Tuesday 2 August 2011

Beginning Java Security on Android

Android provides all of the java security libraries in Java. Android provides cipher engine classes, Keystore, algorithms, public key cryptography, key generators and the like. The list of algorithms that are supported seems as in the java language updates. Some searching and trials may be needed on this. This is true for the simulator that comes with the android devices too. 

One difference is that, while the default security provider for java on desktops is SunJCE the one on android is bouncycastle. So the default keystore type is BKS rather than JKS. This was not so obvious at first but, a few trials showed that, the keystore was BKS and you can also have PKCS12 keystore. The rest is all the same except that, if you create a PKCS12 keystore you need to store an entry as a PKCS12 type/stream otherwise you get an exception asking for a PKCS12 type. 

Also, If the keystore path has a '.' anywhere in the path, storing the keystore throws exception. So if you stor your keystore at a location with your 'package folder' name for example 'com.myapp' it may result in exception. Removing the '.' character from the path name avoided this.

Monday 1 August 2011

Encrypting Text Editor Crystal v 1.0 for Android

About the application

In the past few weeks I put together an android application which is similar to Crystal in my old blog post. This application allows the user to store text data on an android device by encrypting it. Crystal v 1.0 for android uses java security libraries available on android sdk. Crystal allows you to create a master password for your data files. Once you set your master password, you can write files using crystal and save them in encrypted form and read them later with your master password. 

Crystal v 1.0 for android apk file is here . You will need a third party application to install it on your android phone. (Until I get my android market account set properly !)

    Welcome Screen
 More screen shots and how to use crystal is here 

Current limitations
1) Your master password is immutable.
2) Crystal Selects the location for files on your device automatically.
3) AES is the only algorithm supported in the current version.

How it works
Crystal uses java security on android to create a master keystore on your device. This key store holds your key which is used to encrypt/decrypt your data files. The keystore has a password which is the master password. You set this password while using the application and it automatically generates a symmetric key and stores it in your keystore.  The master password is never stored anywhere on your device. Your key is also safe as long as you keep your master password.