Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Single class that handles encryption and decryption with keys using the Android `Keystore` API. Mostly inspired by this [blog post](https://medium.com/@ericfu/securely-storing-secrets-in-an-android-application-501f030ae5a3). This was tested with API 18 and 25 level emulator (and a level 23 device).
package com.example.yourapp;
import android.annotation.SuppressLint;
import android.content.Context;
import android.content.SharedPreferences;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.KeyProperties;
import android.support.annotation.RequiresApi;
import android.text.TextUtils;
import android.util.Base64;
import android.util.Log;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SecureRandom;
import java.security.UnrecoverableEntryException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.util.ArrayList;
import java.util.Calendar;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;
/*
MIT License: https://opensource.org/licenses/MIT
Copyright 2017 Diederik Hattingh
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
*/
/*
Change log:
2018-08-02:
Also catch `UnrecoverableKeyException` on `keyStore.getEntry`.
2018-07-26:
Added lock for multi threaded case.
Fix Null pointer exception when clearing app data on Android 4.x
A NOTE for Android < 6.0
Please note that changing the pin/pattern on the lock screen as described
[here](https://doridori.github.io/android-security-the-forgetful-keystore/#sthash.tsqatJDu.dpbs) on Android < 6.0 will
delete the keystore, and leave your encrypted data useless.
So this is only useful for saving data that a user can re-generate with some ease. Cookies from a server for example.
*/
public class Cryptography {
private static final String ANDROID_KEY_STORE_NAME = "AndroidKeyStore";
private static final String AES_MODE_M_OR_GREATER = "AES/GCM/NoPadding";
private static final String AES_MODE_LESS_THAN_M = "AES/ECB/PKCS7Padding";
private static final String KEY_ALIAS = "YOUR-KeyAliasForEncryption";
// TODO update these bytes to be random for IV of encryption
private static final byte[] FIXED_IV = new byte[]{ 55, 54, 53, 52, 51, 50,
49, 48, 47,
46, 45, 44 };
private static final String CHARSET_NAME = "UTF-8";
private static final String RSA_ALGORITHM_NAME = "RSA";
private static final String RSA_MODE = "RSA/ECB/PKCS1Padding";
private static final String CIPHER_PROVIDER_NAME_ENCRYPTION_DECRYPTION_RSA = "AndroidOpenSSL";
private static final String CIPHER_PROVIDER_NAME_ENCRYPTION_DECRYPTION_AES = "BC";
private static final String SHARED_PREFERENCE_NAME = "YOUR-EncryptedKeysSharedPreferences";
private static final String ENCRYPTED_KEY_NAME = "YOUR-EncryptedKeysKeyName";
private static final String LOG_TAG = Cryptography.class.getName();
private final Context mContext;
private final static Object s_keyInitLock = new Object();
public Cryptography(Context context) {
mContext = context;
}
// Using algorithm as described at https://medium.com/@ericfu/securely-storing-secrets-in-an-android-application-501f030ae5a3
@RequiresApi(api = Build.VERSION_CODES.JELLY_BEAN_MR2)
private void initKeys() throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException, NoSuchProviderException, InvalidAlgorithmParameterException, UnrecoverableEntryException, NoSuchPaddingException, InvalidKeyException {
KeyStore keyStore = KeyStore.getInstance(ANDROID_KEY_STORE_NAME);
keyStore.load(null);
if (!keyStore.containsAlias(KEY_ALIAS)) {
initValidKeys();
} else {
boolean keyValid = false;
try {
KeyStore.Entry keyEntry = keyStore.getEntry(KEY_ALIAS, null);
if (keyEntry instanceof KeyStore.SecretKeyEntry &&
Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) {
keyValid = true;
}
if (keyEntry instanceof KeyStore.PrivateKeyEntry && Build.VERSION.SDK_INT < Build.VERSION_CODES.M) {
String secretKey = getSecretKeyFromSharedPreferences();
// When doing "Clear data" on Android 4.x it removes the shared preferences (where
// we have stored our encrypted secret key) but not the key entry. Check for existence
// of key here as well.
if (!TextUtils.isEmpty(secretKey)) {
keyValid = true;
}
}
} catch (NullPointerException | UnrecoverableKeyException e) {
// Bad to catch null pointer exception, but looks like Android 4.4.x
// pin switch to password Keystore bug.
// https://issuetracker.google.com/issues/36983155
Log.e(LOG_TAG, "Failed to get key store entry", e);
}
if (!keyValid) {
synchronized (s_keyInitLock) {
// System upgrade or something made key invalid
removeKeys(keyStore);
initValidKeys();
}
}
}
}
protected void removeKeys(KeyStore keyStore) throws KeyStoreException {
keyStore.deleteEntry(KEY_ALIAS);
removeSavedSharedPreferences();
}
@RequiresApi(api = Build.VERSION_CODES.JELLY_BEAN_MR2)
private void initValidKeys() throws NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException, CertificateException, UnrecoverableEntryException, NoSuchPaddingException, KeyStoreException, InvalidKeyException, IOException {
synchronized (s_keyInitLock) {
if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) {
generateKeysForAPIMOrGreater();
} else {
generateKeysForAPILessThanM();
}
}
}
@SuppressLint("ApplySharedPref")
private void removeSavedSharedPreferences() {
SharedPreferences sharedPreferences = mContext.getSharedPreferences(SHARED_PREFERENCE_NAME, Context.MODE_PRIVATE);
boolean clearedPreferencesSuccessfully = sharedPreferences.edit().clear().commit();
Log.d(LOG_TAG, String.format("Cleared secret key shared preferences `%s`", clearedPreferencesSuccessfully));
}
@RequiresApi(api = Build.VERSION_CODES.JELLY_BEAN_MR2)
private void generateKeysForAPILessThanM() throws NoSuchProviderException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, CertificateException, UnrecoverableEntryException, NoSuchPaddingException, KeyStoreException, InvalidKeyException, IOException {
// Generate a key pair for encryption
Calendar start = Calendar.getInstance();
Calendar end = Calendar.getInstance();
end.add(Calendar.YEAR, 30);
KeyPairGeneratorSpec spec = new KeyPairGeneratorSpec.Builder(mContext)
.setAlias(KEY_ALIAS)
.setSubject(new X500Principal("CN=" + KEY_ALIAS))
.setSerialNumber(BigInteger.TEN)
.setStartDate(start.getTime())
.setEndDate(end.getTime())
.build();
KeyPairGenerator kpg = KeyPairGenerator.getInstance(RSA_ALGORITHM_NAME, ANDROID_KEY_STORE_NAME);
kpg.initialize(spec);
kpg.generateKeyPair();
saveEncryptedKey();
}
@SuppressLint("ApplySharedPref")
private void saveEncryptedKey() throws CertificateException, NoSuchPaddingException, InvalidKeyException, NoSuchAlgorithmException, KeyStoreException, NoSuchProviderException, UnrecoverableEntryException, IOException {
SharedPreferences pref = mContext.getSharedPreferences(SHARED_PREFERENCE_NAME, Context.MODE_PRIVATE);
String encryptedKeyBase64encoded = pref.getString(ENCRYPTED_KEY_NAME, null);
if (encryptedKeyBase64encoded == null) {
byte[] key = new byte[16];
SecureRandom secureRandom = new SecureRandom();
secureRandom.nextBytes(key);
byte[] encryptedKey = rsaEncryptKey(key);
encryptedKeyBase64encoded = Base64.encodeToString(encryptedKey, Base64.DEFAULT);
SharedPreferences.Editor edit = pref.edit();
edit.putString(ENCRYPTED_KEY_NAME, encryptedKeyBase64encoded);
boolean successfullyWroteKey = edit.commit();
if (successfullyWroteKey) {
Log.d(LOG_TAG, "Saved keys successfully");
} else {
Log.e(LOG_TAG, "Saved keys unsuccessfully");
throw new IOException("Could not save keys");
}
}
}
private Key getSecretKeyAPILessThanM() throws CertificateException, NoSuchPaddingException, InvalidKeyException, NoSuchAlgorithmException, KeyStoreException, NoSuchProviderException, UnrecoverableEntryException, IOException {
String encryptedKeyBase64Encoded = getSecretKeyFromSharedPreferences();
if (TextUtils.isEmpty(encryptedKeyBase64Encoded)) {
throw new InvalidKeyException("Saved key missing from shared preferences");
}
byte[] encryptedKey = Base64.decode(encryptedKeyBase64Encoded, Base64.DEFAULT);
byte[] key = rsaDecryptKey(encryptedKey);
return new SecretKeySpec(key, "AES");
}
private String getSecretKeyFromSharedPreferences() {
SharedPreferences sharedPreferences = mContext.getSharedPreferences(SHARED_PREFERENCE_NAME, Context.MODE_PRIVATE);
return sharedPreferences.getString(ENCRYPTED_KEY_NAME, null);
}
@RequiresApi(api = Build.VERSION_CODES.M)
protected void generateKeysForAPIMOrGreater() throws NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException {
KeyGenerator keyGenerator;
keyGenerator = KeyGenerator.getInstance(KeyProperties.KEY_ALGORITHM_AES, ANDROID_KEY_STORE_NAME);
keyGenerator.init(
new KeyGenParameterSpec.Builder(KEY_ALIAS,
KeyProperties.PURPOSE_ENCRYPT | KeyProperties.PURPOSE_DECRYPT)
.setBlockModes(KeyProperties.BLOCK_MODE_GCM)
.setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_NONE)
// NOTE no Random IV. According to above this is less secure but acceptably so.
.setRandomizedEncryptionRequired(false)
.build());
// Note according to [docs](https://developer.android.com/reference/android/security/keystore/KeyGenParameterSpec.html)
// this generation will also add it to the keystore.
keyGenerator.generateKey();
}
@RequiresApi(api = Build.VERSION_CODES.JELLY_BEAN_MR2)
public String encryptData(String stringDataToEncrypt) throws NoSuchPaddingException, NoSuchAlgorithmException, UnrecoverableEntryException, CertificateException, KeyStoreException, IOException, InvalidAlgorithmParameterException, InvalidKeyException, NoSuchProviderException, BadPaddingException, IllegalBlockSizeException {
initKeys();
if (stringDataToEncrypt == null) {
throw new IllegalArgumentException("Data to be decrypted must be non null");
}
Cipher cipher;
if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) {
cipher = Cipher.getInstance(AES_MODE_M_OR_GREATER);
cipher.init(Cipher.ENCRYPT_MODE, getSecretKeyAPIMorGreater(),
new GCMParameterSpec(128, FIXED_IV));
} else {
cipher = Cipher.getInstance(AES_MODE_LESS_THAN_M, CIPHER_PROVIDER_NAME_ENCRYPTION_DECRYPTION_AES);
try {
cipher.init(Cipher.ENCRYPT_MODE, getSecretKeyAPILessThanM());
} catch (InvalidKeyException | IOException | IllegalArgumentException e) {
// Since the keys can become bad (perhaps because of lock screen change)
// drop keys in this case.
removeKeys();
throw e;
}
}
byte[] encodedBytes = cipher.doFinal(stringDataToEncrypt.getBytes(CHARSET_NAME));
String encryptedBase64Encoded = Base64.encodeToString(encodedBytes, Base64.DEFAULT);
return encryptedBase64Encoded;
}
@RequiresApi(api = Build.VERSION_CODES.JELLY_BEAN_MR2)
public String decryptData(String encryptedData) throws NoSuchPaddingException, NoSuchAlgorithmException, UnrecoverableEntryException, CertificateException, KeyStoreException, IOException, InvalidAlgorithmParameterException, InvalidKeyException, NoSuchProviderException, BadPaddingException, IllegalBlockSizeException {
initKeys();
if (encryptedData == null) {
throw new IllegalArgumentException("Data to be decrypted must be non null");
}
byte[] encryptedDecodedData = Base64.decode(encryptedData, Base64.DEFAULT);
Cipher c;
try {
if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) {
c = Cipher.getInstance(AES_MODE_M_OR_GREATER);
c.init(Cipher.DECRYPT_MODE, getSecretKeyAPIMorGreater(), new GCMParameterSpec(128, FIXED_IV));
} else {
c = Cipher.getInstance(AES_MODE_LESS_THAN_M, CIPHER_PROVIDER_NAME_ENCRYPTION_DECRYPTION_AES);
c.init(Cipher.DECRYPT_MODE, getSecretKeyAPILessThanM());
}
} catch (InvalidKeyException | IOException e) {
// Since the keys can become bad (perhaps because of lock screen change)
// drop keys in this case.
removeKeys();
throw e;
}
byte[] decodedBytes = c.doFinal(encryptedDecodedData);
return new String(decodedBytes, CHARSET_NAME);
}
private Key getSecretKeyAPIMorGreater() throws CertificateException, NoSuchAlgorithmException, IOException, KeyStoreException, UnrecoverableKeyException {
KeyStore keyStore = KeyStore.getInstance(ANDROID_KEY_STORE_NAME);
keyStore.load(null);
return keyStore.getKey(KEY_ALIAS, null);
}
private byte[] rsaEncryptKey(byte[] secret) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException, NoSuchProviderException, NoSuchPaddingException, UnrecoverableEntryException, InvalidKeyException {
KeyStore keyStore = KeyStore.getInstance(ANDROID_KEY_STORE_NAME);
keyStore.load(null);
KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(KEY_ALIAS, null);
Cipher inputCipher = Cipher.getInstance(RSA_MODE, CIPHER_PROVIDER_NAME_ENCRYPTION_DECRYPTION_RSA);
inputCipher.init(Cipher.ENCRYPT_MODE, privateKeyEntry.getCertificate().getPublicKey());
ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
CipherOutputStream cipherOutputStream = new CipherOutputStream(outputStream, inputCipher);
cipherOutputStream.write(secret);
cipherOutputStream.close();
byte[] encryptedKeyAsByteArray = outputStream.toByteArray();
return encryptedKeyAsByteArray;
}
private byte[] rsaDecryptKey(byte[] encrypted) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException, UnrecoverableEntryException, NoSuchProviderException, NoSuchPaddingException, InvalidKeyException {
KeyStore keyStore = KeyStore.getInstance(ANDROID_KEY_STORE_NAME);
keyStore.load(null);
KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry)keyStore.getEntry(KEY_ALIAS, null);
Cipher output = Cipher.getInstance(RSA_MODE, CIPHER_PROVIDER_NAME_ENCRYPTION_DECRYPTION_RSA);
output.init(Cipher.DECRYPT_MODE, privateKeyEntry.getPrivateKey());
CipherInputStream cipherInputStream = new CipherInputStream(
new ByteArrayInputStream(encrypted), output);
ArrayList<Byte> values = new ArrayList<>();
int nextByte;
while ((nextByte = cipherInputStream.read()) != -1) {
values.add((byte)nextByte);
}
byte[] decryptedKeyAsBytes = new byte[values.size()];
for(int i = 0; i < decryptedKeyAsBytes.length; i++) {
decryptedKeyAsBytes[i] = values.get(i);
}
return decryptedKeyAsBytes;
}
public void removeKeys() throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException {
synchronized (s_keyInitLock) {
KeyStore keyStore = KeyStore.getInstance(ANDROID_KEY_STORE_NAME);
keyStore.load(null);
removeKeys(keyStore);
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment