forked from tozny/java-aes-crypto
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge branch 'master' into feature/tozny#35
# Conflicts: # aes-crypto-sample-app/.gitignore
- Loading branch information
Showing
19 changed files
with
397 additions
and
361 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -3,7 +3,7 @@ java-aes-crypto | |
|
||
A simple Android class for encrypting & decrypting strings, aiming to avoid [serious cryptographic errors](http://tozny.com/blog/encrypting-strings-in-android-lets-make-better-mistakes/) that most such classes suffer from. [Show me the code](https://github.com/tozny/java-aes-crypto/blob/master/aes-crypto/src/main/java/com/tozny/crypto/android/AesCbcWithIntegrity.java) | ||
|
||
#Features | ||
# Features | ||
|
||
Here are the features of this class. We believe that these properties are consistent with what a lot of people are looking for when encrypting Strings in Android. | ||
|
||
|
@@ -14,57 +14,87 @@ Here are the features of this class. We believe that these properties are consis | |
* *Integrity*: Lots of people think AES has integrity checking built in. The thinking goes, "if it decrypts correctly, it was generated by the person with the private key". Actually, AES CBC allows an attacker to modify the messages. Therefore, we've also added integrity checking in the form of a SHA 256 hash. | ||
|
||
|
||
#How to include in project? | ||
# How to include in project? | ||
|
||
###Copy and paste | ||
It's a single very simple java class, [AesCbcWithIntegrity.java](https://github.com/tozny/java-aes-crypto/blob/master/aes-crypto/src/main/java/com/tozny/crypto/android/AesCbcWithIntegrity.java) that works across most or all versions of Android. The class should be easy to paste into an existing codebase. | ||
## Copy and paste | ||
|
||
###Android Library project | ||
The library is in Android library project format so you can clone this project and add as a library module/project. | ||
|
||
###Maven Dependency | ||
We've also published the library AAR file to Maven central for simple one line gradle dependency management. | ||
It's a single very simple java class, | ||
[AesCbcWithIntegrity.java](https://github.com/tozny/java-aes-crypto/blob/master/aes-crypto/src/main/java/com/tozny/crypto/android/AesCbcWithIntegrity.java) | ||
that works across most or all versions of Android. The class should be easy to | ||
paste into an existing codebase. | ||
|
||
## Android Library project | ||
|
||
The library is in Android library project format so you can clone this project | ||
and add as a library module/project. | ||
|
||
## Maven Dependency | ||
|
||
We've also published the library AAR file via Jitpack for simple | ||
gradle dependency management: | ||
|
||
Add the Jitpack repository to your root build.gradle: | ||
|
||
```groovy | ||
dependencies { | ||
compile 'com.tozny:aes-crypto:0.0.1' | ||
allprojects { | ||
repositories { | ||
... | ||
maven { url 'https://jitpack.io' } | ||
} | ||
} | ||
``` | ||
|
||
#Examples | ||
Add the dependency to your project's build.gradle: | ||
|
||
##Generate new key | ||
```groovy | ||
dependencies { | ||
compile 'com.github.tozny:java-aes-crypto:1.1.0' | ||
} | ||
``` | ||
|
||
# Examples | ||
|
||
## Generate new key | ||
|
||
```java | ||
AesCbcWithIntegrity.SecretKeys keys = AesCbcWithIntegrity.generateKey(); | ||
``` | ||
|
||
|
||
##Encrypt | ||
## Encrypt | ||
|
||
```java | ||
AesCbcWithIntegrity.CipherTextIvMac cipherTextIvMac = AesCbcWithIntegrity.encrypt("some test", keys); | ||
//store or send to server | ||
String ciphertextString = cipherTextIvMac.toString(); | ||
``` | ||
|
||
##Decrypt | ||
## Decrypt | ||
|
||
```java | ||
//Use the constructor to re-create the CipherTextIvMac class from the string: | ||
CipherTextIvMac cipherTextIvMac = new CipherTextIvMac (cipherTextString); | ||
String plainText = AesCbcWithIntegrity.decryptString(cipherTextIvMac, keys); | ||
``` | ||
``` | ||
|
||
## Storing Keys | ||
|
||
##Storing Keys | ||
Once you've generated a random key, you naturally might want to store it. This may work for some use cases, but please be aware that if you store the key in the same place that you store the encrypted data, your solution is not cryptographically sound since the attacker can just get both the key and the encrypted text. Instead, you should use either the [Keystore infrastructure](http://developer.android.com/training/articles/keystore.html) or consider generating the key from a passphrase and using that to encrypt the user data. | ||
Once you've generated a random key, you naturally might want to store it. This | ||
may work for some use cases, but please be aware that if you store the key in | ||
the same place that you store the encrypted data, your solution is not | ||
cryptographically sound since the attacker can just get both the key and the | ||
encrypted text. Instead, you should use either the [Keystore | ||
infrastructure](http://developer.android.com/training/articles/keystore.html) | ||
or consider generating the key from a passphrase and using that to encrypt the | ||
user data. | ||
|
||
If despite the above you still want to store the key, you can convert the keys to a string using the included functions and store them in preferences or SQLite. | ||
If despite the above you still want to store the key, you can convert the keys | ||
to a string using the included functions and store them in preferences or | ||
SQLite. | ||
|
||
#License | ||
The included MIT license is compatible with open source or commercial products. | ||
Tozny also offers custom support and licensing terms if your organization has different needs. Contact us at [[email protected]](mailto:[email protected]) for more details. | ||
# License | ||
|
||
The included MIT license is compatible with open source or commercial products. | ||
Tozny also offers custom support and licensing terms if your organization has | ||
different needs. Contact us at [[email protected]](mailto:[email protected]) for more | ||
details. | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
*.iml | ||
.gradle | ||
/local.properties | ||
.DS_Store | ||
/build | ||
.externalNativeBuild | ||
.idea |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1 @@ | ||
/build | ||
/build |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,33 +1,33 @@ | ||
apply plugin: 'com.android.application' | ||
|
||
android { | ||
compileSdkVersion 25 | ||
buildToolsVersion "25.0.1" | ||
defaultConfig { | ||
applicationId "com.tozny.aeswithintegritysample" | ||
minSdkVersion 18 | ||
targetSdkVersion 25 | ||
versionCode 1 | ||
versionName "1.0" | ||
testInstrumentationRunner "android.support.test.runner.AndroidJUnitRunner" | ||
} | ||
sourceSets { | ||
main.java.srcDirs += '../../aes-crypto/src/main/java' | ||
} | ||
|
||
buildTypes { | ||
release { | ||
minifyEnabled false | ||
proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro' | ||
} | ||
} | ||
} | ||
|
||
dependencies { | ||
compile fileTree(dir: 'libs', include: ['*.jar']) | ||
androidTestCompile('com.android.support.test.espresso:espresso-core:2.2.2', { | ||
exclude group: 'com.android.support', module: 'support-annotations' | ||
}) | ||
compile 'com.android.support:appcompat-v7:25.0.1' | ||
testCompile 'junit:junit:4.12' | ||
} | ||
apply plugin: 'com.android.application' | ||
|
||
android { | ||
compileSdkVersion 25 | ||
buildToolsVersion "25.0.1" | ||
defaultConfig { | ||
applicationId "com.tozny.aeswithintegritysample" | ||
minSdkVersion 18 | ||
targetSdkVersion 25 | ||
versionCode 1 | ||
versionName "1.0" | ||
testInstrumentationRunner "android.support.test.runner.AndroidJUnitRunner" | ||
} | ||
sourceSets { | ||
main.java.srcDirs += '../../aes-crypto/src/main/java' | ||
} | ||
|
||
buildTypes { | ||
release { | ||
minifyEnabled false | ||
proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro' | ||
} | ||
} | ||
} | ||
|
||
dependencies { | ||
compile fileTree(dir: 'libs', include: ['*.jar']) | ||
androidTestCompile('com.android.support.test.espresso:espresso-core:2.2.2', { | ||
exclude group: 'com.android.support', module: 'support-annotations' | ||
}) | ||
compile 'com.android.support:appcompat-v7:25.0.1' | ||
testCompile 'junit:junit:4.12' | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,17 +1,17 @@ | ||
# Add project specific ProGuard rules here. | ||
# By default, the flags in this file are appended to flags specified | ||
# in C:\Users\Justin\AppData\Local\Android\Sdk/tools/proguard/proguard-android.txt | ||
# You can edit the include path and order by changing the proguardFiles | ||
# directive in build.gradle. | ||
# | ||
# For more details, see | ||
# http://developer.android.com/guide/developing/tools/proguard.html | ||
# Add any project specific keep options here: | ||
# If your project uses WebView with JS, uncomment the following | ||
# and specify the fully qualified class name to the JavaScript interface | ||
# class: | ||
#-keepclassmembers class fqcn.of.javascript.interface.for.webview { | ||
# public *; | ||
#} | ||
# Add project specific ProGuard rules here. | ||
# By default, the flags in this file are appended to flags specified | ||
# in C:\Users\Justin\AppData\Local\Android\Sdk/tools/proguard/proguard-android.txt | ||
# You can edit the include path and order by changing the proguardFiles | ||
# directive in build.gradle. | ||
# | ||
# For more details, see | ||
# http://developer.android.com/guide/developing/tools/proguard.html | ||
|
||
# Add any project specific keep options here: | ||
|
||
# If your project uses WebView with JS, uncomment the following | ||
# and specify the fully qualified class name to the JavaScript interface | ||
# class: | ||
#-keepclassmembers class fqcn.of.javascript.interface.for.webview { | ||
# public *; | ||
#} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,19 +1,19 @@ | ||
<?xml version="1.0" encoding="utf-8"?> | ||
<manifest xmlns:android="http://schemas.android.com/apk/res/android" | ||
package="com.tozny.aeswithintegritysample"> | ||
|
||
<application | ||
android:allowBackup="true" | ||
android:icon="@mipmap/ic_launcher" | ||
android:label="@string/app_name" | ||
android:supportsRtl="true" | ||
android:theme="@style/AppTheme"> | ||
<activity android:name="com.tozny.aes_crypto_sample.MainActivity" android:label="@string/app_name"> | ||
<intent-filter> | ||
<action android:name="android.intent.action.MAIN" /> | ||
<category android:name="android.intent.category.LAUNCHER" /> | ||
</intent-filter> | ||
</activity> | ||
</application> | ||
|
||
<?xml version="1.0" encoding="utf-8"?> | ||
<manifest xmlns:android="http://schemas.android.com/apk/res/android" | ||
package="com.tozny.aeswithintegritysample"> | ||
|
||
<application | ||
android:allowBackup="true" | ||
android:icon="@mipmap/ic_launcher" | ||
android:label="@string/app_name" | ||
android:supportsRtl="true" | ||
android:theme="@style/AppTheme"> | ||
<activity android:name="com.tozny.aes_crypto_sample.MainActivity" android:label="@string/app_name"> | ||
<intent-filter> | ||
<action android:name="android.intent.action.MAIN" /> | ||
<category android:name="android.intent.category.LAUNCHER" /> | ||
</intent-filter> | ||
</activity> | ||
</application> | ||
|
||
</manifest> |
Oops, something went wrong.