How to do AES Decryption in android, without writing decrypted file in SDcard storage, directly use into android application? or if any other way to do file encryption for offline data storage?
Asked
Active
Viewed 1,242 times
2
-
Encryption or decryption doesn't have anything to do where the data comes from or goes to. – Artjom B. Apr 29 '15 at 09:45
3 Answers
1
I used AES in android once, this is the method that I use to encrypt:
public static byte[] encryptAES(SecretKey key, byte[] clear) {
try {
SecretKeySpec skeySpec = new SecretKeySpec(key.getEncoded(), "AES");
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.ENCRYPT_MODE, skeySpec);
byte[] encrypted = cipher.doFinal(clear);
return encrypted;
} catch (Exception e) {
e.printStackTrace();
}
return null;
}
this is the decrypting method:
public static byte[] decryptAES(SecretKey key, byte[] encrypted) {
try {
SecretKeySpec skeySpec = new SecretKeySpec(key.getEncoded(), "AES");
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.DECRYPT_MODE, skeySpec);
byte[] decrypted = cipher.doFinal(encrypted);
return decrypted;
} catch (Exception e) {
e.printStackTrace();
}
return null;
}
The following method generates a random key for AES:
public SecretKey newAESKey() {
try {
String s_key = new BigInteger(130, random).toString(32);
KeyGenerator kgen = KeyGenerator.getInstance("AES");
SecureRandom sr = SecureRandom.getInstance("SHA1PRNG");
sr.setSeed(s_key.getBytes());
kgen.init(128, sr); // 192 and 256 bits may not be available
SecretKey skey = kgen.generateKey();
return skey;
} catch (Exception e) {
e.printStackTrace();
}
return null;
}
So first I generate a random AES key and then encrypt and decrypt bytes of what you want, in my case I used for String data.
SecretKey key = newAESkey();
....
String params = "....";
byte[] encrypted_params = encryptAES(key, params.getBytes());
Tofasio
- 425
- 3
- 14
-
Your key generation method is quite strange. You're using some `random` instance to generate a random BigInteger to then seed another SecureRandom instance with this BigInteger data. If the initial `random` is good then you don't need to seed another SecureRandom instance. If it is not good then this level of indirection doesn't give you anything better security-wise, because the whole thing uses the same level of bad entropy. – Artjom B. Apr 29 '15 at 09:43
-
1You're probably right, I have to improve the code. I was only trying to show Nataraj a basic implementation of AES encryption/decryption I used once. – Tofasio Apr 29 '15 at 09:48
1
I once used AES encryption and decryption on video files. I encrypted and decrypted it on the fly and ran it on the media player. This is the library I used.
http://libeasy.alwaysdata.net/network/#server
It actually first sends the encrypted file to the local server, decrypts it and sends it back. I used that incoming stream to play.
By local server I mean, it creates a local HTTP server in the android system.
You will find many examples for this on SO.
kerry
- 2,362
- 20
- 33
0
If you use IOCipher or SQLCipher, you can stream files directly out of them, so that eliminates the need to decrypt to the SD Card or elsewhere. They both use AES256 encryption and have been audited to some degree.
There are easy to add any Android app. IOCipher is the same API as java.io.* and SQLCipher is the same API and android.database.*, so they are both really easy to use. For storing files, you can make an virtual encrypted disk using IOCipher. For encrypted database storage, use SQLCipher for Android. The CacheWord library makes it easy to manage the user password for that encrypted storage.
Here's how to add them via gradle:
compile 'net.zetetic:android-database-sqlcipher:3.3.1-2@aar'
compile 'info.guardianproject.cacheword:cachewordlib:0.1'
compile 'info.guardianproject.iocipher:IOCipher:0.3'
Hans-Christoph Steiner
- 2,572
- 31
- 30