前段时间项目需要一个功能,就是在操作完某一个逻辑之后返回给客户一个红包,安全校验团队需要我们提供android设备的唯一标示,起初直接通过获取设备的imei号传给了server端,后台公司云迹监控发现,有些设备的imei号是0000000000000000,这样失去了设备唯一性验证的功能,第二个版本做了一个修复,除了获取imei号之外还新增了AndrdoiId的处理,不过悲剧的是android 设备实在是太多太杂了,仅仅通过这两个维度去确定设备的唯一性还是有一些漏洞的,最终我们的解决方案是尽量多的获取与设备相关的信息,最后做一个MD5数字加签,基本满足了这个需求
- package com.suning.mobile.epa;
- import java.security.MessageDigest;
- import java.security.NoSuchAlgorithmException;
- import android.content.Context;
- import android.os.Build;
- import android.provider.Settings.Secure;
- import android.telephony.TelephonyManager;
- public class DeviceFactoty {
- // buildId
- public String m_szDevIDShortMaker() {
- String m_szDevIDShort = "35";
- m_szDevIDShort += Build.BOARD.length() % 10 + Build.BRAND.length() % 10
- + Build.CPU_ABI.length() % 10 + Build.DEVICE.length() % 10
- + Build.DISPLAY.length() % 10 + Build.HOST.length() % 10
- + Build.ID.length() % 10 + Build.MANUFACTURER.length() % 10
- + Build.MODEL.length() % 10 + Build.PRODUCT.length() % 10
- + Build.TAGS.length() % 10 + Build.TYPE.length() % 10
- + Build.USER.length() % 10 + "";
- return m_szDevIDShort;
- }
- public String currentDeviceMark(Context context) {
- final TelephonyManager tm = (TelephonyManager) context
- .getSystemService(Context.TELEPHONY_SERVICE);
- final String tmDevice, tmSerial, androidId;
- tmDevice = "" + tm.getDeviceId();
- tmSerial = "" + tm.getSimSerialNumber();
- androidId = ""
- + android.provider.Settings.Secure.getString(EPApp.getApp()
- .getContentResolver(), Secure.ANDROID_ID);
- String serial = "";
- if (Build.VERSION.SDK_INT > Build.VERSION_CODES.FROYO){
- serial = Build.SERIAL;
- }
- String m_szLongID = tmDevice + tmSerial + androidId + serial
- + m_szDevIDShortMaker();
- MessageDigest m = null;
- try {
- m = MessageDigest.getInstance("MD5");
- } catch (NoSuchAlgorithmException e) {
- e.printStackTrace();
- }
- m.update(m_szLongID.getBytes(), 0, m_szLongID.length());
- // get md5 bytes
- byte p_md5Data[] = m.digest();
- // create a hex string
- String m_szUniqueID = new String();
- for (int i = 0; i < p_md5Data.length; i++) {
- int b = (0xFF & p_md5Data[i]);
- // if it is a single digit, make sure it have 0 in front (proper padding)
- if (b <= 0xF)
- m_szUniqueID += "0";
- // add number to string
- m_szUniqueID += Integer.toHexString(b);
- } // hex string to uppercase
- return m_szUniqueID = m_szUniqueID.toUpperCase();
- }
- }