“密钥证书” 是鹰信专门为鹰信云的“数据隐私”机制设计的一种文件。在登录时产生,上传之前加密,下载之后解密;整个传输和存储过程都是密文,因此其安全性、隐私性得到了保障。当然,缺点就是:“密钥证书”一旦丢失,所有基于该证书加密的文件将不能使用。强烈建议使用鹰信云自动管理,或者发送到私人邮箱保管。
/**
* 为当前登录的用户创建一个密钥证书文件
* Created by Henry on 2019/6/6
*
* @return 创建成功的密钥证书文件
*/
public File create() throws NoSuchAlgorithmException, IOException, AesException {
if (isCreated()) {
throw new AesException("用户已经创建了证书 " + getCrtName() + " ,不能再次创建!");
}
String crtFullName = UUID.randomUUID().toString().replaceAll("-", "");
// 从uuid中随机获取8个字符做文件名,使用专有扩展名“eekf”
crtFullName = Str.getRandom(crtFullName, 8) + "." + ENCODE_File_EXTENSION;
crtFullName = Str.endOfSeparator(App.getContext().getFilesDir().getAbsolutePath()) + crtFullName;
File crtFile = new File(crtFullName);
String salt = this.user.getUserName();
String rand = String.valueOf(System.currentTimeMillis());
int lenMin = Math.min(rand.length(), salt.length());
String toMd5 = "";
for (int i = 0; i < lenMin; i++) {
toMd5 += rand.substring(i, i + 1) + salt.substring(i, i + 1);
}
toMd5 += rand.substring(lenMin - 1, rand.length() - 1);
toMd5 += salt.substring(lenMin - 1, salt.length() - 1);
try {
MessageDigest md5 = MessageDigest.getInstance("MD5");
byte[] md5Array = md5.digest(toMd5.getBytes());
FileOutputStream fos = new FileOutputStream(crtFile);
fos.write(md5Array);
fos.flush();
fos.close();
return crtFile;
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
throw (e);
} catch (FileNotFoundException e) {
e.printStackTrace();
throw (e);
} catch (IOException e) {
e.printStackTrace();
throw (e);
}
}