From c7c7d4c37c3e4fb90fd791b2b618f81ed1f0d5d1 Mon Sep 17 00:00:00 2001 From: James Bielman Date: Mon, 13 Mar 2017 10:27:19 -0700 Subject: [PATCH 1/5] Remove DOS line endings in sample app. --- aes-crypto-sample-app/.gitignore | 14 +- aes-crypto-sample-app/app/.gitignore | 2 +- aes-crypto-sample-app/app/build.gradle | 66 +++---- aes-crypto-sample-app/app/proguard-rules.pro | 34 ++-- .../app/src/main/AndroidManifest.xml | 36 ++-- .../tozny/aes_crypto_sample/MainActivity.java | 136 ++++++------- .../app/src/main/res/layout/activity_main.xml | 42 ++-- .../app/src/main/res/values-w820dp/dimens.xml | 12 +- .../app/src/main/res/values/colors.xml | 12 +- .../app/src/main/res/values/dimens.xml | 10 +- .../app/src/main/res/values/strings.xml | 6 +- .../app/src/main/res/values/styles.xml | 22 +-- aes-crypto-sample-app/build.gradle | 46 ++--- aes-crypto-sample-app/gradle.properties | 34 ++-- aes-crypto-sample-app/gradlew.bat | 180 +++++++++--------- aes-crypto-sample-app/settings.gradle | 2 +- 16 files changed, 327 insertions(+), 327 deletions(-) diff --git a/aes-crypto-sample-app/.gitignore b/aes-crypto-sample-app/.gitignore index 9a7b916..22ff45d 100644 --- a/aes-crypto-sample-app/.gitignore +++ b/aes-crypto-sample-app/.gitignore @@ -1,7 +1,7 @@ -*.iml -.gradle -/local.properties -.DS_Store -/build -.externalNativeBuild -.idea +*.iml +.gradle +/local.properties +.DS_Store +/build +.externalNativeBuild +.idea diff --git a/aes-crypto-sample-app/app/.gitignore b/aes-crypto-sample-app/app/.gitignore index 3543521..796b96d 100644 --- a/aes-crypto-sample-app/app/.gitignore +++ b/aes-crypto-sample-app/app/.gitignore @@ -1 +1 @@ -/build +/build diff --git a/aes-crypto-sample-app/app/build.gradle b/aes-crypto-sample-app/app/build.gradle index f63372f..dab6791 100644 --- a/aes-crypto-sample-app/app/build.gradle +++ b/aes-crypto-sample-app/app/build.gradle @@ -1,33 +1,33 @@ -apply plugin: 'com.android.application' - -android { - compileSdkVersion 25 - buildToolsVersion "25.0.1" - defaultConfig { - applicationId "com.tozny.aeswithintegritysample" - minSdkVersion 18 - targetSdkVersion 25 - versionCode 1 - versionName "1.0" - testInstrumentationRunner "android.support.test.runner.AndroidJUnitRunner" - } - sourceSets { - main.java.srcDirs += '../../aes-crypto/src/main/java' - } - - buildTypes { - release { - minifyEnabled false - proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro' - } - } -} - -dependencies { - compile fileTree(dir: 'libs', include: ['*.jar']) - androidTestCompile('com.android.support.test.espresso:espresso-core:2.2.2', { - exclude group: 'com.android.support', module: 'support-annotations' - }) - compile 'com.android.support:appcompat-v7:25.0.1' - testCompile 'junit:junit:4.12' -} +apply plugin: 'com.android.application' + +android { + compileSdkVersion 25 + buildToolsVersion "25.0.1" + defaultConfig { + applicationId "com.tozny.aeswithintegritysample" + minSdkVersion 18 + targetSdkVersion 25 + versionCode 1 + versionName "1.0" + testInstrumentationRunner "android.support.test.runner.AndroidJUnitRunner" + } + sourceSets { + main.java.srcDirs += '../../aes-crypto/src/main/java' + } + + buildTypes { + release { + minifyEnabled false + proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro' + } + } +} + +dependencies { + compile fileTree(dir: 'libs', include: ['*.jar']) + androidTestCompile('com.android.support.test.espresso:espresso-core:2.2.2', { + exclude group: 'com.android.support', module: 'support-annotations' + }) + compile 'com.android.support:appcompat-v7:25.0.1' + testCompile 'junit:junit:4.12' +} diff --git a/aes-crypto-sample-app/app/proguard-rules.pro b/aes-crypto-sample-app/app/proguard-rules.pro index 717603b..b231ba9 100644 --- a/aes-crypto-sample-app/app/proguard-rules.pro +++ b/aes-crypto-sample-app/app/proguard-rules.pro @@ -1,17 +1,17 @@ -# Add project specific ProGuard rules here. -# By default, the flags in this file are appended to flags specified -# in C:\Users\Justin\AppData\Local\Android\Sdk/tools/proguard/proguard-android.txt -# You can edit the include path and order by changing the proguardFiles -# directive in build.gradle. -# -# For more details, see -# http://developer.android.com/guide/developing/tools/proguard.html - -# Add any project specific keep options here: - -# If your project uses WebView with JS, uncomment the following -# and specify the fully qualified class name to the JavaScript interface -# class: -#-keepclassmembers class fqcn.of.javascript.interface.for.webview { -# public *; -#} +# Add project specific ProGuard rules here. +# By default, the flags in this file are appended to flags specified +# in C:\Users\Justin\AppData\Local\Android\Sdk/tools/proguard/proguard-android.txt +# You can edit the include path and order by changing the proguardFiles +# directive in build.gradle. +# +# For more details, see +# http://developer.android.com/guide/developing/tools/proguard.html + +# Add any project specific keep options here: + +# If your project uses WebView with JS, uncomment the following +# and specify the fully qualified class name to the JavaScript interface +# class: +#-keepclassmembers class fqcn.of.javascript.interface.for.webview { +# public *; +#} diff --git a/aes-crypto-sample-app/app/src/main/AndroidManifest.xml b/aes-crypto-sample-app/app/src/main/AndroidManifest.xml index 2040a4c..fdcde3b 100644 --- a/aes-crypto-sample-app/app/src/main/AndroidManifest.xml +++ b/aes-crypto-sample-app/app/src/main/AndroidManifest.xml @@ -1,19 +1,19 @@ - - - - - - - - - - - - + + + + + + + + + + + + \ No newline at end of file diff --git a/aes-crypto-sample-app/app/src/main/java/com/tozny/aes_crypto_sample/MainActivity.java b/aes-crypto-sample-app/app/src/main/java/com/tozny/aes_crypto_sample/MainActivity.java index 57526c3..51dac0b 100644 --- a/aes-crypto-sample-app/app/src/main/java/com/tozny/aes_crypto_sample/MainActivity.java +++ b/aes-crypto-sample-app/app/src/main/java/com/tozny/aes_crypto_sample/MainActivity.java @@ -1,68 +1,68 @@ -package com.tozny.aes_crypto_sample; - -import android.support.v7.app.AppCompatActivity; -import android.os.Bundle; -import android.util.Log; -import android.view.Menu; -import android.view.MenuItem; -import android.widget.TextView; - -import java.io.UnsupportedEncodingException; -import java.security.GeneralSecurityException; - -import com.tozny.aeswithintegritysample.R; -import com.tozny.crypto.android.AesCbcWithIntegrity; -import static com.tozny.crypto.android.AesCbcWithIntegrity.*; - -public class MainActivity extends AppCompatActivity { - - public static final String TAG = "Tozny"; - - private static boolean PASSWORD_BASED_KEY = true; - private static String EXAMPLE_PASSWORD = "always use passphrases for passwords wherever possible!"; - - @Override - protected void onCreate(Bundle savedInstanceState) { - super.onCreate(savedInstanceState); - setContentView(R.layout.activity_main); - - try { - AesCbcWithIntegrity.SecretKeys key; - if (PASSWORD_BASED_KEY) {//example for password based keys - String salt = saltString(generateSalt()); - //If you generated the key from a password, you can store the salt and not the key. - Log.i(TAG, "Salt: " + salt); - key = generateKeyFromPassword(EXAMPLE_PASSWORD, salt); - } else { - key = generateKey(); - //Note: If you are generating a random key, you'll probably be storing it somewhere - } - - // The encryption / storage & display: - - String keyStr = keyString(key); - key = null; //Pretend to throw that away so we can demonstrate converting it from str - - String textToEncrypt = "Testing shows the presence, not the absence of bugs.\n\n Edsger W. Dijkstra"; - Log.i(TAG, "Before encryption: " + textToEncrypt); - - // Read from storage & decrypt - key = keys(keyStr); // alternately, regenerate the key from password/salt. - AesCbcWithIntegrity.CipherTextIvMac civ = encrypt(textToEncrypt, key); - Log.i(TAG, "Encrypted: " + civ.toString()); - - String decryptedText = decryptString(civ, key); - Log.i(TAG, "Decrypted: " + decryptedText); - //Note: "String.equals" is not a constant-time check, which can sometimes be problematic. - Log.i(TAG, "Do they equal: " + textToEncrypt.equals(decryptedText)); - - TextView t = (TextView) findViewById(R.id.textView); - t.setText(decryptedText); - } catch (GeneralSecurityException e) { - Log.e(TAG, "GeneralSecurityException", e); - } catch (UnsupportedEncodingException e) { - Log.e(TAG, "UnsupportedEncodingException", e); - } - - } -} +package com.tozny.aes_crypto_sample; + +import android.support.v7.app.AppCompatActivity; +import android.os.Bundle; +import android.util.Log; +import android.view.Menu; +import android.view.MenuItem; +import android.widget.TextView; + +import java.io.UnsupportedEncodingException; +import java.security.GeneralSecurityException; + +import com.tozny.aeswithintegritysample.R; +import com.tozny.crypto.android.AesCbcWithIntegrity; +import static com.tozny.crypto.android.AesCbcWithIntegrity.*; + +public class MainActivity extends AppCompatActivity { + + public static final String TAG = "Tozny"; + + private static boolean PASSWORD_BASED_KEY = true; + private static String EXAMPLE_PASSWORD = "always use passphrases for passwords wherever possible!"; + + @Override + protected void onCreate(Bundle savedInstanceState) { + super.onCreate(savedInstanceState); + setContentView(R.layout.activity_main); + + try { + AesCbcWithIntegrity.SecretKeys key; + if (PASSWORD_BASED_KEY) {//example for password based keys + String salt = saltString(generateSalt()); + //If you generated the key from a password, you can store the salt and not the key. + Log.i(TAG, "Salt: " + salt); + key = generateKeyFromPassword(EXAMPLE_PASSWORD, salt); + } else { + key = generateKey(); + //Note: If you are generating a random key, you'll probably be storing it somewhere + } + + // The encryption / storage & display: + + String keyStr = keyString(key); + key = null; //Pretend to throw that away so we can demonstrate converting it from str + + String textToEncrypt = "Testing shows the presence, not the absence of bugs.\n\n Edsger W. Dijkstra"; + Log.i(TAG, "Before encryption: " + textToEncrypt); + + // Read from storage & decrypt + key = keys(keyStr); // alternately, regenerate the key from password/salt. + AesCbcWithIntegrity.CipherTextIvMac civ = encrypt(textToEncrypt, key); + Log.i(TAG, "Encrypted: " + civ.toString()); + + String decryptedText = decryptString(civ, key); + Log.i(TAG, "Decrypted: " + decryptedText); + //Note: "String.equals" is not a constant-time check, which can sometimes be problematic. + Log.i(TAG, "Do they equal: " + textToEncrypt.equals(decryptedText)); + + TextView t = (TextView) findViewById(R.id.textView); + t.setText(decryptedText); + } catch (GeneralSecurityException e) { + Log.e(TAG, "GeneralSecurityException", e); + } catch (UnsupportedEncodingException e) { + Log.e(TAG, "UnsupportedEncodingException", e); + } + + } +} diff --git a/aes-crypto-sample-app/app/src/main/res/layout/activity_main.xml b/aes-crypto-sample-app/app/src/main/res/layout/activity_main.xml index eeb3264..f8f6e9d 100644 --- a/aes-crypto-sample-app/app/src/main/res/layout/activity_main.xml +++ b/aes-crypto-sample-app/app/src/main/res/layout/activity_main.xml @@ -1,21 +1,21 @@ - - - - - + + + + + diff --git a/aes-crypto-sample-app/app/src/main/res/values-w820dp/dimens.xml b/aes-crypto-sample-app/app/src/main/res/values-w820dp/dimens.xml index 62df187..63fc816 100644 --- a/aes-crypto-sample-app/app/src/main/res/values-w820dp/dimens.xml +++ b/aes-crypto-sample-app/app/src/main/res/values-w820dp/dimens.xml @@ -1,6 +1,6 @@ - - - 64dp - + + + 64dp + diff --git a/aes-crypto-sample-app/app/src/main/res/values/colors.xml b/aes-crypto-sample-app/app/src/main/res/values/colors.xml index 2a12c47..3ab3e9c 100644 --- a/aes-crypto-sample-app/app/src/main/res/values/colors.xml +++ b/aes-crypto-sample-app/app/src/main/res/values/colors.xml @@ -1,6 +1,6 @@ - - - #3F51B5 - #303F9F - #FF4081 - + + + #3F51B5 + #303F9F + #FF4081 + diff --git a/aes-crypto-sample-app/app/src/main/res/values/dimens.xml b/aes-crypto-sample-app/app/src/main/res/values/dimens.xml index 295b5a9..47c8224 100644 --- a/aes-crypto-sample-app/app/src/main/res/values/dimens.xml +++ b/aes-crypto-sample-app/app/src/main/res/values/dimens.xml @@ -1,5 +1,5 @@ - - - 16dp - 16dp - + + + 16dp + 16dp + diff --git a/aes-crypto-sample-app/app/src/main/res/values/strings.xml b/aes-crypto-sample-app/app/src/main/res/values/strings.xml index b0dd6b2..2483b18 100644 --- a/aes-crypto-sample-app/app/src/main/res/values/strings.xml +++ b/aes-crypto-sample-app/app/src/main/res/values/strings.xml @@ -1,3 +1,3 @@ - - Tozny Crypto - + + Tozny Crypto + diff --git a/aes-crypto-sample-app/app/src/main/res/values/styles.xml b/aes-crypto-sample-app/app/src/main/res/values/styles.xml index 6f19b47..5885930 100644 --- a/aes-crypto-sample-app/app/src/main/res/values/styles.xml +++ b/aes-crypto-sample-app/app/src/main/res/values/styles.xml @@ -1,11 +1,11 @@ - - - - - - + + + + + + diff --git a/aes-crypto-sample-app/build.gradle b/aes-crypto-sample-app/build.gradle index 2449eab..c20bca1 100644 --- a/aes-crypto-sample-app/build.gradle +++ b/aes-crypto-sample-app/build.gradle @@ -1,23 +1,23 @@ -// Top-level build file where you can add configuration options common to all sub-projects/modules. - -buildscript { - repositories { - jcenter() - } - dependencies { - classpath 'com.android.tools.build:gradle:2.2.2' - - // NOTE: Do not place your application dependencies here; they belong - // in the individual module build.gradle files - } -} - -allprojects { - repositories { - jcenter() - } -} - -task clean(type: Delete) { - delete rootProject.buildDir -} +// Top-level build file where you can add configuration options common to all sub-projects/modules. + +buildscript { + repositories { + jcenter() + } + dependencies { + classpath 'com.android.tools.build:gradle:2.2.2' + + // NOTE: Do not place your application dependencies here; they belong + // in the individual module build.gradle files + } +} + +allprojects { + repositories { + jcenter() + } +} + +task clean(type: Delete) { + delete rootProject.buildDir +} diff --git a/aes-crypto-sample-app/gradle.properties b/aes-crypto-sample-app/gradle.properties index 3530b01..aac7c9b 100644 --- a/aes-crypto-sample-app/gradle.properties +++ b/aes-crypto-sample-app/gradle.properties @@ -1,17 +1,17 @@ -# Project-wide Gradle settings. - -# IDE (e.g. Android Studio) users: -# Gradle settings configured through the IDE *will override* -# any settings specified in this file. - -# For more details on how to configure your build environment visit -# http://www.gradle.org/docs/current/userguide/build_environment.html - -# Specifies the JVM arguments used for the daemon process. -# The setting is particularly useful for tweaking memory settings. -org.gradle.jvmargs=-Xmx1536m - -# When configured, Gradle will run in incubating parallel mode. -# This option should only be used with decoupled projects. More details, visit -# http://www.gradle.org/docs/current/userguide/multi_project_builds.html#sec:decoupled_projects -# org.gradle.parallel=true +# Project-wide Gradle settings. + +# IDE (e.g. Android Studio) users: +# Gradle settings configured through the IDE *will override* +# any settings specified in this file. + +# For more details on how to configure your build environment visit +# http://www.gradle.org/docs/current/userguide/build_environment.html + +# Specifies the JVM arguments used for the daemon process. +# The setting is particularly useful for tweaking memory settings. +org.gradle.jvmargs=-Xmx1536m + +# When configured, Gradle will run in incubating parallel mode. +# This option should only be used with decoupled projects. More details, visit +# http://www.gradle.org/docs/current/userguide/multi_project_builds.html#sec:decoupled_projects +# org.gradle.parallel=true diff --git a/aes-crypto-sample-app/gradlew.bat b/aes-crypto-sample-app/gradlew.bat index aec9973..8a0b282 100644 --- a/aes-crypto-sample-app/gradlew.bat +++ b/aes-crypto-sample-app/gradlew.bat @@ -1,90 +1,90 @@ -@if "%DEBUG%" == "" @echo off -@rem ########################################################################## -@rem -@rem Gradle startup script for Windows -@rem -@rem ########################################################################## - -@rem Set local scope for the variables with windows NT shell -if "%OS%"=="Windows_NT" setlocal - -@rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. -set DEFAULT_JVM_OPTS= - -set DIRNAME=%~dp0 -if "%DIRNAME%" == "" set DIRNAME=. -set APP_BASE_NAME=%~n0 -set APP_HOME=%DIRNAME% - -@rem Find java.exe -if defined JAVA_HOME goto findJavaFromJavaHome - -set JAVA_EXE=java.exe -%JAVA_EXE% -version >NUL 2>&1 -if "%ERRORLEVEL%" == "0" goto init - -echo. -echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. -echo. -echo Please set the JAVA_HOME variable in your environment to match the -echo location of your Java installation. - -goto fail - -:findJavaFromJavaHome -set JAVA_HOME=%JAVA_HOME:"=% -set JAVA_EXE=%JAVA_HOME%/bin/java.exe - -if exist "%JAVA_EXE%" goto init - -echo. -echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME% -echo. -echo Please set the JAVA_HOME variable in your environment to match the -echo location of your Java installation. - -goto fail - -:init -@rem Get command-line arguments, handling Windowz variants - -if not "%OS%" == "Windows_NT" goto win9xME_args -if "%@eval[2+2]" == "4" goto 4NT_args - -:win9xME_args -@rem Slurp the command line arguments. -set CMD_LINE_ARGS= -set _SKIP=2 - -:win9xME_args_slurp -if "x%~1" == "x" goto execute - -set CMD_LINE_ARGS=%* -goto execute - -:4NT_args -@rem Get arguments from the 4NT Shell from JP Software -set CMD_LINE_ARGS=%$ - -:execute -@rem Setup the command line - -set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar - -@rem Execute Gradle -"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %CMD_LINE_ARGS% - -:end -@rem End local scope for the variables with windows NT shell -if "%ERRORLEVEL%"=="0" goto mainEnd - -:fail -rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of -rem the _cmd.exe /c_ return code! -if not "" == "%GRADLE_EXIT_CONSOLE%" exit 1 -exit /b 1 - -:mainEnd -if "%OS%"=="Windows_NT" endlocal - -:omega +@if "%DEBUG%" == "" @echo off +@rem ########################################################################## +@rem +@rem Gradle startup script for Windows +@rem +@rem ########################################################################## + +@rem Set local scope for the variables with windows NT shell +if "%OS%"=="Windows_NT" setlocal + +@rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. +set DEFAULT_JVM_OPTS= + +set DIRNAME=%~dp0 +if "%DIRNAME%" == "" set DIRNAME=. +set APP_BASE_NAME=%~n0 +set APP_HOME=%DIRNAME% + +@rem Find java.exe +if defined JAVA_HOME goto findJavaFromJavaHome + +set JAVA_EXE=java.exe +%JAVA_EXE% -version >NUL 2>&1 +if "%ERRORLEVEL%" == "0" goto init + +echo. +echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. +echo. +echo Please set the JAVA_HOME variable in your environment to match the +echo location of your Java installation. + +goto fail + +:findJavaFromJavaHome +set JAVA_HOME=%JAVA_HOME:"=% +set JAVA_EXE=%JAVA_HOME%/bin/java.exe + +if exist "%JAVA_EXE%" goto init + +echo. +echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME% +echo. +echo Please set the JAVA_HOME variable in your environment to match the +echo location of your Java installation. + +goto fail + +:init +@rem Get command-line arguments, handling Windowz variants + +if not "%OS%" == "Windows_NT" goto win9xME_args +if "%@eval[2+2]" == "4" goto 4NT_args + +:win9xME_args +@rem Slurp the command line arguments. +set CMD_LINE_ARGS= +set _SKIP=2 + +:win9xME_args_slurp +if "x%~1" == "x" goto execute + +set CMD_LINE_ARGS=%* +goto execute + +:4NT_args +@rem Get arguments from the 4NT Shell from JP Software +set CMD_LINE_ARGS=%$ + +:execute +@rem Setup the command line + +set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar + +@rem Execute Gradle +"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %CMD_LINE_ARGS% + +:end +@rem End local scope for the variables with windows NT shell +if "%ERRORLEVEL%"=="0" goto mainEnd + +:fail +rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of +rem the _cmd.exe /c_ return code! +if not "" == "%GRADLE_EXIT_CONSOLE%" exit 1 +exit /b 1 + +:mainEnd +if "%OS%"=="Windows_NT" endlocal + +:omega diff --git a/aes-crypto-sample-app/settings.gradle b/aes-crypto-sample-app/settings.gradle index d3db109..e7b4def 100644 --- a/aes-crypto-sample-app/settings.gradle +++ b/aes-crypto-sample-app/settings.gradle @@ -1 +1 @@ -include ':app' +include ':app' From f077b51bfa66ff44bb00e6c06e29276a90855234 Mon Sep 17 00:00:00 2001 From: James Bielman Date: Mon, 12 Jun 2017 13:50:06 -0700 Subject: [PATCH 2/5] README formatting updates --- README.md | 60 ++++++++++++++++++++++++++++++++++++------------------- 1 file changed, 39 insertions(+), 21 deletions(-) diff --git a/README.md b/README.md index 9cd6cb7..d46c9f1 100644 --- a/README.md +++ b/README.md @@ -3,7 +3,7 @@ java-aes-crypto A simple Android class for encrypting & decrypting strings, aiming to avoid [serious cryptographic errors](http://tozny.com/blog/encrypting-strings-in-android-lets-make-better-mistakes/) that most such classes suffer from. [Show me the code](https://github.com/tozny/java-aes-crypto/blob/master/aes-crypto/src/main/java/com/tozny/crypto/android/AesCbcWithIntegrity.java) -#Features +# Features Here are the features of this class. We believe that these properties are consistent with what a lot of people are looking for when encrypting Strings in Android. @@ -14,17 +14,24 @@ Here are the features of this class. We believe that these properties are consis * *Integrity*: Lots of people think AES has integrity checking built in. The thinking goes, "if it decrypts correctly, it was generated by the person with the private key". Actually, AES CBC allows an attacker to modify the messages. Therefore, we've also added integrity checking in the form of a SHA 256 hash. -#How to include in project? +# How to include in project? -###Copy and paste -It's a single very simple java class, [AesCbcWithIntegrity.java](https://github.com/tozny/java-aes-crypto/blob/master/aes-crypto/src/main/java/com/tozny/crypto/android/AesCbcWithIntegrity.java) that works across most or all versions of Android. The class should be easy to paste into an existing codebase. +## Copy and paste -###Android Library project -The library is in Android library project format so you can clone this project and add as a library module/project. - -###Maven Dependency -We've also published the library AAR file to Maven central for simple one line gradle dependency management. +It's a single very simple java class, +[AesCbcWithIntegrity.java](https://github.com/tozny/java-aes-crypto/blob/master/aes-crypto/src/main/java/com/tozny/crypto/android/AesCbcWithIntegrity.java) +that works across most or all versions of Android. The class should be easy to +paste into an existing codebase. +## Android Library project + +The library is in Android library project format so you can clone this project +and add as a library module/project. + +## Maven Dependency + +We've also published the library AAR file to Maven central for simple one line +gradle dependency management. ```groovy dependencies { @@ -32,17 +39,16 @@ dependencies { } ``` -#Examples +# Examples -##Generate new key +## Generate new key ```java AesCbcWithIntegrity.SecretKeys keys = AesCbcWithIntegrity.generateKey(); ``` - -##Encrypt +## Encrypt ```java AesCbcWithIntegrity.CipherTextIvMac cipherTextIvMac = AesCbcWithIntegrity.encrypt("some test", keys); @@ -50,21 +56,33 @@ dependencies { String ciphertextString = cipherTextIvMac.toString(); ``` -##Decrypt +## Decrypt ```java //Use the constructor to re-create the CipherTextIvMac class from the string: CipherTextIvMac cipherTextIvMac = new CipherTextIvMac (cipherTextString); String plainText = AesCbcWithIntegrity.decryptString(cipherTextIvMac, keys); -``` +``` + +## Storing Keys -##Storing Keys -Once you've generated a random key, you naturally might want to store it. This may work for some use cases, but please be aware that if you store the key in the same place that you store the encrypted data, your solution is not cryptographically sound since the attacker can just get both the key and the encrypted text. Instead, you should use either the [Keystore infrastructure](http://developer.android.com/training/articles/keystore.html) or consider generating the key from a passphrase and using that to encrypt the user data. +Once you've generated a random key, you naturally might want to store it. This +may work for some use cases, but please be aware that if you store the key in +the same place that you store the encrypted data, your solution is not +cryptographically sound since the attacker can just get both the key and the +encrypted text. Instead, you should use either the [Keystore +infrastructure](http://developer.android.com/training/articles/keystore.html) +or consider generating the key from a passphrase and using that to encrypt the +user data. -If despite the above you still want to store the key, you can convert the keys to a string using the included functions and store them in preferences or SQLite. +If despite the above you still want to store the key, you can convert the keys +to a string using the included functions and store them in preferences or +SQLite. -#License -The included MIT license is compatible with open source or commercial products. -Tozny also offers custom support and licensing terms if your organization has different needs. Contact us at [info@tozny.com](mailto:info@tozny.com) for more details. +# License +The included MIT license is compatible with open source or commercial products. +Tozny also offers custom support and licensing terms if your organization has +different needs. Contact us at [info@tozny.com](mailto:info@tozny.com) for more +details. From 594aaec47dcd5908b625bd3c8692c2cf03bacfe4 Mon Sep 17 00:00:00 2001 From: James Bielman Date: Mon, 12 Jun 2017 13:51:07 -0700 Subject: [PATCH 3/5] Fix Javadoc errors due to invalid HTML entities --- .../crypto/android/AesCbcWithIntegrity.java | 30 +++++++++---------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/aes-crypto/src/main/java/com/tozny/crypto/android/AesCbcWithIntegrity.java b/aes-crypto/src/main/java/com/tozny/crypto/android/AesCbcWithIntegrity.java index 3515915..07432ef 100644 --- a/aes-crypto/src/main/java/com/tozny/crypto/android/AesCbcWithIntegrity.java +++ b/aes-crypto/src/main/java/com/tozny/crypto/android/AesCbcWithIntegrity.java @@ -89,7 +89,7 @@ public class AesCbcWithIntegrity { * storage. Sister function of keys. * * @param keys The combined aes and hmac keys - * @return a base 64 encoded AES string & hmac key as base64(aesKey) : base64(hmacKey) + * @return a base 64 encoded AES string and hmac key as base64(aesKey) : base64(hmacKey) */ public static String keyString(SecretKeys keys) { return keys.toString(); @@ -100,7 +100,7 @@ public static String keyString(SecretKeys keys) { * key. It's not random or a PBE key. * * @param keysStr a base64 encoded AES key / hmac key as base64(aesKey) : base64(hmacKey). - * @return an AES & HMAC key set suitable for other functions. + * @return an AES and HMAC key set suitable for other functions. */ public static SecretKeys keys(String keysStr) throws InvalidKeyException { String[] keysArr = keysStr.split(":"); @@ -125,11 +125,11 @@ public static SecretKeys keys(String keysStr) throws InvalidKeyException { } /** - * A function that generates random AES & HMAC keys and prints out exceptions but + * A function that generates random AES and HMAC keys and prints out exceptions but * doesn't throw them since none should be encountered. If they are * encountered, the return value is null. * - * @return The AES & HMAC keys. + * @return The AES and HMAC keys. * @throws GeneralSecurityException if AES is not implemented on this system, * or a suitable RNG is not available */ @@ -149,12 +149,12 @@ public static SecretKeys generateKey() throws GeneralSecurityException { } /** - * A function that generates password-based AES & HMAC keys. It prints out exceptions but + * A function that generates password-based AES and HMAC keys. It prints out exceptions but * doesn't throw them since none should be encountered. If they are * encountered, the return value is null. * * @param password The password to derive the keys from. - * @return The AES & HMAC keys. + * @return The AES and HMAC keys. * @throws GeneralSecurityException if AES is not implemented on this system, * or a suitable RNG is not available */ @@ -181,10 +181,10 @@ public static SecretKeys generateKeyFromPassword(String password, byte[] salt) t } /** - * A function that generates password-based AES & HMAC keys. See generateKeyFromPassword. + * A function that generates password-based AES and HMAC keys. See generateKeyFromPassword. * @param password The password to derive the AES/HMAC keys from * @param salt A string version of the salt; base64 encoded. - * @return The AES & HMAC keys. + * @return The AES and HMAC keys. * @throws GeneralSecurityException */ public static SecretKeys generateKeyFromPassword(String password, String salt) throws GeneralSecurityException { @@ -241,7 +241,7 @@ private static byte[] randomBytes(int length) throws GeneralSecurityException { * * @param plaintext The text that will be encrypted, which * will be serialized with UTF-8 - * @param secretKeys The AES & HMAC keys with which to encrypt + * @param secretKeys The AES and HMAC keys with which to encrypt * @return a tuple of the IV, ciphertext, mac * @throws GeneralSecurityException if AES is not implemented on this system * @throws UnsupportedEncodingException if UTF-8 is not supported in this system @@ -256,7 +256,7 @@ public static CipherTextIvMac encrypt(String plaintext, SecretKeys secretKeys) * a hashed MAC, which is contained in the CipherTextIvMac class. * * @param plaintext The bytes that will be encrypted - * @param secretKeys The AES & HMAC keys with which to encrypt + * @param secretKeys The AES and HMAC keys with which to encrypt * @return a tuple of the IV, ciphertext, mac * @throws GeneralSecurityException if AES is not implemented on this system * @throws UnsupportedEncodingException if the specified encoding is invalid @@ -271,7 +271,7 @@ public static CipherTextIvMac encrypt(String plaintext, SecretKeys secretKeys, S * a hashed MAC, which is contained in the CipherTextIvMac class. * * @param plaintext The text that will be encrypted - * @param secretKeys The combined AES & HMAC keys with which to encrypt + * @param secretKeys The combined AES and HMAC keys with which to encrypt * @return a tuple of the IV, ciphertext, mac * @throws GeneralSecurityException if AES is not implemented on this system */ @@ -318,7 +318,7 @@ private static void fixPrng() { * AES CBC decrypt. * * @param civ The cipher text, IV, and mac - * @param secretKeys The AES & HMAC keys + * @param secretKeys The AES and HMAC keys * @param encoding The string encoding to use to decode the bytes after decryption * @return A string derived from the decrypted bytes (not base64 encoded) * @throws GeneralSecurityException if AES is not implemented on this system @@ -333,7 +333,7 @@ public static String decryptString(CipherTextIvMac civ, SecretKeys secretKeys, S * AES CBC decrypt. * * @param civ The cipher text, IV, and mac - * @param secretKeys The AES & HMAC keys + * @param secretKeys The AES and HMAC keys * @return A string derived from the decrypted bytes, which are interpreted * as a UTF-8 String * @throws GeneralSecurityException if AES is not implemented on this system @@ -348,7 +348,7 @@ public static String decryptString(CipherTextIvMac civ, SecretKeys secretKeys) * AES CBC decrypt. * * @param civ the cipher text, iv, and mac - * @param secretKeys the AES & HMAC keys + * @param secretKeys the AES and HMAC keys * @return The raw decrypted bytes * @throws GeneralSecurityException if MACs don't match or AES is not implemented */ @@ -377,7 +377,7 @@ public static byte[] decrypt(CipherTextIvMac civ, SecretKeys secretKeys) * Generate the mac based on HMAC_ALGORITHM * @param integrityKey The key used for hmac * @param byteCipherText the cipher text - * @return A byte array of the HMAC for the given key & ciphertext + * @return A byte array of the HMAC for the given key and ciphertext * @throws NoSuchAlgorithmException * @throws InvalidKeyException */ From 1c7a49721940a230e2daa8b185c84a4d95b9aa9b Mon Sep 17 00:00:00 2001 From: James Bielman Date: Mon, 12 Jun 2017 14:15:13 -0700 Subject: [PATCH 4/5] Add Jitpack instructions to README --- README.md | 20 ++++++++++++++++---- 1 file changed, 16 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index d46c9f1..eb79c4a 100644 --- a/README.md +++ b/README.md @@ -30,12 +30,25 @@ and add as a library module/project. ## Maven Dependency -We've also published the library AAR file to Maven central for simple one line -gradle dependency management. +We've also published the library AAR file via Jitpack for simple +gradle dependency management: + +Add the Jitpack repository to your root build.gradle: + +```groovy +allprojects { + repositories { + ... + maven { url 'https://jitpack.io' } + } +} +``` + +Add the dependency to your project's build.gradle: ```groovy dependencies { - compile 'com.tozny:aes-crypto:0.0.1' + compile 'com.github.tozny:java-aes-crypto:1.1.0' } ``` @@ -43,7 +56,6 @@ dependencies { ## Generate new key - ```java AesCbcWithIntegrity.SecretKeys keys = AesCbcWithIntegrity.generateKey(); ``` From 14872ae08ab54875406b4bb68a2b00c90e3db0a2 Mon Sep 17 00:00:00 2001 From: James Bielman Date: Mon, 12 Jun 2017 14:16:54 -0700 Subject: [PATCH 5/5] Version 1.1.0 --- gradle.properties | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/gradle.properties b/gradle.properties index f76a528..dba38f1 100644 --- a/gradle.properties +++ b/gradle.properties @@ -17,9 +17,8 @@ # http://www.gradle.org/docs/current/userguide/multi_project_builds.html#sec:decoupled_projects # org.gradle.parallel=true -VERSION_NAME=0.0.2 -#VERSION_NAME=0.0.3-SNAPSHOT -VERSION_CODE=2 +VERSION_NAME=1.1.0 +VERSION_CODE=3 GROUP=com.tozny