Reading encrypted files on Android device without copying them to another location?

Question

I have encrypted fiiles in the external Storage dir / the SD card. The files are crypted

images (jpg, bmp,...)
videos (3gp, mp4,...)
Pdfs

I want to load the bitmaps, videos or pdfs to load them in my ImageView, VideoView or open them via a pdf viewer. The problem is the files are secret. I dont want the files to be stored to open them. They could be read by others during the PDFviewer shows them for example.

Is there a way to directly open an image or pdf even though it is encrypted without copying an unencrypted copy?

Does http://stackoverflow.com/questions/8165216/what-is-the-use-of-memoryfile-in-android help? — Maarten Bodewes, Dec 12 '13 at 22:28
Sounds very interesting. But there are not much code samples around. Do you know what exactly it is used for? — softwaresupply, Dec 13 '13 at 12:40

score 1 · Answer 1 · answered Dec 12 '13 at 22:53

1

If you want to keep your files as secret as possible for your app, I would use

javax.crypto.CipherInputStream

or a customized subclass of it. To do that you'll have to display your content embedded in your app, which is pretty straightforward for images and video. For PDFs you'll need to add a control which can display that kind of file to prevent others from getting access to the content.

Hope it helps.

answered Dec 12 '13 at 22:53

Junior Buckeridge

2,075
2
21
27

Looks straigt forward with a cipherSTream. But that cipherstream uses the initalization as shown here: http://stackoverflow.com/questions/9156545/android-file-cryptography What I want is a custom cipher way as shown here: http://stackoverflow.com/questions/20531329/hot-to-encrypt-in-java-and-decrypt-in-android-and-ios . So I do not have a Cipher object to initalize the stream. I think this will not work then? – softwaresupply Dec 13 '13 at 11:53

score 0 · Answer 2 · answered Dec 12 '13 at 23:41

You cite three scenarios: images into an ImageView, videos into a VideoView, and PDFs to a third-party app.

Images are easy. Make sure your decryption logic can give you an InputStream of the decrypted contents, then use appropriate methods on BitmapFactory.

I am not aware of a way to reliably serve videos to VideoView from an encrypted source. I know some people have experimented with embedding an HTTP server and streaming it.

You can publish a ContentProvider that supplies the decrypted content of a PDF to a third party app. This sample app just reads in the file, but you could use the same approach to decrypt it along the way.

All of this assumes that the user is the one responsible for requesting that this content be encrypted, and that you have collected a passphrase from the user. If, instead, your vision is that you are trying a DRM solution, anyone who wants to will be able to decrypt your content by reverse-engineering your app.

Ok. I use this algorithm: http://stackoverflow.com/questions/20531329/hot-to-encrypt-in-java-and-decrypt-in-android-and-ios For images i decrypt to plain byte[] and the use the BitmapFactory on it. Are there any ideas for videos? Maybe I can copy them into the local app files directory, open it, and immedeately delete it? Can you explaint the Content provider approach? Maybe an external PDF library can do the job? — softwaresupply, Dec 13 '13 at 11:58

Reading encrypted files on Android device without copying them to another location?

2 Answers2