Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Single class that handles encryption and decryption with keys using the Android `Keystore` API. Mostly inspired by this [blog post](https://medium.com/@ericfu/securely-storing-secrets-in-an-android-application-501f030ae5a3). This was tested with API 18 and 25 level emulator (and a level 23 device).
package com.example.yourapp;
import android.annotation.SuppressLint;
import android.content.Context;
import android.content.SharedPreferences;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.KeyProperties;
import android.support.annotation.RequiresApi;
import android.text.TextUtils;
import android.util.Base64;
import android.util.Log;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SecureRandom;
import java.security.UnrecoverableEntryException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.util.ArrayList;
import java.util.Calendar;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;
/*
MIT License: https://opensource.org/licenses/MIT
Copyright 2017 Diederik Hattingh
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
*/
/*
Change log:
2018-08-02:
Also catch `UnrecoverableKeyException` on `keyStore.getEntry`.
2018-07-26:
Added lock for multi threaded case.
Fix Null pointer exception when clearing app data on Android 4.x
A NOTE for Android < 6.0
Please note that changing the pin/pattern on the lock screen as described
[here](https://doridori.github.io/android-security-the-forgetful-keystore/#sthash.tsqatJDu.dpbs) on Android < 6.0 will
delete the keystore, and leave your encrypted data useless.
So this is only useful for saving data that a user can re-generate with some ease. Cookies from a server for example.
*/
public class Cryptography {
private static final String ANDROID_KEY_STORE_NAME = "AndroidKeyStore";
private static final String AES_MODE_M_OR_GREATER = "AES/GCM/NoPadding";
private static final String AES_MODE_LESS_THAN_M = "AES/ECB/PKCS7Padding";
private static final String KEY_ALIAS = "YOUR-KeyAliasForEncryption";
// TODO update these bytes to be random for IV of encryption
private static final byte[] FIXED_IV = new byte[]{ 55, 54, 53, 52, 51, 50,
49, 48, 47,
46, 45, 44 };
private static final String CHARSET_NAME = "UTF-8";
private static final String RSA_ALGORITHM_NAME = "RSA";
private static final String RSA_MODE = "RSA/ECB/PKCS1Padding";
private static final String CIPHER_PROVIDER_NAME_ENCRYPTION_DECRYPTION_RSA = "AndroidOpenSSL";
private static final String CIPHER_PROVIDER_NAME_ENCRYPTION_DECRYPTION_AES = "BC";
private static final String SHARED_PREFERENCE_NAME = "YOUR-EncryptedKeysSharedPreferences";
private static final String ENCRYPTED_KEY_NAME = "YOUR-EncryptedKeysKeyName";
private static final String LOG_TAG = Cryptography.class.getName();
private final Context mContext;
private final static Object s_keyInitLock = new Object();
public Cryptography(Context context) {
mContext = context;
}
// Using algorithm as described at https://medium.com/@ericfu/securely-storing-secrets-in-an-android-application-501f030ae5a3
@RequiresApi(api = Build.VERSION_CODES.JELLY_BEAN_MR2)
private void initKeys() throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException, NoSuchProviderException, InvalidAlgorithmParameterException, UnrecoverableEntryException, NoSuchPaddingException, InvalidKeyException {
KeyStore keyStore = KeyStore.getInstance(ANDROID_KEY_STORE_NAME);
keyStore.load(null);
if (!keyStore.containsAlias(KEY_ALIAS)) {
initValidKeys();
} else {
boolean keyValid = false;
try {
KeyStore.Entry keyEntry = keyStore.getEntry(KEY_ALIAS, null);
if (keyEntry instanceof KeyStore.SecretKeyEntry &&
Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) {
keyValid = true;
}
if (keyEntry instanceof KeyStore.PrivateKeyEntry && Build.VERSION.SDK_INT < Build.VERSION_CODES.M) {
String secretKey = getSecretKeyFromSharedPreferences();
// When doing "Clear data" on Android 4.x it removes the shared preferences (where
// we have stored our encrypted secret key) but not the key entry. Check for existence
// of key here as well.
if (!TextUtils.isEmpty(secretKey)) {
keyValid = true;
}
}
} catch (NullPointerException | UnrecoverableKeyException e) {
// Bad to catch null pointer exception, but looks like Android 4.4.x
// pin switch to password Keystore bug.
// https://issuetracker.google.com/issues/36983155
Log.e(LOG_TAG, "Failed to get key store entry", e);
}
if (!keyValid) {
synchronized (s_keyInitLock) {
// System upgrade or something made key invalid
removeKeys(keyStore);
initValidKeys();
}
}
}
}
protected void removeKeys(KeyStore keyStore) throws KeyStoreException {
keyStore.deleteEntry(KEY_ALIAS);
removeSavedSharedPreferences();
}
@RequiresApi(api = Build.VERSION_CODES.JELLY_BEAN_MR2)
private void initValidKeys() throws NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException, CertificateException, UnrecoverableEntryException, NoSuchPaddingException, KeyStoreException, InvalidKeyException, IOException {
synchronized (s_keyInitLock) {
if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) {
generateKeysForAPIMOrGreater();
} else {
generateKeysForAPILessThanM();
}
}
}
@SuppressLint("ApplySharedPref")
private void removeSavedSharedPreferences() {
SharedPreferences sharedPreferences = mContext.getSharedPreferences(SHARED_PREFERENCE_NAME, Context.MODE_PRIVATE);
boolean clearedPreferencesSuccessfully = sharedPreferences.edit().clear().commit();
Log.d(LOG_TAG, String.format("Cleared secret key shared preferences `%s`", clearedPreferencesSuccessfully));
}
@RequiresApi(api = Build.VERSION_CODES.JELLY_BEAN_MR2)
private void generateKeysForAPILessThanM() throws NoSuchProviderException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, CertificateException, UnrecoverableEntryException, NoSuchPaddingException, KeyStoreException, InvalidKeyException, IOException {
// Generate a key pair for encryption
Calendar start = Calendar.getInstance();
Calendar end = Calendar.getInstance();
end.add(Calendar.YEAR, 30);
KeyPairGeneratorSpec spec = new KeyPairGeneratorSpec.Builder(mContext)
.setAlias(KEY_ALIAS)
.setSubject(new X500Principal("CN=" + KEY_ALIAS))
.setSerialNumber(BigInteger.TEN)
.setStartDate(start.getTime())
.setEndDate(end.getTime())
.build();
KeyPairGenerator kpg = KeyPairGenerator.getInstance(RSA_ALGORITHM_NAME, ANDROID_KEY_STORE_NAME);
kpg.initialize(spec);
kpg.generateKeyPair();
saveEncryptedKey();
}
@SuppressLint("ApplySharedPref")
private void saveEncryptedKey() throws CertificateException, NoSuchPaddingException, InvalidKeyException, NoSuchAlgorithmException, KeyStoreException, NoSuchProviderException, UnrecoverableEntryException, IOException {
SharedPreferences pref = mContext.getSharedPreferences(SHARED_PREFERENCE_NAME, Context.MODE_PRIVATE);
String encryptedKeyBase64encoded = pref.getString(ENCRYPTED_KEY_NAME, null);
if (encryptedKeyBase64encoded == null) {
byte[] key = new byte[16];
SecureRandom secureRandom = new SecureRandom();
secureRandom.nextBytes(key);
byte[] encryptedKey = rsaEncryptKey(key);
encryptedKeyBase64encoded = Base64.encodeToString(encryptedKey, Base64.DEFAULT);
SharedPreferences.Editor edit = pref.edit();
edit.putString(ENCRYPTED_KEY_NAME, encryptedKeyBase64encoded);
boolean successfullyWroteKey = edit.commit();
if (successfullyWroteKey) {
Log.d(LOG_TAG, "Saved keys successfully");
} else {
Log.e(LOG_TAG, "Saved keys unsuccessfully");
throw new IOException("Could not save keys");
}
}
}
private Key getSecretKeyAPILessThanM() throws CertificateException, NoSuchPaddingException, InvalidKeyException, NoSuchAlgorithmException, KeyStoreException, NoSuchProviderException, UnrecoverableEntryException, IOException {
String encryptedKeyBase64Encoded = getSecretKeyFromSharedPreferences();
if (TextUtils.isEmpty(encryptedKeyBase64Encoded)) {
throw new InvalidKeyException("Saved key missing from shared preferences");
}
byte[] encryptedKey = Base64.decode(encryptedKeyBase64Encoded, Base64.DEFAULT);
byte[] key = rsaDecryptKey(encryptedKey);
return new SecretKeySpec(key, "AES");
}
private String getSecretKeyFromSharedPreferences() {
SharedPreferences sharedPreferences = mContext.getSharedPreferences(SHARED_PREFERENCE_NAME, Context.MODE_PRIVATE);
return sharedPreferences.getString(ENCRYPTED_KEY_NAME, null);
}
@RequiresApi(api = Build.VERSION_CODES.M)
protected void generateKeysForAPIMOrGreater() throws NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException {
KeyGenerator keyGenerator;
keyGenerator = KeyGenerator.getInstance(KeyProperties.KEY_ALGORITHM_AES, ANDROID_KEY_STORE_NAME);
keyGenerator.init(
new KeyGenParameterSpec.Builder(KEY_ALIAS,
KeyProperties.PURPOSE_ENCRYPT | KeyProperties.PURPOSE_DECRYPT)
.setBlockModes(KeyProperties.BLOCK_MODE_GCM)
.setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_NONE)
// NOTE no Random IV. According to above this is less secure but acceptably so.
.setRandomizedEncryptionRequired(false)
.build());
// Note according to [docs](https://developer.android.com/reference/android/security/keystore/KeyGenParameterSpec.html)
// this generation will also add it to the keystore.
keyGenerator.generateKey();
}
@RequiresApi(api = Build.VERSION_CODES.JELLY_BEAN_MR2)
public String encryptData(String stringDataToEncrypt) throws NoSuchPaddingException, NoSuchAlgorithmException, UnrecoverableEntryException, CertificateException, KeyStoreException, IOException, InvalidAlgorithmParameterException, InvalidKeyException, NoSuchProviderException, BadPaddingException, IllegalBlockSizeException {
initKeys();
if (stringDataToEncrypt == null) {
throw new IllegalArgumentException("Data to be decrypted must be non null");
}
Cipher cipher;
if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) {
cipher = Cipher.getInstance(AES_MODE_M_OR_GREATER);
cipher.init(Cipher.ENCRYPT_MODE, getSecretKeyAPIMorGreater(),
new GCMParameterSpec(128, FIXED_IV));
} else {
cipher = Cipher.getInstance(AES_MODE_LESS_THAN_M, CIPHER_PROVIDER_NAME_ENCRYPTION_DECRYPTION_AES);
try {
cipher.init(Cipher.ENCRYPT_MODE, getSecretKeyAPILessThanM());
} catch (InvalidKeyException | IOException | IllegalArgumentException e) {
// Since the keys can become bad (perhaps because of lock screen change)
// drop keys in this case.
removeKeys();
throw e;
}
}
byte[] encodedBytes = cipher.doFinal(stringDataToEncrypt.getBytes(CHARSET_NAME));
String encryptedBase64Encoded = Base64.encodeToString(encodedBytes, Base64.DEFAULT);
return encryptedBase64Encoded;
}
@RequiresApi(api = Build.VERSION_CODES.JELLY_BEAN_MR2)
public String decryptData(String encryptedData) throws NoSuchPaddingException, NoSuchAlgorithmException, UnrecoverableEntryException, CertificateException, KeyStoreException, IOException, InvalidAlgorithmParameterException, InvalidKeyException, NoSuchProviderException, BadPaddingException, IllegalBlockSizeException {
initKeys();
if (encryptedData == null) {
throw new IllegalArgumentException("Data to be decrypted must be non null");
}
byte[] encryptedDecodedData = Base64.decode(encryptedData, Base64.DEFAULT);
Cipher c;
try {
if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) {
c = Cipher.getInstance(AES_MODE_M_OR_GREATER);
c.init(Cipher.DECRYPT_MODE, getSecretKeyAPIMorGreater(), new GCMParameterSpec(128, FIXED_IV));
} else {
c = Cipher.getInstance(AES_MODE_LESS_THAN_M, CIPHER_PROVIDER_NAME_ENCRYPTION_DECRYPTION_AES);
c.init(Cipher.DECRYPT_MODE, getSecretKeyAPILessThanM());
}
} catch (InvalidKeyException | IOException e) {
// Since the keys can become bad (perhaps because of lock screen change)
// drop keys in this case.
removeKeys();
throw e;
}
byte[] decodedBytes = c.doFinal(encryptedDecodedData);
return new String(decodedBytes, CHARSET_NAME);
}
private Key getSecretKeyAPIMorGreater() throws CertificateException, NoSuchAlgorithmException, IOException, KeyStoreException, UnrecoverableKeyException {
KeyStore keyStore = KeyStore.getInstance(ANDROID_KEY_STORE_NAME);
keyStore.load(null);
return keyStore.getKey(KEY_ALIAS, null);
}
private byte[] rsaEncryptKey(byte[] secret) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException, NoSuchProviderException, NoSuchPaddingException, UnrecoverableEntryException, InvalidKeyException {
KeyStore keyStore = KeyStore.getInstance(ANDROID_KEY_STORE_NAME);
keyStore.load(null);
KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(KEY_ALIAS, null);
Cipher inputCipher = Cipher.getInstance(RSA_MODE, CIPHER_PROVIDER_NAME_ENCRYPTION_DECRYPTION_RSA);
inputCipher.init(Cipher.ENCRYPT_MODE, privateKeyEntry.getCertificate().getPublicKey());
ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
CipherOutputStream cipherOutputStream = new CipherOutputStream(outputStream, inputCipher);
cipherOutputStream.write(secret);
cipherOutputStream.close();
byte[] encryptedKeyAsByteArray = outputStream.toByteArray();
return encryptedKeyAsByteArray;
}
private byte[] rsaDecryptKey(byte[] encrypted) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException, UnrecoverableEntryException, NoSuchProviderException, NoSuchPaddingException, InvalidKeyException {
KeyStore keyStore = KeyStore.getInstance(ANDROID_KEY_STORE_NAME);
keyStore.load(null);
KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry)keyStore.getEntry(KEY_ALIAS, null);
Cipher output = Cipher.getInstance(RSA_MODE, CIPHER_PROVIDER_NAME_ENCRYPTION_DECRYPTION_RSA);
output.init(Cipher.DECRYPT_MODE, privateKeyEntry.getPrivateKey());
CipherInputStream cipherInputStream = new CipherInputStream(
new ByteArrayInputStream(encrypted), output);
ArrayList<Byte> values = new ArrayList<>();
int nextByte;
while ((nextByte = cipherInputStream.read()) != -1) {
values.add((byte)nextByte);
}
byte[] decryptedKeyAsBytes = new byte[values.size()];
for(int i = 0; i < decryptedKeyAsBytes.length; i++) {
decryptedKeyAsBytes[i] = values.get(i);
}
return decryptedKeyAsBytes;
}
public void removeKeys() throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException {
synchronized (s_keyInitLock) {
KeyStore keyStore = KeyStore.getInstance(ANDROID_KEY_STORE_NAME);
keyStore.load(null);
removeKeys(keyStore);
}
}
}
@jonahwh

This comment has been minimized.

Copy link

@jonahwh jonahwh commented Aug 15, 2017

Hi @Diederikjh, would you mind adding a license to this gist? Thanks!

@Diederikjh

This comment has been minimized.

Copy link
Owner Author

@Diederikjh Diederikjh commented Aug 21, 2017

MIT license, added to code.

@shahjahank08

This comment has been minimized.

Copy link

@shahjahank08 shahjahank08 commented May 27, 2019

Ref AES/ECB/PKCS7Padding algorithm is supported in api version 23+. how it is working for you below M?

@Qleoz12

This comment has been minimized.

Copy link

@Qleoz12 Qleoz12 commented Jun 20, 2019

in this line object pref isn't defined //boolean clearedPreferencesSuccessfully = pref.edit().clear().commit();
I add this code SharedPreferences pref = mContext.getSharedPreferences(SHARED_PREFERENCE_NAME, Context.MODE_PRIVATE);
but Im not sure if this the correct way to solved it, just only diference on the code I use androidx ->import androidx.annotation.RequiresApi;

@Diederikjh

This comment has been minimized.

Copy link
Owner Author

@Diederikjh Diederikjh commented Jun 22, 2019

Ref AES/ECB/PKCS7Padding algorithm is supported in api version 23+. how it is working for you below M?

That is weird, as this page says AES/ECB/PKCS7Padding (strictly PKCS5Padding) is supported from API level 1+.

@Diederikjh

This comment has been minimized.

Copy link
Owner Author

@Diederikjh Diederikjh commented Jun 22, 2019

in this line object pref isn't defined //boolean clearedPreferencesSuccessfully = pref.edit().clear().commit();
I add this code SharedPreferences pref = mContext.getSharedPreferences(SHARED_PREFERENCE_NAME, Context.MODE_PRIVATE);
but Im not sure if this the correct way to solved it, just only diference on the code I use androidx ->import androidx.annotation.RequiresApi;

Thanks for catching that one. I updated the code to get the shared preferences correctly.

I havn't converted this class to Android X yet, and will update this gist once I have. Thanks

@Qleoz12

This comment has been minimized.

Copy link

@Qleoz12 Qleoz12 commented Jun 24, 2019

I know you have developed a great work with this but could do you put an example? of use is that the key that returns me once I encrypted an "important" data is not where I should keep that password in a sharepreference or e DB room of my app or send to my server, obviusly I working in a sample project but I would like a opinion of one expert.

@Diederikjh

This comment has been minimized.

Copy link
Owner Author

@Diederikjh Diederikjh commented Jun 25, 2019

I know you have developed a great work with this but could do you put an example? of use is that the key that returns me once I encrypted an "important" data is not where I should keep that password in a sharepreference or e DB room of my app or send to my server, obviusly I working in a sample project but I would like a opinion of one expert.

The above class stores the keys in the Android KeyStore. This should be a secure place for they keys. (Older version of Android KeyStore could only store Asymmetric keys, so for these versions the secret key is stored in SharedPreferences but encrypted with the Asymmetric key. Basically what is happening at getSecretKeyAPIMorGreater() and getSecretKeyAPILessThanM())

@Diederikjh

This comment has been minimized.

Copy link
Owner Author

@Diederikjh Diederikjh commented Jun 26, 2019

I know you have developed a great work with this but could do you put an example? of use is that the key that returns me once I encrypted an "important" data is not where I should keep that password in a sharepreference or e DB room of my app or send to my server, obviusly I working in a sample project but I would like a opinion of one expert.

The above class stores the keys in the Android KeyStore. This should be a secure place for they keys. (Older version of Android KeyStore could only store Asymmetric keys, so for these versions the secret key is stored in SharedPreferences but encrypted with the Asymmetric key. Basically what is happening at getSecretKeyAPIMorGreater() and getSecretKeyAPILessThanM())

@Qleoz12

This comment has been minimized.

Copy link

@Qleoz12 Qleoz12 commented Jul 2, 2019

The above class stores the keys in the Android KeyStore. This should be a secure place for they keys. (Older version of Android KeyStore could only store Asymmetric keys, so for these versions the secret key is stored in SharedPreferences but encrypted with the Asymmetric key. Basically what is happening at getSecretKeyAPIMorGreater() and getSecretKeyAPILessThanM())

thank you for the answer and time, I understand you talkin about, but for I am be more especific check this class, I reffer the key with can I access to real data which it inside keystore coudl do you check this please(https://github.com/Qleoz12/PlanenSAS/blob/master/app/src/main/java/com/planensas/myapplication/utils/AppVault.java)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment