yakivmospan/SystemServices.kt

## SystemServices.kt
val message = "Very large message, bigger then 250 symblos..."

// Simple Shared Preferences wrapper, will be used to save wrapped key
val storage = Storage(context)

// Creates Android Key Store and provides manage functions
val keyStoreWrapper = KeyStoreWrapper(context)

// Running M and later, use one symmetric key
if (SystemServices.hasMarshmallow()) {

  // Create and Save asymmetric key
  keyStoreWrapper.createAndroidKeyStoreSymmetricKey("MASTER_KEY")

  // Get key from keyStore
  val masterKey = keyStoreWrapper.getAndroidKeyStoreSymmetricKey("MASTER_KEY")

  // Creates Cipher with symmetric transformation and provides encrypt and decrypt functions
  val cipher = CipherWrapper("AES/CBC/PKCS7Padding")

  // Encrypt message
  val encryptedMessage = cipher.encrypt(message, masterKey)

  // Decrypt message
  val decryptedMessage = cipher.decrypt(encryptedMessage, masterKey)

  // Ooops, InvalidKeyException: no IV set when one expected
}

// Before M, use two, asymmetric and symmetric, keys
else{

  // Creates Cipher with asymmetric transformation and provides wrap and unwrap functions
  val cipherForWrapping = CipherWrapper("RSA/ECB/PKCS1Padding")

  // Creates Cipher with symmetric transformation and provides encrypt and decrypt functions
  val cipherForEncryption = CipherWrapper("AES/CBC/PKCS7Padding")

  // ---------------- Create Keys

  // Create AES BC provider key
  val symmetricKey = keyStoreWrapper.generateDefaultSymmetricKey()

  // Create RSA AndroidKeyStore Provider key and save it into keystore
  val masterKey = keyStoreWrapper.createAndroidKeyStoreAsymmetricKey(MASTER_KEY)

  // Wrap AES Secret key with RSA Public key
  val encryptedSymmetricKey = cipherForWrapping.wrapKey(symmetricKey, masterKey.public)

  // And save it to Shared Preferences
  storage.saveEncryptionKey(encryptedSymmetricKey)

  //----------------- Encrypt / Decrypt with keys

  // Get RSA master key from Android Key Store
  masterKey = keyStoreWrapper.getAndroidKeyStoreAsymmetricKeyPair("MASTER_KEY")

  // Get AES wrapped raw data from preferences
  val encryptionKey = storage.getEncryptionKey()

  // Unwrap AES key data with RSA Private key
  symmetricKey = cipherForWrapping.unWrapKey(encryptionKey, ALGORITHM_AES, Cipher.SECRET_KEY, masterKey?.private) as SecretKey

  // Encrypt message with AES Secret key
  val encryptedMessage = cipherForEncryption.encrypt(message, symmetricKey)

  // Encrypt message with AES Secret key
  val decryptedMessage = cipherForEncryption.decrypt(encryptedMessage, symmetricKey)

  // Ooops, InvalidKeyException: no IV set when one expected
}
	val message = "Very large message, bigger then 250 symblos..."

	// Simple Shared Preferences wrapper, will be used to save wrapped key
	val storage = Storage(context)

	// Creates Android Key Store and provides manage functions
	val keyStoreWrapper = KeyStoreWrapper(context)

	// Running M and later, use one symmetric key
	if (SystemServices.hasMarshmallow()) {

	// Create and Save asymmetric key
	keyStoreWrapper.createAndroidKeyStoreSymmetricKey("MASTER_KEY")

	// Get key from keyStore
	val masterKey = keyStoreWrapper.getAndroidKeyStoreSymmetricKey("MASTER_KEY")

	// Creates Cipher with symmetric transformation and provides encrypt and decrypt functions
	val cipher = CipherWrapper("AES/CBC/PKCS7Padding")

	// Encrypt message
	val encryptedMessage = cipher.encrypt(message, masterKey)

	// Decrypt message
	val decryptedMessage = cipher.decrypt(encryptedMessage, masterKey)

	// Ooops, InvalidKeyException: no IV set when one expected
	}

	// Before M, use two, asymmetric and symmetric, keys
	else{

	// Creates Cipher with asymmetric transformation and provides wrap and unwrap functions
	val cipherForWrapping = CipherWrapper("RSA/ECB/PKCS1Padding")

	// Creates Cipher with symmetric transformation and provides encrypt and decrypt functions
	val cipherForEncryption = CipherWrapper("AES/CBC/PKCS7Padding")

	// ---------------- Create Keys

	// Create AES BC provider key
	val symmetricKey = keyStoreWrapper.generateDefaultSymmetricKey()

	// Create RSA AndroidKeyStore Provider key and save it into keystore
	val masterKey = keyStoreWrapper.createAndroidKeyStoreAsymmetricKey(MASTER_KEY)

	// Wrap AES Secret key with RSA Public key
	val encryptedSymmetricKey = cipherForWrapping.wrapKey(symmetricKey, masterKey.public)

	// And save it to Shared Preferences
	storage.saveEncryptionKey(encryptedSymmetricKey)

	//----------------- Encrypt / Decrypt with keys

	// Get RSA master key from Android Key Store
	masterKey = keyStoreWrapper.getAndroidKeyStoreAsymmetricKeyPair("MASTER_KEY")

	// Get AES wrapped raw data from preferences
	val encryptionKey = storage.getEncryptionKey()

	// Unwrap AES key data with RSA Private key
	symmetricKey = cipherForWrapping.unWrapKey(encryptionKey, ALGORITHM_AES, Cipher.SECRET_KEY, masterKey?.private) as SecretKey

	// Encrypt message with AES Secret key
	val encryptedMessage = cipherForEncryption.encrypt(message, symmetricKey)

	// Encrypt message with AES Secret key
	val decryptedMessage = cipherForEncryption.decrypt(encryptedMessage, symmetricKey)

	// Ooops, InvalidKeyException: no IV set when one expected
	}