RSA encryption in android programming
Recently in a project I have to send an encrypted message from application to destination(e.g. server or another app). So I read about encryption algorithms and found AES and RSA.
AES : in this algorithm we have one key for both encryption and decryption and both sender and receiver must know the key
RSA : in this algorithm we have two key. The first is public key which is public and every body that want to send a message for us must know it and its used for encryption. The second key is private key which is private and it is used for decryption.
Notice : the maximum size of data which can be encrypted with RSA is 245 bytes. So we can't encrypt all message with this algorithm. We have to first encrypt all message with AES(with one KEY) then we encrypt that key with RSA algorithm.
Ok lets start our scenario
In this scenario we have some clients. As soon as they install our app, application will generates public and private keys. Users for send message to each other must know the public keys of each other. After typing a message by user, the whole message will be encrypted by AES key(created randomly). Then we encrypt that key by destination public key. Thus only the destination can decrypt the message by its private key.
The code
- Generate RSA keys
try {
KeyPairGenerator kpg;
KeyPair kp;
PublicKey publicKey;
PrivateKey privateKey;
kpg = KeyPairGenerator.getInstance("RSA");
kpg.initialize(128);
kp = kpg.genKeyPair();
publicKey = kp.getPublic();
privateKey = kp.getPrivate();
} catch (Exception e) {
}
2. Encrypt whole message by AES
import this library from GitHub ==>> https://github.com/scottyab/AESCrypt-Android
Random r = new Random( System.currentTimeMillis() );
int key = 10000 + r.nextInt(20000);
String encrypted = AESCrypt.encrypt(String.valueOf(key),"my message");
3. Encrypt key by destination public key
String encryptedKey = RSAEncrypt(String.valueOf(key),"Destination public");
4. RSAEncrypt method
public String RSAEncrypt(final String plain,PublicKey publicKey) {
try {
Cipher cipher;
cipher = Cipher.getInstance("RSA");
cipher.init(Cipher.ENCRYPT_MODE, publicKey);
byte [] encryptedBytes = cipher.doFinal(plain.getBytes());
return bytesToString(encryptedBytes);
}
catch (Exception e)
{
return "-1";
}
}
5. bytesToString method
public String bytesToString(byte[] b) {
byte[] b2 = new byte[b.length + 1];
b2[0] = 1;
System.arraycopy(b, 0, b2, 1, b.length);
return new BigInteger(b2).toString(36);
}
Now send both encrypted text and encrypted key to the destination
DESTINATION SIDE
6.In destination first decrypt the AES key (encryptedKey)
String key = RSADecrypt("encryptedKey","Destination private key");
7. RSADecrypt method
public String RSADecrypt(String encryptedBytes,PrivateKey privateKey) {
try {
Cipher cipher1 = Cipher.getInstance("RSA");
cipher1.init(Cipher.DECRYPT_MODE, privateKey);
byte [] decryptedBytes = cipher1.doFinal(UTILS.stringToBytes(encryptedBytes));
return new String(decryptedBytes);
}
catch (Exception e)
{
return "-1";
}
}
8. Now you have the key lets decrypt the message
String decryptedMessage = AESCrypt.decrypt(key,"Encrypted message")