tag:blogger.com,1999:blog-4729831854233341997.post1053793906440557392..comments2022-03-01T22:49:04.340-08:00Comments on Android Applications, Examples and User Guides: Example for Encrypt and Decrypt using AES with Android 4.2Anonymoushttp://www.blogger.com/profile/00908564854719054075noreply@blogger.comBlogger27125tag:blogger.com,1999:blog-4729831854233341997.post-78365867188100765912013-05-03T06:01:45.601-07:002013-05-03T06:01:45.601-07:00Thanks alot! Few notes
1- could you make the class...Thanks alot! Few notes<br />1- could you make the class downloadable, copying then deleting all the line numbers was a pain.<br />2 - a little addition i made to your class was to make a seed generator from password (as i am generating the seed in real time)<br /><br /> public static String generateSeed(String password){<br /> <br /> String seed = null;<br /> if (password.length() <32){<br /> int numberToAdd = 32-password.length();<br /> seed = password;<br /> for (int i =0; i32){<br /> seed = password.substring(0, 31);<br /> }<br /> <br /> return seed;<br /> }<br /> <br /><br />I then used this in any instance where you use the seed input variable in the public static methods, this allows the user to provide any sized seed and it will convert it into a 32char string.<br /><br />Thanks for this post most helpful encryption post i have found on the web!Aiden fryhttps://www.blogger.com/profile/08683362878398375235noreply@blogger.comtag:blogger.com,1999:blog-4729831854233341997.post-59166023717182541682013-04-26T04:35:45.236-07:002013-04-26T04:35:45.236-07:00Sorry I miss the part read decrypt or encrypt then...Sorry I miss the part read decrypt or encrypt then save.Anonymoushttps://www.blogger.com/profile/00908564854719054075noreply@blogger.comtag:blogger.com,1999:blog-4729831854233341997.post-51995924013157996502013-04-26T04:34:19.866-07:002013-04-26T04:34:19.866-07:00Hi Sanjakumar,
If you want mean get your .apk fil...Hi Sanjakumar,<br /><br />If you want mean get your .apk file and encrypt then decrypt, you can as you can do with any file, however Android will not be able to install or read it, for this it's necessary decrypt the file.<br />For do that you can load the file into memory then encrypt or decrypt (if encrypted) and save it, however would be better if you did it reading/saving as stream.Anonymoushttps://www.blogger.com/profile/00908564854719054075noreply@blogger.comtag:blogger.com,1999:blog-4729831854233341997.post-48468346139930656872013-04-25T23:16:06.097-07:002013-04-25T23:16:06.097-07:00I want encrypt & decrypt .apk file in android ...I want encrypt & decrypt .apk file in android is it possible ?SanjayChttps://www.blogger.com/profile/03186690699306222518noreply@blogger.comtag:blogger.com,1999:blog-4729831854233341997.post-5584271292736233032013-04-08T04:32:37.391-07:002013-04-08T04:32:37.391-07:00Hi Murtaza,
You could be a little bit more especi...Hi Murtaza,<br /><br />You could be a little bit more especific in telling how you are encrypt and decrypting it, what padding it's been used (you need to check the objects to see which one it's been used). Because each OS platform has a different default padding, also keep aware that Android doesn't have all paddings that most languages have. If you need a padding that the native Android libs doesn't have you will need to download and import the Sponge Castle jar in your project and use it rather the native Android lib.<br />I was looking around and could find out this : https://groups.google.com/forum/?fromgroups=#!topic/android-developers/vZ9xYTSWa9s , I can't be more specific due that you have provided quite few details to me, however .Net should use a different Padding default than Android does. <br />Basically you need she that Padding it's been used in the server side (or the app responsible to encrypt), and get those details and set it into your Android client (don't forget to check if Android does have those Paddings or algorithms).<br />Anonymoushttps://www.blogger.com/profile/00908564854719054075noreply@blogger.comtag:blogger.com,1999:blog-4729831854233341997.post-9861351907423341482013-04-08T02:20:50.882-07:002013-04-08T02:20:50.882-07:00and this is compatible with .net webservice encryp...and this is compatible with .net webservice encryption. Anonymoushttps://www.blogger.com/profile/09698001124083303285noreply@blogger.comtag:blogger.com,1999:blog-4729831854233341997.post-39809066421364875222013-04-08T02:13:03.129-07:002013-04-08T02:13:03.129-07:00 i m getting this prob : java.lang.IllegalArgument... i m getting this prob : java.lang.IllegalArgumentException: bad base-64Anonymoushttps://www.blogger.com/profile/09698001124083303285noreply@blogger.comtag:blogger.com,1999:blog-4729831854233341997.post-11586771369653051692013-03-25T23:50:27.553-07:002013-03-25T23:50:27.553-07:00For you have a timestamp as part of the key it'...For you have a timestamp as part of the key it's easy, it's just get the time from Date or calendar and format it using SimpleDateFormat if you want, then parse it to string. <br />For you have a random seed take a look in this link:http://android-developers.blogspot.com.au/2013/02/using-cryptography-to-store-credentials.html?m=1<br />Just keep aware that it's quite easy read strings from the apk and also those strings that are hard coded (not from resource files). Anonymoushttps://www.blogger.com/profile/00908564854719054075noreply@blogger.comtag:blogger.com,1999:blog-4729831854233341997.post-28642051029189993782013-03-25T05:55:40.051-07:002013-03-25T05:55:40.051-07:00i didnt what is the padding setting and which is t...i didnt what is the padding setting and which is the cipher class<br />can u also do 1 more favour to me i want to add the time stamp with the encryption and randomiz the key <br />i am not so good in cryptography but i want to use this example for login authenticationAnonymoushttps://www.blogger.com/profile/06344269200872088523noreply@blogger.comtag:blogger.com,1999:blog-4729831854233341997.post-21167756317161126132013-03-17T15:34:16.011-07:002013-03-17T15:34:16.011-07:00It's due different Padding settings. Take a lo...It's due different Padding settings. Take a look on your Cipher class and check for the padding.Anonymoushttps://www.blogger.com/profile/00908564854719054075noreply@blogger.comtag:blogger.com,1999:blog-4729831854233341997.post-19723056153590706642013-03-16T11:07:17.638-07:002013-03-16T11:07:17.638-07:00hi guys the program is working now
now i have 1 q...hi guys the program is working now <br />now i have 1 question the encrypted text what we get after i comment the line 36 and uncomment line 40<br />the encrypted text we i tried to match that text with online aes tool on web using same key it different can nybudy explain y is it soAnonymoushttps://www.blogger.com/profile/06344269200872088523noreply@blogger.comtag:blogger.com,1999:blog-4729831854233341997.post-34109299486464460192013-03-16T04:28:27.778-07:002013-03-16T04:28:27.778-07:00Hi Pritam,
Have you debug the code, because the m...Hi Pritam,<br /><br />Have you debug the code, because the method from line 39 is called from the one on line 50, and looks like that you are getting something wrong or null? Try check the method from line 50 to see if all variables aren't null, like seed and rawkey.<br />Anonymoushttps://www.blogger.com/profile/00908564854719054075noreply@blogger.comtag:blogger.com,1999:blog-4729831854233341997.post-90357592550557500922013-03-14T06:04:41.824-07:002013-03-14T06:04:41.824-07:00EncodeDecodeAES cannot be resolved line number 39...EncodeDecodeAES cannot be resolved line number 39<br /><br />i am getting this errorAnonymoushttps://www.blogger.com/profile/06344269200872088523noreply@blogger.comtag:blogger.com,1999:blog-4729831854233341997.post-16304601717041200162013-02-17T15:19:17.251-08:002013-02-17T15:19:17.251-08:00Correcting a misspelling. It's not Sponge Cast...Correcting a misspelling. It's not <b>Sponge Castle</b> is <b>Spongy Castle</b>.<br />Link : http://rtyley.github.com/spongycastle/<br /><br />Sorry for that. Anonymoushttps://www.blogger.com/profile/00908564854719054075noreply@blogger.comtag:blogger.com,1999:blog-4729831854233341997.post-8835639826503730552013-02-07T14:16:09.913-08:002013-02-07T14:16:09.913-08:00Marian,
Even encryption been AES it has different...Marian,<br /><br />Even encryption been AES it has different "sort" of PADDINGs that make the byte key generated be slightly different and each language (as Android Java, Java or Objective C) has a different default values set. Please take a look on the answer from this post : http://stackoverflow.com/questions/10935068/what-are-the-cipher-padding-strings-in-java<br />As Android has quite less PADDING modes, certainly the default mode is different, and such probably the encrypted password from your MAC/iOS is having a different default. I have an experience like yours and the padding been used by the iOS (for iPhone) simply don't exist on Android but exist on Java and Sponge. <br />A rule of thumb is take a look on the Cipher on Android and the correspondent on your Mac/iOS they should be different. The biggest problem is t to decrypthat Android having less 'padding modes' you need adapt what is been generated to be able to decrypt on Android, or use the Sponge Bounce Castle and set the same PADDING when get the rawKey to decrypt. <br />Basically you need debug your cipher and find out the Chipher object and see the Padding and bits encryption (if it's getting 128, because by default in some devices it's get 256 straight away, and on Apple is 256 as default), then you need check if exist that PADDING mode on Android (like ECB,CBC and so on), if not and you can't change from the Apple side, then you need to import the jar (Sponge) and set the PADDING to match the with your on Mac.<br />Don't do the fast solution, workaround usually just make things messier and if you work for one company with tight timeframe, such probably you will never fix it again due that amount of code that will be relying on this workaround.<br />I hope that it has helped you and answered your questions.<br />Feel free to contact me if you still have any doubt.<br /><br />Regards<br />Anonymoushttps://www.blogger.com/profile/00908564854719054075noreply@blogger.comtag:blogger.com,1999:blog-4729831854233341997.post-38587667746155772152013-02-07T06:51:46.135-08:002013-02-07T06:51:46.135-08:00Hello ,
Thanks for your quick answers. Let me tr...Hello , <br /><br />Thanks for your quick answers. Let me try to explain what debugging i have made and try to explain the most important issue . <br />First of all I don't understand why encryption of one file must be done in Android in order to make the decryption work . From what i know AES algorithm it's pretty simple and involves just one complicated formula : multiplying polinoms at some point and reducing them .<br /><br />Anyway , back to my very annoying 3 full day issue :) . <br />My file is encrypted from Mac OS platform , uploaded to server , decryption on Mac OS of course working . Key size set to 128. <br />jre is decrypting perfectly but same code placed in Android not. <br /><br />text_to_encrypt : "ASD"<br />key : "parolatest"<br />bytes_array of result on Mac OS platform : a37d8b74 015ae91a b3b95b05 121d6898<br />of course the same on jre and android when preparing for decryption and of course different results in Android.<br /><br />Can you please explain why these differences exists ? Shouldn't the OS react the same on such easy algorithms ? I mean it's just an AES with very simple operations ... <br />Of course a fast solution is to prepare the encrypted files from Android which I think that I will do next.<br />But why this is happening ? :) <br /><br />Thanks<br /><br /><br /><br />Anonymoushttps://www.blogger.com/profile/14238189418710552727noreply@blogger.comtag:blogger.com,1999:blog-4729831854233341997.post-44976879412211111402013-02-06T15:37:47.990-08:002013-02-06T15:37:47.990-08:00Hi Marian,
If your password is already encrypted,...Hi Marian,<br /><br />If your password is already encrypted, then the framework should have filled the extra chars with 0 (this is the reason that for decryption I have created an array with 0s), actually the example should work if your password has been created already in a mobile (can be from any Android, but it will not work out of box if this come from a PC/Server). If the file come from a PC/Server you gone need use the bouncy castle package because the one that come with Android is crippled and there quite more options for AES on the Java (for PC). This example just work if the old encrypted password has been created with Android libs, if it's not the case then you need to import the sponge bounce castle jar (http://en.wikipedia.org/wiki/Bouncy_Castle_(cryptography) <br /><i>and</i><br /> http://bouncy-castle.1462172.n4.nabble.com/Spongy-Castle-Bouncy-Castle-repackage-for-Android-v1-47-release-td4549082.html) this is a complete set with all Java supported types and algorithms.<br />(disregard those questions if the password and xml file are coming from a server running Java and not Android Java)<br />Are you getting any error when try to decrypt it, what message is coming if failing? <br />Have you used it before and was it working?<br /><br />If this xml file is encrypted in an Android device you can, other else you will need know all settings from the PC version and using the Sponge Castle jar, create the class with those settings.<br />I have one old app it's called Data Safe and it's encrypt and decrypt any sort of file, though it doesn't receive anything encrypted from any PC or server, and works pretty well. <br />To decrypt xml files try to AsyncTask or a background service (because you can leave the activity without window leaked and crash the app).<br />I hope that it has helped you.<br />Please feel free to ask more if you still have doubts<br /><br />Regards<br />Anonymoushttps://www.blogger.com/profile/00908564854719054075noreply@blogger.comtag:blogger.com,1999:blog-4729831854233341997.post-13216781135313231792013-02-06T07:25:20.758-08:002013-02-06T07:25:20.758-08:00Your code works great but i have some issue about ...Your code works great but i have some issue about AES decryption. First of all what i do if my password does not have 16 chars. I recive a document encrypted with aes and a password that has 10 chars how i need to handle the password to get the 16 chars key?<br /><br />And second question can i use this to decrypt large files like .xml for example? I tryed to take the file and put it in a string then decrypt but no succes yet.Anonymoushttps://www.blogger.com/profile/14238189418710552727noreply@blogger.comtag:blogger.com,1999:blog-4729831854233341997.post-1329489016790985192013-01-24T14:48:07.105-08:002013-01-24T14:48:07.105-08:00Hi,
What you are trying to do looks very similar...Hi, <br /><br />What you are trying to do looks very similar to the Google LVL (http://developer.android.com/google/play/licensing/adding-licensing.html) take a look on the example code that should be at the same path level as android sdk (you can download it using the Android SDK manager). Other thing it's that not all Android devices or OS versions have a unique ID. <br />A good approach has been shown on G+ from Romain Guy (http://android-developers.blogspot.com.au/2013/01/verifying-back-end-calls-from-android.html). However if you want to create a 'in home' solution you can try using RSA that uses public and private keys, mean your app would make a ws call to your server and pass o the payload those data or details encrypted with your public key and only you will be able to decrypt it with your private key. To do that you will gone need the Android Bouncy Castle jar. Try don't save any important data on device, do it only if it's really necessary. <br />I hope have answered your doubt. I could give you some extra ideas though as. Y work pc has died today I'm sending this through my Nexus 7<br />RegardsAnonymoushttps://www.blogger.com/profile/00908564854719054075noreply@blogger.comtag:blogger.com,1999:blog-4729831854233341997.post-308835038755647352013-01-24T13:23:50.264-08:002013-01-24T13:23:50.264-08:00I want to follow this algorithm., Just want to kno...I want to follow this algorithm., Just want to know if I can use it or not for my requirement <br />I need to do authorization before my app starts. <br />I thought to use unique android ID and use this algorithm and save it locally .<br />SO before my app starts I will validate if the Unique ID matches or not <br />IS this right approach ?Anonymoushttps://www.blogger.com/profile/17036230449934752272noreply@blogger.comtag:blogger.com,1999:blog-4729831854233341997.post-15649476458942805282012-12-26T16:57:24.393-08:002012-12-26T16:57:24.393-08:00You are welcome You are welcome Anonymoushttps://www.blogger.com/profile/00908564854719054075noreply@blogger.comtag:blogger.com,1999:blog-4729831854233341997.post-4618036352190479242012-12-26T07:04:49.248-08:002012-12-26T07:04:49.248-08:00Hi Klaus,
Thank you so much for your reply.
I th...Hi Klaus,<br /><br />Thank you so much for your reply.<br /><br />I think I should learn more deep into the Cipher class.<br /><br />Thanks.Anonymoushttps://www.blogger.com/profile/05160404022148221502noreply@blogger.comtag:blogger.com,1999:blog-4729831854233341997.post-40842127821882254382012-12-25T23:27:08.857-08:002012-12-25T23:27:08.857-08:00Hi John,
Answering a couple of your questions:
1...Hi John, <br /><br />Answering a couple of your questions:<br />1. I just have used it because for some reason I wasn't getting 0 as byte if the password didn't have enough length (16 chars), when decrypting it.<br /><br />2. To decrypt it using the old way, I had to took a look on the old code running in an Android version older then 4.2 (did try it on 2.3.6 and 4.0.4), what I did was to take a deep look into the cipher object being returned when encrypting and decrypting and then did a comparation against the counter part from 4.2. The encrypt was going well on both though the decrypt as getting different bytes from the padding, that worked fine after set it with 0's (from the key byte array).<br /><br /><br /><br />3. I'll give a try on your code, this weekend, though try look into the cipher object and check if the padding is the same, because 4.2 now use a different getInstance to get the SecureRandom (sr).<br />if (android.os.Build.VERSION.SDK_INT >= JELLY_BEAN_4_2) {<br /> sr = SecureRandom.getInstance("SHA1PRNG", "Crypto");<br /> } else {<br /> sr = SecureRandom.getInstance("SHA1PRNG");<br />}<br /><br />and this is what you are doing :<br />KeyGenerator kgen = KeyGenerator.getInstance("AES");<br />SecureRandom sr = SecureRandom.getInstance("SHA1PRNG");<br /><br />A good way to test it is get a HEX text that you have generated on the old version (<4.2) and create a test project with 4.2 api where you set you text encrypted as I did on the example above, and try to decrypt it, I believe that changing those lines from your getRawKey for those that I have on my code (above) should do the trick. Please let me know if you still are facing a problem.<br />Thanks<br />Anonymoushttps://www.blogger.com/profile/00908564854719054075noreply@blogger.comtag:blogger.com,1999:blog-4729831854233341997.post-60899845303501766512012-12-24T07:44:07.969-08:002012-12-24T07:44:07.969-08:00Hi, I am John.
I read your solution about the Cip...Hi, I am John.<br /><br />I read your solution about the Cipher problem on Android 4.2, I am running into the same problem.<br />I have some questions:<br />1. what's the array "key" for? I note that the "key" array is never used in your code, you just copy seed bytes into it, but not use it.<br /> private final static byte[] key = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };<br /> The "key" is never used in your source code.<br /> <br />2. How to decrypt the string that encrypted by the old way?<br /><br />3. Here's my code, and some of my app's users have already saved their information with the "encrypt" function, I don't know how to decrypt the information correctly.<br /><br /><br /><br />public class MyCipher {<br />public static String encrypt(String seed, String cleartext)<br />throws Exception {<br />byte[] rawKey = getRawKey(seed.getBytes());<br />byte[] result = encrypt(rawKey, cleartext.getBytes());<br />return toHex(result);<br />}<br /><br />public static String decrypt(String seed, String encrypted)<br />throws Exception {<br />byte[] rawKey = getRawKey(seed.getBytes());<br />byte[] enc = toByte(encrypted);<br />byte[] result = decrypt(rawKey, enc);<br />return new String(result);<br />}<br /><br />private static byte[] getRawKey(byte[] seed) throws Exception {<br />KeyGenerator kgen = KeyGenerator.getInstance("AES");<br />SecureRandom sr = SecureRandom.getInstance("SHA1PRNG");<br />sr.setSeed(seed);<br />kgen.init(128, sr); // 192 and 256 bits may not be available<br />SecretKey skey = kgen.generateKey();<br />byte[] raw = skey.getEncoded();<br />return raw;<br />}<br /><br />private static byte[] encrypt(byte[] raw, byte[] clear) throws Exception {<br />SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");<br />Cipher cipher = Cipher.getInstance("AES");<br />cipher.init(Cipher.ENCRYPT_MODE, skeySpec);<br />byte[] encrypted = cipher.doFinal(clear);<br />return encrypted;<br />}<br /><br />private static byte[] decrypt(byte[] raw, byte[] encrypted)<br />throws Exception {<br />SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");<br />Cipher cipher = Cipher.getInstance("AES");<br />cipher.init(Cipher.DECRYPT_MODE, skeySpec);<br />byte[] decrypted = cipher.doFinal(encrypted);<br />return decrypted;<br />}<br /><br />public static byte[] toByte(String hexString) {<br />int len = hexString.length() / 2;<br />byte[] result = new byte[len];<br />for (int i = 0; i < len; i++)<br />result[i] = Integer.valueOf(hexString.substring(2 * i, 2 * i + 2),<br />16).byteValue();<br />return result;<br />}<br /><br />public static String toHex(byte[] buf) {<br />if (buf == null)<br />return "";<br />StringBuffer result = new StringBuffer(2 * buf.length);<br />for (int i = 0; i < buf.length; i++) {<br />appendHex(result, buf[i]);<br />}<br />return result.toString();<br />}<br /><br />private final static String HEX = "0123456789ABCDEF";<br /><br />private static void appendHex(StringBuffer sb, byte b) {<br />sb.append(HEX.charAt((b >> 4) & 0x0f)).append(HEX.charAt(b & 0x0f));<br />}<br />}<br /><br /><br /><br />Thank you very much.Anonymoushttps://www.blogger.com/profile/05160404022148221502noreply@blogger.comtag:blogger.com,1999:blog-4729831854233341997.post-25956010475551189122012-12-24T07:39:49.381-08:002012-12-24T07:39:49.381-08:00This comment has been removed by the author.Anonymoushttps://www.blogger.com/profile/05160404022148221502noreply@blogger.com