Yakiv Mospan yakivmospan

## BaseSecureActivity.kt
private var deviceSecurityAlert: AlertDialog? = null

override fun onStart() {
    super.onStart()
    if (!systemServices.isDeviceSecure()) {
        deviceSecurityAlert = systemServices.showDeviceSecurityAlert()
    }
}

## KeyStoreWrapper.kt
private val keyStore: KeyStore = createAndroidKeyStore()

private fun createAndroidKeyStore(): KeyStore {
    val keyStore = KeyStore.getInstance("AndroidKeyStore")
    keyStore.load(null)
    return keyStore
}

## KeyStoreWrapper.kt
@TargetApi(Build.VERSION_CODES.M)
private fun initGeneratorWithKeyGenParameterSpec(generator: KeyPairGenerator, alias: String) {
    val builder = KeyGenParameterSpec.Builder(alias, KeyProperties.PURPOSE_ENCRYPT or KeyProperties.PURPOSE_DECRYPT)
            .setBlockModes(KeyProperties.BLOCK_MODE_ECB)
            .setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_RSA_PKCS1)
    generator.initialize(builder.build())
}

## KeyStoreWrapper.kt
private fun initGeneratorWithKeyPairGeneratorSpec(generator: KeyPairGenerator, alias: String) {
    val startDate = Calendar.getInstance()
    val endDate = Calendar.getInstance()
    endDate.add(Calendar.YEAR, 20)

    val builder = KeyPairGeneratorSpec.Builder(context)
          .setAlias(alias)
          .setSerialNumber(BigInteger.ONE)
          .setSubject(X500Principal("CN=${alias} CA Certificate"))
          .setStartDate(startDate.time)

## KeyStoreWrapper.kt
fun getAndroidKeyStoreAsymmetricKeyPair(alias: String): KeyPair? {
       val privateKey = keyStore.getKey(alias, null) as PrivateKey?
       val publicKey = keyStore.getCertificate(alias)?.publicKey

   return if (privateKey != null && publicKey != null) {
       KeyPair(publicKey, privateKey)
   } else {
       null
   }
}

## CipherWrapper.kt
companion object {
    var TRANSFORMATION_ASYMMETRIC = "RSA/ECB/PKCS1Padding"
}

val cipher: Cipher = Cipher.getInstance(transformation)

## CipherWrapper.kt
fun encrypt(data: String, key: Key?): String {
    cipher.init(Cipher.ENCRYPT_MODE, key)
    val bytes = cipher.doFinal(data.toByteArray())
    return Base64.encodeToString(bytes, Base64.DEFAULT)
}

## CipherWrapper.kt
fun decrypt(data: String, key: Key?): String {
    cipher.init(Cipher.DECRYPT_MODE, key)
    val encryptedData = Base64.decode(data, Base64.DEFAULT)
    val decodedData = cipher.doFinal(encryptedData)
    return String(decodedData)
}

## KeyStoreWrapper.kt
fun createAndroidKeyStoreAsymmetricKey(alias: String): KeyPair {
    val generator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore")

    if (SystemServices.hasMarshmallow()) {
        initGeneratorWithKeyGenParameterSpec(generator, alias)
    } else {
        initGeneratorWithKeyPairGeneratorSpec(generator, alias)
    }

    // Generates Key with given spec and saves it to the KeyStore

## KeyStoreWrapper.kt
.setCertificateNotBefore(startDate) // By default, this date is Jan 1 1970.
.setCertificateNotAfter(endDate) // By default, this date is Jan 1 2048.
.setCertificateSerialNumber(number) // By default, the serial number is 1.
.setCertificateSubject(x500Principal) // By default, the subject is CN=fake.
	private var deviceSecurityAlert: AlertDialog? = null

	override fun onStart() {
	super.onStart()
	if (!systemServices.isDeviceSecure()) {
	deviceSecurityAlert = systemServices.showDeviceSecurityAlert()
	}
	}
	private val keyStore: KeyStore = createAndroidKeyStore()

	private fun createAndroidKeyStore(): KeyStore {
	val keyStore = KeyStore.getInstance("AndroidKeyStore")
	keyStore.load(null)
	return keyStore
	}
	@TargetApi(Build.VERSION_CODES.M)
	private fun initGeneratorWithKeyGenParameterSpec(generator: KeyPairGenerator, alias: String) {
	val builder = KeyGenParameterSpec.Builder(alias, KeyProperties.PURPOSE_ENCRYPT or KeyProperties.PURPOSE_DECRYPT)
	.setBlockModes(KeyProperties.BLOCK_MODE_ECB)
	.setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_RSA_PKCS1)
	generator.initialize(builder.build())
	}
	private fun initGeneratorWithKeyPairGeneratorSpec(generator: KeyPairGenerator, alias: String) {
	val startDate = Calendar.getInstance()
	val endDate = Calendar.getInstance()
	endDate.add(Calendar.YEAR, 20)

	val builder = KeyPairGeneratorSpec.Builder(context)
	.setAlias(alias)
	.setSerialNumber(BigInteger.ONE)
	.setSubject(X500Principal("CN=${alias} CA Certificate"))
	.setStartDate(startDate.time)
	fun getAndroidKeyStoreAsymmetricKeyPair(alias: String): KeyPair? {
	val privateKey = keyStore.getKey(alias, null) as PrivateKey?
	val publicKey = keyStore.getCertificate(alias)?.publicKey

	return if (privateKey != null && publicKey != null) {
	KeyPair(publicKey, privateKey)
	} else {
	null
	}
	}
	companion object {
	var TRANSFORMATION_ASYMMETRIC = "RSA/ECB/PKCS1Padding"
	}

	val cipher: Cipher = Cipher.getInstance(transformation)
	fun encrypt(data: String, key: Key?): String {
	cipher.init(Cipher.ENCRYPT_MODE, key)
	val bytes = cipher.doFinal(data.toByteArray())
	return Base64.encodeToString(bytes, Base64.DEFAULT)
	}
	fun decrypt(data: String, key: Key?): String {
	cipher.init(Cipher.DECRYPT_MODE, key)
	val encryptedData = Base64.decode(data, Base64.DEFAULT)
	val decodedData = cipher.doFinal(encryptedData)
	return String(decodedData)
	}
	fun createAndroidKeyStoreAsymmetricKey(alias: String): KeyPair {
	val generator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore")

	if (SystemServices.hasMarshmallow()) {
	initGeneratorWithKeyGenParameterSpec(generator, alias)
	} else {
	initGeneratorWithKeyPairGeneratorSpec(generator, alias)
	}

	// Generates Key with given spec and saves it to the KeyStore
	.setCertificateNotBefore(startDate) // By default, this date is Jan 1 1970.
	.setCertificateNotAfter(endDate) // By default, this date is Jan 1 2048.
	.setCertificateSerialNumber(number) // By default, the serial number is 1.
	.setCertificateSubject(x500Principal) // By default, the subject is CN=fake.