oPyCZMQNAUnIojpKBRlE0TJmHvP+FpAe46Yb+oPs8R5DQIDAQAB";
@@ -56,7 +58,7 @@
*/
public static PrivateKey getPrivateKey(String privateKey) throws Exception {
KeyFactory keyFactory = KeyFactory.getInstance(KEY_RSA);
- byte[] decodedKey = Base64.decode(privateKey.getBytes(), Base64.URL_SAFE);
+ byte[] decodedKey = Base64.decode(privateKey.getBytes(), Base64.DEFAULT);
PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(decodedKey);
return keyFactory.generatePrivate(keySpec);
}
@@ -140,6 +142,23 @@
return new String(decryptedData, "UTF-8");
}
+ public static String decryptVerify(String data,String key) throws Exception{
+ JSONObject jsonBody = new JSONObject(data);
+ return decryptVerify(jsonBody.getString(key));
+ }
+ public static String decryptVerify(String body) throws Exception{
+ String decrypted = RSAUtils.decrypt(body, RSAUtils.getPrivateKey(RSAUtils.PRIVATE_KEY));
+ JSONObject json = new JSONObject(decrypted);
+ //服务端公钥验证加签是否正确
+ String decryptBody = json.getString("body");
+ if(RSAUtils.verify(decryptBody,//内容
+ RSAUtils.getPublicKey(RSAUtils.PUBLIC_KEY),//服务端公钥
+ json.getString("sign"))/*加签*/) {
+ body = decryptBody;
+ }
+ return body;
+ }
+
/**
* 签名
*
diff --git a/libmvi/src/main/java/com/runt/open/mvi/retrofit/utils/RetrofitUtils.java b/libmvi/src/main/java/com/runt/open/mvi/retrofit/utils/RetrofitUtils.java
index fa21c1a..ed6097d 100644
--- a/libmvi/src/main/java/com/runt/open/mvi/retrofit/utils/RetrofitUtils.java
+++ b/libmvi/src/main/java/com/runt/open/mvi/retrofit/utils/RetrofitUtils.java
@@ -209,7 +209,7 @@
//设置OKHttpClient
.client(client)
//设置baseUrl,注意,baseUrl必须后缀"/"
- .baseUrl(BuildConfig.HOST_IP_ADDR+"api/v2/")
+ .baseUrl(BuildConfig.HOST_IP_ADDR+"api/v4/")
.addCallAdapterFactory(RxJava2CallAdapterFactory.create())
.build();
}
--
Gitblit v1.9.1