#1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Feb 2014
    Posts
    20
    Rep Power
    0

    Adding encryption to Android App


    Hello everyone,

    I'm extremely new to Android development but thought I would give it a go. So far I'm enjoying it although I admit there is a bit of a learning curve to start with.

    Anyway, I wanted to add some encryption to the app I'm developing but I'm having trouble getting started. In my code I've done something similar to this:
    Code:
    import javax.crypto.*;
    
    public class Connection {
        private KeyGenerator _keygen = null;
        
        public Connection() {
            this._keygen = KeyGenerator.getInstance("AES");
        }
    }
    When I do this Android Studio shows up an error with this line of code (call to KeyGenerator.getInstance) - "Unhandled exception: java.security.NoSuchAlgorithmException"

    I have tried putting this line of code in a try/catch block so that I can compile the code although it doesn't execute properly..

    Judging by the error, I am guessing that for some reason Android Studio can't find an implementation of this class/method.. What am I doing wrong?

    Cheers,
    Swarvy
  2. #2
  3. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Feb 2014
    Posts
    20
    Rep Power
    0
    Hello Everyone,

    Thanks to a few links online (mainly this one: Working with RSA in Android) I've managed to make progress with this problem although I've come across another problem.

    Description of what I am doing:
    Basically, I have written some PHP server side code which is running off a web server and I wanted to implement a very simple 'handshake' protocol (I realise that the term 'handshake' probably isn't strictly correct in this context - nevermind).
    1) At a certain URL endpoint on the server, the server broadcasts it's RSA public key (returns it in some JSON).
    2) The android app performs a GET request on this URL, parses the JSON and saves the Server's public key.
    3) The android app generates its own RSA public & private keys and then performs a POST back to the server, giving the server the app's public key.
    4) Once public keys on both sides have been exchanged the app then encrypts some data and sends it back to the server.

    Where things go wrong:
    I've managed to get to step 3/4 of this sequence. Once the public key from the server comes back and I attempt to create an instance of a java.security.Key object from the String of their key, it all goes wrong.
    Given a String form of the key, I want to create an 'java.security.Key' from it:
    Code:
        public void setServerKey(String key) {
            try{
                byte[] keyBytes = Base64.decode(key.getBytes("utf-8"), Base64.DEFAULT);
                X509EncodedKeySpec spec = new X509EncodedKeySpec(keyBytes);
                KeyFactory keyFactory = KeyFactory.getInstance("RSA");
                _session_svr_key = keyFactory.generatePublic(spec);
            }
            catch(Exception e){
                e.printStackTrace();
            }
        }
    In the above code, it is the last line of the try block which fails - _session_svr_key is null:
    Code:
    keyFactory.generatePublic(spec);
    For the sake of completeness, this is an example of what I am feeding into the method:
    Code:
    -----BEGIN PUBLIC KEY-----
    MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnqYENP4e46M65PWUzqLZ
    geMS9K2Y7ugd35tcxJRBPJ2PH6+ldTibbkxX5z74vjIm18sAv6R2yZm6N8mfNKlW
    HKF5FwKKteUxZfR2w3lf7vrrGjI1u7hOU5FoarotPH0tm3uoJmPabkaPG/tyOhxi
    8NwsymsoTHsN4cQ2fWXq8Ch5bDbq2cx8oVHrHFvPaG0qWPs4LY42gG9ZErGwg3Bh
    dOV697eVPVdAFy+M7sYt0UNBjQuV8rbCb5zdMdYSznORgC70u2gIW9kkK23wpPS1
    YZtFXW3gXTZnrYNMZK+H+0EyTJI9wPL9Pbljfy3DjN7LLqqOv+ZdRp9m4mZ/syxG
    CwIDAQAB
    -----END PUBLIC KEY-----

IMN logo majestic logo threadwatch logo seochat tools logo