1

I have a seemingly simple task..

Take a file, open it, take the byte stream as a AES key, and instantiate a javax.crypto.spec.SecretKeySpec within Android Kotlin

if (key == null) {

  val my_bytes: ByteArray = byteArrayOf(0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0) 
  val algo = "AES"

  val secretKey = SecretKeySpec(my_bytes, algo)

  saveSecretKey(sharedPref, secretKey!!)
  return secretKey
}

Edit: SecretKeySpec() works now. I just need to know how to put the bytes from the file into the android app properly. Is hard coding in the app insecure? Should I store the key as a file and read it in from the android file system?

Erik
  • 2,782
  • 3
  • 34
  • 64

1 Answers1

1

If you store the key as a file on the external drive the following things will happen:

  1. You will need permission from the user to read/write to the external drive
  2. Because the key is on the external drive it is susceptible to: 2.1 Being deleted by the user 2.2 Being read by an app/person other than the one you intended it for

Since secret key is symmetric, and can be used for both encryption and decryption.

Now, for our birds:

To load the file from the disk: This explains it quite well

Lena Bru
  • 13,521
  • 11
  • 61
  • 126
  • so just to clarify... i should NOT put it on disk... so then hardcode it into the app itself is acceptable for now? – Erik Feb 03 '20 at 18:47
  • 1
    put it in the keystore if possible – Lena Bru Feb 03 '20 at 20:41
  • thank you Lena, I already have a pre-existing key (and I understand I may need to save the initialization variable (iV) as well... so for now I am trying to put those values into the app.. and for now directly in the source code right as I inject it into an instance of the KeyStore. I now have another question, which I will post on SO. Thanks again! – Erik Feb 04 '20 at 18:43
  • post the link here, maybe i can help – Lena Bru Feb 05 '20 at 07:52
  • 1
    I actually got it all working now! after re-checking my sequence of actions (Base64, Encode/Decode, etc) – Erik Feb 06 '20 at 20:58