Thursday, August 18, 2011

How to encrypt and decrypt data using Advanced Encryption Standard(AES) Java BlackBerry Pragramming

sample code provides information on how to encrypt and decrypt data using the most common symmetric key algorithm, Advanced Encryption Standard


package com.DataStore;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import javax.microedition.io.Connector;
import javax.microedition.io.file.FileConnection;
import javacard.security.CryptoException;
import net.rim.device.api.crypto.AESDecryptorEngine;
import net.rim.device.api.crypto.AESEncryptorEngine;
import net.rim.device.api.crypto.AESKey;
import net.rim.device.api.crypto.BlockDecryptor;
import net.rim.device.api.crypto.BlockEncryptor;
import net.rim.device.api.crypto.CryptoTokenException;
import net.rim.device.api.crypto.CryptoUnsupportedOperationException;
import net.rim.device.api.crypto.PKCS5FormatterEngine;
import net.rim.device.api.crypto.PKCS5UnformatterEngine;
import net.rim.device.api.crypto.RandomSource;
import net.rim.device.api.crypto.SHA1Digest;
import net.rim.device.api.system.EncodedImage;
import net.rim.device.api.util.Arrays;
import net.rim.device.api.util.DataBuffer;

public class CryptoRSA {

    private String keyMessage = "Data sent between a BlackBerry device and the BlackBerry Enterprise Server is encrypted using Triple DES (Date Encryption Standard) or AES (Advanced Encrption Standard). This is performed automatically and does not require application implementation to use it.There are cases where encrypting data can be required, such as secure communication with an external application using the BlackBerry Mobile Data Server. Communication between the BlackBerry and BlackBerry Mobile Data Server would be automatically encrypted but communication between the BlackBerry Mobile Data Server and an application server would not unless implemented in the BlackBerry application.";

    public byte[] encrypt(byte[] data ) throws CryptoException, IOException, CryptoTokenException, CryptoUnsupportedOperationException
    {
    AESKey key = new AESKey( keyMessage.getBytes() );
    // Now, we want to encrypt the data.
    // First, create the encryptor engine that we use for the actual
    AESEncryptorEngine engine = new AESEncryptorEngine( key );

    // Since we cannot guarantee that the data will be of an equal block
    // length we want to use a padding engine (PKCS5 in this case).
    PKCS5FormatterEngine fengine = new PKCS5FormatterEngine( engine );

    // Create a BlockEncryptor to hide the engine details away.
    ByteArrayOutputStream output = new ByteArrayOutputStream();
    BlockEncryptor encryptor = new BlockEncryptor( fengine, output );

    // Now we need to do is write our data to the output stream.
    // But before doing so, let's calculate a hash on the data as well.
    // A digest provides a one way hash function to map a large amount
    // of data to a unique 20 byte value (in the case of SHA1).
    SHA1Digest digest = new SHA1Digest();
    digest.update( data );
    byte[] hash = digest.getDigest();
    // Now, write out all of the data and the hash to ensure that the
    // data was not modified in transit.
    encryptor.write( data );
    encryptor.write( hash );
    encryptor.close();
    output.close();

    // Now, the encrypted data is sitting in the ByteArrayOutputStream.
    // We simply want to retrieve it.
    return output.toByteArray();
    }

    public byte[] decrypt(byte[] ciphertext ) throws CryptoException, IOException, CryptoTokenException, CryptoUnsupportedOperationException
    {
    // First, create the AESKey again.
    AESKey key = new AESKey( keyMessage.getBytes() );

    // Now, create the decryptor engine.
    AESDecryptorEngine engine = new AESDecryptorEngine( key );
    // Since we cannot guarantee that the data will be of an equal block length
    // we want to use a padding engine (PKCS5 in this case).
    PKCS5UnformatterEngine uengine = new PKCS5UnformatterEngine( engine );

    // Create the BlockDecryptor to hide the decryption details away.
    ByteArrayInputStream input = new ByteArrayInputStream( ciphertext );
    BlockDecryptor decryptor = new BlockDecryptor( uengine, input );

    // Now, read in the data. Remember that the last bytes represent
    // the SHA1 hash of the decrypted data.
    byte[] temp = new byte[ 100 ];
    DataBuffer buffer = new DataBuffer();

    for( ;; ) {
        int bytesRead = decryptor.read( temp );
        buffer.write( temp, 0, bytesRead );

        if( bytesRead < 100 ) {
        // We ran out of data.
        break;
        }
    }

    byte[] plaintextAndHash = buffer.getArray();
    int plaintextLength = plaintextAndHash.length - SHA1Digest.DIGEST_LENGTH;
    byte[] plaintext = new byte[ plaintextLength ];

    System.arraycopy( plaintextAndHash, 0, plaintext, 0, plaintextLength );
   
    return plaintext;
    }
}

3 comments:

  1. i want to encrypt a 30+mb file present on SDCard.

    I tried using AES-128,256 bit key, Base64, DES algorithms.

    But, all of them
    fails throwing an "Out of Memory" error while encoding the data.

    please help in this matter

    ReplyDelete
  2. i want to encrypt a 30+mb file present on SDCard.

    I tried using AES-128,256 bit key, Base64, DES algorithms.

    But, all of them
    fails throwing an "Out of Memory" error while encoding the data.

    please help in this matter

    ReplyDelete
  3. in that case you can save bytes time to time without waiting to complete all 30mb.some splitting mechanism will help

    ReplyDelete