I tried to encrypt and save a file to the same location in the external storage with a different file name. But the way I have used is seems like wrong. Please help someone.
public static void encrypt(SecretKey secretKey, String filePath, IvParameterSpec iv){
try {
String file = "";
// Here you read the cleartext.
FileInputStream fis = new FileInputStream(filePath);
// This stream write the encrypted text. This stream will be wrapped by another stream.
//String filePath2 = filePath+"enc";
file = filePath.substring(0,filePath.length()-5)+"enc.jpeg";
FileOutputStream fos = new FileOutputStream(file);
Log.i(TAG, "Uri = "+file);
// Create cipher
Cipher cipher = Cipher.getInstance("AES/ECB/NoPadding");
cipher.init(Cipher.ENCRYPT_MODE, secretKey);
// Wrap the output stream
CipherOutputStream cos = new CipherOutputStream(fos, cipher);
// Write bytes
int b;
byte[] d = new byte[8];
while ((b = fis.read(d)) != -1) {
cos.write(d, 0, b);
}
// Flush and close streams.
cos.flush();
cos.close();
fis.close();
}catch(IOException e){
e.printStackTrace();
}catch (NoSuchAlgorithmException e){
e.printStackTrace();
}catch(NoSuchPaddingException e){
e.printStackTrace();
}catch(InvalidKeyException e){
e.printStackTrace();
}/*catch (InvalidAlgorithmParameterException e){
e.printStackTrace();
}*/
}
Manifest file containing both read and write permissions.
You specify "AES/ECB/NoPadding".
With ECB there is no iv and thus no need to supply one on calling the encrypt method. ECB mode is insecure, see ECB mode, scroll down to the Penguin.
AES is a block cipher and as such it encrypts block sized portions at a time thus the input needs to be a multiple of the block size. Padding accomplished this transparently but you have specified "NoPadding" so the input file size ,just be an exact multiple of the block size, for AES that is 16-bytes. Instead use PKCS#7 (some tined referred to as PKCS#5) padding.
The simplest solution is to use a library that puts all the elements of secure encryption together including password derivation, a random iv, padding, encryption authentication. Consider RNCryptor, it provides all of this plus versioning. See RNCryptor README and RNCryptor-Spec for more information.
Related
I doing encryption and decryption of document. Initially i read the file in byte array and passed that byte array to my encrypeted method. Upto 50MB size , i am able to encrypt the file without any issue. But if i increase my file SIZE to 80 MB , it is faling in cipher.doFinal() saying out of memoryException.
So how to encrypt bigger file without any issues? and also is doFinal() method have any size limitation. Please let me know.
and this is my code:
public String decrypt(byte[] file_encrypt) throws Exception {
String key22 = myKey;
byte[] b = key22.getBytes();
final SecretKey key = new SecretKeySpec(b, "DESede");
final IvParameterSpec iv = new IvParameterSpec(new byte[8]);
final Cipher decipher = Cipher.getInstance("DESede/CBC/NoPadding");
decipher.init(Cipher.DECRYPT_MODE, key, iv);
final byte[] plainText = decipher.doFinal(file_encrypt);
try {
String dir = Environment.getExternalStorageDirectory() + File.separator + ".android";
String dir2 = Environment.getExternalStorageDirectory() + File.separator + ".android/.androidmain";
File folder = new File(dir); //folder name
File folder2 = new File(dir2); //folder name
if (!folder.exists())
folder.mkdirs();
if (!folder2.exists())
folder2.mkdirs();
File file = new File(Environment.getExternalStorageDirectory() + File.separator + ".android/.androidmain/file");
if (file.exists()) {
// Toast.makeText(contInst, "111", Toast.LENGTH_SHORT).show();
} else {
// Toast.makeText(contInst, "3333", Toast.LENGTH_SHORT).show();
file.createNewFile();
}
BufferedOutputStream bos = new BufferedOutputStream(new FileOutputStream(file));
bos.write(plainText);
bos.flush();
bos.close();
videoplay.setSource(Uri.fromFile(file));
} catch (FileNotFoundException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
} catch (Exception e) {
e.printStackTrace();
}
return "ok";
}
When encrypting or decrypting, both the plain text and the encrypted text should be in the memory(RAM) at least one time.
But Java allow you to use limited memory. If you want to go from 50MB to 80MB, maybe using android:largeHeap=true in the application of your manifest will work. But if you want even a higher limit, you may want to perform the encryption by splitting up the file and performing encryption piece by piece.
Is it possible to download a PDF from server and save in format that only my application can read?
This is my working example used in my app ....hope this help you
Is it possible to download pdf from server and save
Yes i have use retrofit library to download pdf file from server you can use Volly or Loopj AsyncTask as well
After downloading pdf file you will get InputeStream object of file than encrypt that and store in app private folder (so no other application can able to use it)
public static File encryptAndSaveFileInPrivateFolder(
Context context, String albumName, InputStream inputStream, String fullFileName) {
File file = null;
try {
// Get the directory for the app's private pictures directory.
File fileDirectory = new File(context.getExternalFilesDir(
Environment.DIRECTORY_PICTURES),""+albumName);
if (!fileDirectory.exists()) {
fileDirectory.mkdirs();
}
file = new File(fileDirectory,""+fullFileName);
if (file.exists()) {
file.delete();
}
FileOutputStream output = new FileOutputStream(file);
encrypt(inputStream,output);
inputStream.close();
} catch (Exception e) {
e.printStackTrace();
}
return file;
}
This method encrypt your file
public static void encrypt(InputStream fis,FileOutputStream fos ) throws IOException, NoSuchAlgorithmException
, NoSuchPaddingException, InvalidKeyException {
// Here you read the cleartext.
//FileInputStream fis = new FileInputStream("data/cleartext");
// This stream write the encrypted text. This stream will be wrapped by another stream.
// FileOutputStream fos = new FileOutputStream("data/encrypted");
String password ="passwordProtectd";
// Length is 16 byte
byte[] inputByte = password.getBytes("UTF-8");
SecretKeySpec sks = new SecretKeySpec(inputByte, "AES");
// SecretKeySpec sks = new SecretKeySpec(password.getBytes(), "AES");
// Create cipher
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.ENCRYPT_MODE, sks);
// Wrap the output stream
CipherOutputStream cos = new CipherOutputStream(fos, cipher);
// Write bytes
int b;
byte[] d = new byte[8];
while((b = fis.read(d)) != -1) {
cos.write(d, 0, b);
}
// Flush and close streams.
cos.flush();
cos.close();
fis.close();
}
Than show pdf using intent
public void decryptFileAndShow(Context context,File mFile) {
try{
if (null != mFile) {
String parentPath = mFile.getAbsoluteFile().getParent();//Actual encrypted file path
File tempFile = new File(parentPath, "report.pdf"); //Created new file that decrypted format after view we will delete this
//tempFile =File.createTempFile("prefix","TestMyPDF.pdf", context.getExternalFilesDir(""));
Utilities.decrypt( new FileInputStream(mFile), new FileOutputStream(tempFile));
Intent intent = new Intent(Intent.ACTION_VIEW);
intent.setDataAndType(Uri.fromFile(tempFile), "application/pdf");
intent.setFlags(Intent.FLAG_ACTIVITY_NO_HISTORY);
context.startActivity(intent);
tempFile.deleteOnExit();
}
}catch (Exception e){
e.printStackTrace();
}
}
Last the method used for decryption
public static void decrypt(FileInputStream fis,FileOutputStream fos ) throws IOException, NoSuchAlgorithmException,
NoSuchPaddingException, InvalidKeyException {
// FileInputStream fis = new FileInputStream("data/encrypted");
// FileOutputStream fos = new FileOutputStream("data/decrypted");
String password ="passwordProtectd";
byte[] inputByte = password.getBytes("UTF-8");
SecretKeySpec sks = new SecretKeySpec(inputByte, "AES");
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.DECRYPT_MODE, sks);
CipherInputStream cis = new CipherInputStream(fis, cipher);
int b;
byte[] d = new byte[8];
while((b = cis.read(d)) != -1) {
fos.write(d, 0, b);
}
fos.flush();
fos.close();
cis.close();
}
Is it possible to download pdf from server.
Yes, it is possible. Download your pdf and encrypt and decrypt your file accordingly.
You can try like this using CipherOuputStream and CipherInputStream:
byte[] buf = new byte[1024];
Encryption:
public void encrypt(InputStream in, OutputStream out) {
try {
// Bytes written to out will be encrypted
out = new CipherOutputStream(out, ecipher);
// Read in the cleartext bytes and write to out to encrypt
int numRead = 0;
while ((numRead = in.read(buf)) >= 0) {
out.write(buf, 0, numRead);
}
out.close();
} catch (java.io.IOException e) {
}
}
Decryption:
public void decrypt(InputStream in, OutputStream out) {
try {
// Bytes read from in will be decrypted
in = new CipherInputStream(in, dcipher);
// Read in the decrypted bytes and write the cleartext to out
int numRead = 0;
while ((numRead = in.read(buf)) >= 0) {
out.write(buf, 0, numRead);
}
out.close();
} catch (java.io.IOException e) {
}
}
If I understand your question correctly, you want your application to be the only application that reads this particular PDF files. You want to know how you can ensure that you do that.
Since your requirement is not genuine(hacky), the solution also has to be a bit hacky.
You can download the file and store it with your own custom extension (eg. file.mypdf)
Have an intent filter, that supports mimetypes matching .mypdf files
You could have the server encrypt the download and your client side app decrypt it using a public/private key pair. This would prevent anyone with a snooping proxy from observing and saving your content, but it wouldn't deter the most determined users from stealing these documents as they would eventually exist in decrypted form somewhere. To achieve that you'd probably ave to create your own PDF viewer and damage the bytes of the PDF in a way that your viewer can do, but no other viewer can recover
So the scenario of my problem is in my application I am fetching some file from the internet then I put them in internal storage then when user wants to access these file User can access them through my application.
I did all the thing but I want to provide some security in my application So what I want is?
User can see my file only in my application. User unable to access them from the file manager. Don't tell me the solution to put dot
before file name or folder name I did that the problem with this
solution is when I access them by putting dot before file name the
file are again visible .
I also want that when the user open my file ,just like a pdf in pdf reader He/She restricted to save or download them through pdf
reader or another application.
Any Kind of help is appreciated by me.
You can encrypt that file so user won't be able to access them. here is the encryption method which works for me.
public void encrypt() throws IOException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException {
// Here you read your file.
FileInputStream fis = new FileInputStream("Path Of your file");
// This stream write the encrypted text. This stream will be wrapped by another stream.
FileOutputStream fos = new FileOutputStream("Path Of your file");
// Length is 16 byte
SecretKeySpec sks = new SecretKeySpec("MyDifficultPassw".getBytes(), "AES");
// Create cipher
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.ENCRYPT_MODE, sks);
// Wrap the output stream
CipherOutputStream cos = new CipherOutputStream(fos, cipher);
// Write bytes
int b;
byte[] d = new byte[8];
while((b = fis.read(d)) != -1) {
cos.write(d, 0, b);
}
// Flush and close streams.
cos.flush();
cos.close();
fis.close();
}
Here is the method for decryption of particular file.
public void decrypt() throws IOException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException {
FileInputStream fis = new FileInputStream("Path Of your file");
FileOutputStream fos = new FileOutputStream("Path Of your file");
SecretKeySpec sks = new SecretKeySpec("MyDifficultPassw".getBytes(), "AES");
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.DECRYPT_MODE, sks);
CipherInputStream cis = new CipherInputStream(fis, cipher);
int b;
byte[] d = new byte[8];
while((b = cis.read(d)) != -1) {
fos.write(d, 0, b);
}
fos.flush();
fos.close();
cis.close();}
you can encrypt your files with an encryption algorithm and save them with your custom file extension then you can make an intent filter for opening them from File Manager and for more security i prefer the JNI For whole Encryption system .
I am developing an Android application for which I am decrypting a large file using Cipher Class of Android.
Code:
private byte[] decrypt_chunk(byte[] data, ByteString chunk_encryption_key) {
SecretKeySpec skeySpec = new SecretKeySpec(chunk_encryption_key.toByteArray(), 1, 16, "AES");
Cipher cipher;
byte[] decrypted = new byte[0];
try {
cipher = Cipher.getInstance("AES/CFB/NoPadding");
cipher.init(Cipher.DECRYPT_MODE, skeySpec, new IvParameterSpec(getIV(0)));
decrypted = cipher.doFinal(data);
} catch (NoSuchAlgorithmException | NoSuchPaddingException e) {
e.printStackTrace();
} catch (InvalidKeyException e) {
e.printStackTrace();
} catch (InvalidAlgorithmParameterException e) {
e.printStackTrace();
} catch (ShortBufferException e) {
e.printStackTrace();
}
return decrypted;
}
I am getting "OutOfMemory" error while decrypting large files.
I have following questions:
What chanegs in the current code can fix the OOM error?
Will Cipher.update() can help to fix the issue? If yes, how to implement it?
Thank you.
Using the Cipher.update() method is one possible way.
However in your case I recommend to you to use a CipherOutputStream instead. I assume you have an InputStream for retrieving the data from the server and an FileOutputStream for saving the data into a file.
Using the CipherOutputStream is pretty simple, just "wrap-it" around the FileOutputStream:
FileOutputStream fout = ...
CipherOutputStream cout = new CipherOutputStream(fout, cipher);
Now continue to use cout instead of fout and everything you write into it will be automatically encrypted.
I have an application in which I am using the code to decrypt the file which is already encrypted. The file location is "/mnt/sdcard/myfolder/test.mp4". The size of test.mp4 file is approx 20MB.
When I am using the following code to decrypt the encrypted files of small size, the files are successfully decrypted but when I am trying to decrypt the large video files, an exception of outOfMemoryException is occured.
Here is the code :
FileOutputStream fos = new FileOutputStream(outFilePath);
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
byte[] keyBytes= new byte[16];
//byte[] b= key.getBytes(Charset.forName("UTF-8"));
byte[] b= key.getBytes("UTF-8");
Log.i("b",""+b);
int len= b.length;
Log.i("len",""+len);
if (len > keyBytes.length) len = keyBytes.length;
System.arraycopy(b, 0, keyBytes, 0, len);
SecretKeySpec keySpec = new SecretKeySpec(keyBytes, "AES");
IvParameterSpec ivSpec = new IvParameterSpec(keyBytes);
cipher.init(Cipher.DECRYPT_MODE,keySpec,ivSpec);
byte[] results = new byte[cipher.getOutputSize(abc.length)];
try
{
Log.i("output size:", ""+cipher.getOutputSize(abc.length));
***results = cipher.doFinal(abc);***
}
catch (Exception e) {
// TODO: handle exception
Log.e("EXCEPTION:", e.getMessage());
}
fos.write(results);
NOTE: byte[] abc = new byte[64]; contains the input byte array.
From your question, or at least from the code you posted, there is nothing that would couse OutOfMemoryException, especially since array abc is only 64 bytes long. But you said you get the exception when working with large files. So my inference,
Somewhere in your code (not in posted part), you are trying to read full file into any array, or trying to hold it in array. Android does impose a memory limit on application (16 MB for most devices), this limit includes the memory used for UI elements. So there is not much memory there for you to play with.
Now ideally, what you should do is to create a decrypt block, that works with streams. CipherInputStream does looks promising. And this stackoverflow thread, might be of interest if you are thinking of using CipherInputStream.