AES encryption example for android

AES256Cipher.java

/** Created by Awesometic
 * references: https://gist.github.com/dealforest/1949873
 * This source is updated example code of above source code.
 * I added it two functions that are make random IV and make random 256 bit key.
 * It's encrypt returns Base64 encoded cipher, and also decrpyt for Base64 encoded Cipher
 */
import android.util.Base64;

import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

import java.nio.charset.StandardCharsets;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.InvalidAlgorithmParameterException;
import java.security.SecureRandom;
import java.security.spec.AlgorithmParameterSpec;

public class AES256Cipher {

    public static byte[] getRandomAesCryptKey() {
        try {
            MessageDigest sha256Hash = MessageDigest.getInstance("SHA-256");
            sha256Hash.update(Constants.AES256_KEY_SALT.getBytes(StandardCharsets.UTF_8));

            return sha256Hash.digest();
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();

            return null;
        }
    }

    public static byte[] getRandomAesCryptIv() {
        byte[] randomBytes = new byte[16];
        new SecureRandom().nextBytes(randomBytes);

        return new IvParameterSpec(randomBytes).getIV();
    }

    public static String encrypt(byte[] aesCryptKey, byte[] aesCryptIv, String plainText)
            throws java.io.UnsupportedEncodingException,
            NoSuchAlgorithmException,
            NoSuchPaddingException,
            InvalidKeyException,
            InvalidAlgorithmParameterException,
            IllegalBlockSizeException,
            BadPaddingException {

        AlgorithmParameterSpec ivSpec = new IvParameterSpec(aesCryptIv);
        SecretKeySpec newKey = new SecretKeySpec(aesCryptKey, "AES");
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
        cipher.init(Cipher.ENCRYPT_MODE, newKey, ivSpec);

        return Base64.encodeToString(cipher.doFinal(plainText.getBytes(StandardCharsets.UTF_8)), Base64.DEFAULT);
    }

    public static String decrypt(byte[] aesCryptKey, byte[] aesCryptIv, String cipherText)
            throws java.io.UnsupportedEncodingException,
            NoSuchAlgorithmException,
            NoSuchPaddingException,
            InvalidKeyException,
            InvalidAlgorithmParameterException,
            IllegalBlockSizeException,
            BadPaddingException {

        AlgorithmParameterSpec ivSpec = new IvParameterSpec(aesCryptIv);
        SecretKeySpec newKey = new SecretKeySpec(aesCryptKey, "AES");
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
        cipher.init(Cipher.DECRYPT_MODE, newKey, ivSpec);

        return new String(cipher.doFinal(Base64.decode(cipherText, Base64.DEFAULT)), "UTF-8");
    }
}

블로그 보고 따라하는 중에 막히는 부분이 있어서 도움을 주시면 감사하겠습니다.

서버에서 RSA Key Pair 를 만들고,
var keyPair = rsaChipher.getKeyPair();

클라이언트는 AES를 통해 평문 데이터를 암호화하고,
String encryptStr = AES256Cipher.encrypt(AES256Cipher.getRandomAesCryptKey(),AES256Cipher.getRandomAesCryptIv(),"1111");

RSA 공개 키를 통해
String rsaPublicKey = rsaCipher.getPublicKey("base64");

AES 대칭 키를 암호화 해 서버로 보내면 된다.
이부분에서 막히는데요..
ASE 대칭키를 암호화 하는 방법이 어떻게 돼는지 궁금합니다.

받은 서버는 RSA 비밀 키로 암호화된 AES 대칭 키를 복호화한 뒤,
이부분에서 아래 함수를 호출하면 돼는지요. 매개변수 cryptKey, cryptIv, encrypted 는 어떤값을 넣어야 하는지도 궁금합니다.
AESCrypt.decrypt = function(cryptKey, cryptIv, encrypted)

그 AES 대칭 키로 AES 암호화 된 평문 데이터를 복호화 한다