3

As I am new to encryption and particularly in Java/Android, I am struggling to find tutorials and code that work fine so that I can learn from them but the results.

As in this site: https://www.owasp.org/index.php/Using_the_Java_Cryptographic_Extensions

I couldn't find the problem that hit me with BASE64Encoder class, which seems to be inside package a sun.utils but I can find Base64 class but I could not tweak code so that it could work for me.

Similarly in this

android encryption/decryption with AES

The encryption is done in Bitmap Image I could not realize the same technique in normal text string.

Would someone supply a simple AES encryption/decryption example in Android just showing how to use key,message, encryption and decryption?

halfer
  • 19,824
  • 17
  • 99
  • 186
erluxman
  • 18,155
  • 20
  • 92
  • 126
  • is this for login or any other ? – GvSharma May 24 '16 at 04:59
  • this is for hiding some data offline in resource which are strictly copyrighted and high in demand – erluxman May 24 '16 at 05:22
  • This question was/is off-topic, since it is asking for an example. However it also seems to be a duplicate [of this question](https://stackoverflow.com/questions/6788018/android-encryption-decryption-with-aes). – halfer Oct 01 '17 at 11:15

4 Answers4

1

I have used this for my project.

'com.scottyab:aescrypt:0.0.1'(ref: [enter link description here][1]

encryption:

String encryptedMsg = AESCrypt.encrypt(password, message);

decryption:

String messageAfterDecrypt = AESCrypt.decrypt(password, encryptedMsg);

if you are more concerned about security go with SHA1 or SHA256. Hope this helps.

Edit: In my case, i have to encrypt login password and send it to server over the network.

String userPassword = password.getText().toString();
try {
        encryptedMsg = AESCrypt.encrypt(userPassword, Config.secretlogin);
   } catch (GeneralSecurityException e) {
        e.printStackTrace();
   }

So in backend, i have decrypted the secure password with the key and in both sides i am using the same AES(Android and backend).

GvSharma
  • 2,632
  • 1
  • 24
  • 30
  • i tried it but it says bad padding exception when i try to decrypt the data that i encrypted using AES encryption online 1.I encrypted the string using http://aesencryption.net/ 2.I encryted the same string using the library your mentioned. 3. the encrypted data are different 4.and android studio shows javax.crypto.BadPaddingException: error:1e06b065:Cipher functions:EVP_DecryptFinal_ex:BAD_DECRYPT exception while decrypting – erluxman May 24 '16 at 05:43
  • let me edit my answer with what i have tried in my case. – GvSharma May 24 '16 at 05:45
  • It is a deprecated repository – IgorGanapolsky May 27 '18 at 20:41
  • glad you mentioned it, can you update here whats the latest version? – GvSharma Jun 06 '18 at 06:23
0

I couldn't find the problem that hit me with BASE64Encoder class, which seems to be inside package a sun.utils but i can find Base64 class but i could not tweak code so that it could work for me.

You might not be using the right library for Base64. You mention sun.utils, where the link you sent is using:

import org.apache.commons.codec.binary.Base64;

Since Java 8, you can use java.util.Base64, as detailed on Oracle documentation here. It supports Basic encoding, URL encoding and MIME encoding. You can find some examples in this tutorial.

joel314
  • 1,060
  • 1
  • 8
  • 22
0

The second example should work for text strings. Replace 

byte[] b = baos.toByteArray();

with 

byte[] b = yourString.getBytes();

Note that you have to store the key in some way because at some point have to be deciphered

Stored on the device is not a good idea because you're leaving the key to the door. You can store on your server or use a passphrase (fixed or asked the user). I give you a real sample of the last option

private static String getPassphraseSize16(String key) {
    if (TextUtils.isEmpty(key)) {
        return null;
    }
    char controlChar = '\u0014';
    String key16 = key + controlChar;
    if (key16.length() < 16) {
        while (key16.length() < 16) {
            key16 += key + controlChar;
        }
    }
    if (key16.length() > 16) {
        key16 = key16.substring(key16.length() - 16, key16.length());
    }
    return key16;
}


public static byte[] encodeAES(byte[] message, String passphrase) {
    String passphrase16 = getPassphraseSize16(passphrase);
    SecretKeySpec secretKey = new SecretKeySpec(passphrase16.getBytes(), "AES");
    Cipher cipher = Cipher.getInstance("AES");
    cipher.init(Cipher.ENCRYPT_MODE, secretKey);
    byte[] encodedText = cipher.doFinal(message);

    return encodedText;
}


public static byte[] decodeAES(byte[] encodedMessage, String key) {
    String passphrase16 = getPassphraseSize16(key);
    SecretKeySpec secretKey = new SecretKeySpec(passphrase16.getBytes(), "AES");
    Cipher cipher = Cipher.getInstance("AES");
    cipher.init(Cipher.DECRYPT_MODE, secretKey);
    byte[] decodedText = cipher.doFinal(encodedMessage);

    return decodedText;
}

This example is similar to provided in https://github.com/scottyab/AESCrypt-Android

pedrofb
  • 37,271
  • 5
  • 94
  • 142
-1

The encryption and decryption process worked fine after: I replaced the byte array obtained from :

Bitmap by byte array of message string as instructed in

android encryption/decryption with AES

So even though my problem is not fully solved, this question should be marked as answered.

Community
  • 1
  • 1
erluxman
  • 18,155
  • 20
  • 92
  • 126