Android AES(Basic)

Android Crypt

For Crypt, Android prepares BouncyCastle. Android version is a bit different from real BouncyCastle.
Version is old, feature is small.
Extended version is Spongy Castle.
Spongy Castle is repackage of Bouncy Castle for Android. This covers several original Bouncy Castle

AES

Advanced Encryption Standard.
AES supersedes DES.
AES is a symmetric-key algorithm
It has 128, 192, 256bit key length.
IV is to change AES key encription results(Use it when calculation)

Create AES Key

public class AESHelper 
{
	public static int getKeySize ( int bit ) throws KeyIllegalException
	{
		int ret_val = 0;
		
		switch ( bit )
		{
		case 128:
			ret_val = 16;
			break;
		case 192:
			ret_val = 24;
			break;
		case 256:
			ret_val = 32;
			break;
		default:
			throw new KeyIllegalException("Bit size is wrong");
		}
		return ret_val;
	}
	
	public static Key generateFromRandom( int bit ) throws KeyIllegalException
	{
		int size = getKeySize(bit);
		byte bytes[] = new byte[size];
		SecureRandom secureRandom = new SecureRandom();
		secureRandom.nextBytes(bytes);
		return getKey ( bytes );
	}
	
	public static Key getKey ( byte[] data )
	{
		Key key = new SecretKeySpec(data, "AES");
		return key;
	}
}

This class is to generate AES key.
Argument is bit number.
I prepared 2 version.
One version is to generate from random byte, another is bytes you create.

Encryption

Key aes = AESHelper.generateFromRandom(128);
// Encrypt
Cipher c = Cipher.getInstance("AES/CBC/PKCS5Padding");   // CBC Algorigthm
c.init(Cipher.ENCRYPT_MODE, aes);                        // Encrypt with AES key
byte[] encrypted = c.doFinal(target.getBytes());         // Results
byte[] iv = c.getIV();                                   // IV

Please keep iv when encrypting.
iv is used when decryption.

We have 2 choices. Save Database or file.
If you save as file, application realm is better for security.

Description

c = Cipher.getInstance("AES/CBC/PKCS5Padding");
IvParameterSpec ips = new IvParameterSpec(iv);	// use same iv of encryption
c.init(Cipher.DECRYPT_MODE, aes, ips);
byte[] decryptStr = c.doFinal(encrypted);
Log.d("Decription", new String(decryptStr));

iv is same as encryption.

Testing in Activity

Testing under this code


public class AESActivity extends Activity {
@Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
try {
String target = “Hello, Android”;
Key aes = AESHelper.generateFromRandom(128);
// Encrypt
Cipher c = Cipher.getInstance(“AES/CBC/PKCS5Padding”);
c.init(Cipher.ENCRYPT_MODE, aes);
byte[] encrypted = c.doFinal(target.getBytes());
byte[] iv = c.getIV();

for ( int i=0; i < encrypted.length; i++ ) { Log.d("", String.format("%02x", encrypted[i])); } // Decrypt c = Cipher.getInstance("AES/CBC/PKCS5Padding"); IvParameterSpec ips = new IvParameterSpec(iv); // use same iv of encryption c.init(Cipher.DECRYPT_MODE, aes, ips); byte[] decryptStr = c.doFinal(encrypted); Log.d("Decription", new String(decryptStr)); } catch ( Exception oops ) { oops.printStackTrace(); } } } [/java] AES key

Cipher Mode

Mode
DECRYPT_MODE
ENCRYPT_MODE
UNWRAP_MODE
WRAP_MODE

References

Techbooster
Tecscore
trustss
hishidama

Warnings!

Compare to native codes, Java version is a bit slow.
Android version is different from Oracle(Sun) version.