Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
35 changed files
with
922 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
/build |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,37 @@ | ||
apply plugin: 'com.android.application' | ||
|
||
apply plugin: 'kotlin-android' | ||
|
||
apply plugin: 'kotlin-android-extensions' | ||
|
||
android { | ||
compileSdkVersion 29 | ||
buildToolsVersion "29.0.2" | ||
defaultConfig { | ||
applicationId "com.example.androidsecurity" | ||
minSdkVersion 23 | ||
targetSdkVersion 29 | ||
versionCode 1 | ||
versionName "1.0" | ||
testInstrumentationRunner "androidx.test.runner.AndroidJUnitRunner" | ||
} | ||
buildTypes { | ||
release { | ||
minifyEnabled false | ||
proguardFiles getDefaultProguardFile('proguard-android-optimize.txt'), 'proguard-rules.pro' | ||
} | ||
} | ||
} | ||
|
||
dependencies { | ||
implementation fileTree(dir: 'libs', include: ['*.jar']) | ||
implementation"org.jetbrains.kotlin:kotlin-stdlib-jdk7:$kotlin_version" | ||
implementation 'androidx.appcompat:appcompat:1.1.0' | ||
implementation 'androidx.core:core-ktx:1.1.0' | ||
implementation 'com.squareup.okhttp3:okhttp:3.12.6' | ||
implementation 'androidx.constraintlayout:constraintlayout:1.1.3' | ||
implementation 'androidx.security:security-crypto:1.0.0-alpha02' | ||
testImplementation 'junit:junit:4.12' | ||
androidTestImplementation 'androidx.test.ext:junit:1.1.1' | ||
androidTestImplementation 'androidx.test.espresso:espresso-core:3.2.0' | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
# Add project specific ProGuard rules here. | ||
# You can control the set of applied configuration files using the | ||
# proguardFiles setting in build.gradle. | ||
# | ||
# For more details, see | ||
# http://developer.android.com/guide/developing/tools/proguard.html | ||
|
||
# If your project uses WebView with JS, uncomment the following | ||
# and specify the fully qualified class name to the JavaScript interface | ||
# class: | ||
#-keepclassmembers class fqcn.of.javascript.interface.for.webview { | ||
# public *; | ||
#} | ||
|
||
# Uncomment this to preserve the line number information for | ||
# debugging stack traces. | ||
#-keepattributes SourceFile,LineNumberTable | ||
|
||
# If you keep the line number information, uncomment this to | ||
# hide the original source file name. | ||
#-renamesourcefileattribute SourceFile |
24 changes: 24 additions & 0 deletions
24
app/src/androidTest/java/com/example/androidsecurity/ExampleInstrumentedTest.kt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
package com.example.androidsecurity | ||
|
||
import androidx.test.platform.app.InstrumentationRegistry | ||
import androidx.test.ext.junit.runners.AndroidJUnit4 | ||
|
||
import org.junit.Test | ||
import org.junit.runner.RunWith | ||
|
||
import org.junit.Assert.* | ||
|
||
/** | ||
* Instrumented test, which will execute on an Android device. | ||
* | ||
* See [testing documentation](http://d.android.com/tools/testing). | ||
*/ | ||
@RunWith(AndroidJUnit4::class) | ||
class ExampleInstrumentedTest { | ||
@Test | ||
fun useAppContext() { | ||
// Context of the app under test. | ||
val appContext = InstrumentationRegistry.getInstrumentation().targetContext | ||
assertEquals("com.example.androidsecurity", appContext.packageName) | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
<?xml version="1.0" encoding="utf-8"?> | ||
<manifest xmlns:android="http://schemas.android.com/apk/res/android" | ||
package="com.example.androidsecurity"> | ||
|
||
<uses-permission android:name="android.permission.INTERNET" /> | ||
<application | ||
android:allowBackup="true" | ||
android:icon="@mipmap/ic_launcher" | ||
android:label="@string/app_name" | ||
android:roundIcon="@mipmap/ic_launcher_round" | ||
android:supportsRtl="true" | ||
android:theme="@style/AppTheme"> | ||
<activity android:name=".MainActivity"> | ||
<intent-filter> | ||
<action android:name="android.intent.action.MAIN" /> | ||
|
||
<category android:name="android.intent.category.LAUNCHER" /> | ||
</intent-filter> | ||
</activity> | ||
</application> | ||
|
||
</manifest> |
Binary file not shown.
153 changes: 153 additions & 0 deletions
153
app/src/main/java/com/example/androidsecurity/MainActivity.kt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,153 @@ | ||
package com.example.androidsecurity | ||
|
||
import androidx.appcompat.app.AppCompatActivity | ||
import android.os.Bundle | ||
import android.util.Log | ||
import androidx.core.content.edit | ||
import androidx.security.crypto.EncryptedFile | ||
import androidx.security.crypto.EncryptedSharedPreferences | ||
import androidx.security.crypto.MasterKeys | ||
import kotlinx.android.synthetic.main.activity_main.* | ||
import okhttp3.* | ||
import java.io.* | ||
|
||
class MainActivity : AppCompatActivity() { | ||
|
||
private val encryptedPrefs by lazy { | ||
EncryptedSharedPreferences.create( | ||
PREFS_FILENAME, | ||
masterKeyAlias, | ||
this.applicationContext, | ||
EncryptedSharedPreferences.PrefKeyEncryptionScheme.AES256_SIV, | ||
EncryptedSharedPreferences.PrefValueEncryptionScheme.AES256_GCM | ||
) | ||
} | ||
|
||
private val file by lazy { File(filesDir, ENCRYPTED_FILE_NAME) } | ||
|
||
private val encryptedFile by lazy { | ||
EncryptedFile.Builder( | ||
file, | ||
this.applicationContext, | ||
masterKeyAlias, | ||
EncryptedFile.FileEncryptionScheme.AES256_GCM_HKDF_4KB | ||
).build() | ||
} | ||
|
||
override fun onCreate(savedInstanceState: Bundle?) { | ||
super.onCreate(savedInstanceState) | ||
setContentView(R.layout.activity_main) | ||
setupListeners() | ||
} | ||
|
||
private fun setupListeners() { | ||
securePrefsSave.setOnClickListener { encryptString(securePrefsInput.text.toString()) } | ||
securePrefsLoad.setOnClickListener { result.text = decryptString() } | ||
fileDownload.setOnClickListener { downloadAndEncryptFile() } | ||
fileDelete.setOnClickListener { deleteFile() } | ||
fileLoad.setOnClickListener { readFile() } | ||
fileDecrypt.setOnClickListener { decryptAndReadFile() } | ||
} | ||
|
||
private fun encryptString(value: String) { | ||
encryptedPrefs.edit { | ||
putString(ENC_KEY, value) | ||
apply() | ||
} | ||
result.text = getString(R.string.value_encrypted) | ||
} | ||
|
||
private fun decryptString(): String? = encryptedPrefs.getString(ENC_KEY, null) | ||
|
||
private fun deleteFile() { | ||
var success = false | ||
if (file.exists()) { | ||
success = file.delete() | ||
} | ||
result.text = getString(if (success) R.string.file_deleted else R.string.file_delete_error) | ||
} | ||
|
||
private fun downloadAndEncryptFile() { | ||
if (file.exists()) { | ||
Log.i("TAG", "Encrypted file already exists!") | ||
result.text = getString(R.string.file_exists) | ||
} else { | ||
Log.e("TAG", "Encrypted file does not exist exists! Downloading...") | ||
val request = Request.Builder().url(FILE_URL).build() | ||
okHttpClient.newCall(request).enqueue( | ||
object : Callback { | ||
override fun onFailure(call: Call, e: IOException) { | ||
result.text = e.message | ||
Log.e("TAG", "Error occurred!", e) | ||
} | ||
|
||
override fun onResponse(call: Call, response: Response) { | ||
onFileDownloaded(response.body()?.bytes()) | ||
} | ||
} | ||
) | ||
} | ||
} | ||
|
||
private fun onFileDownloaded(bytes: ByteArray?) { | ||
runOnUiThread { | ||
var encryptedOutputStream: FileOutputStream? = null | ||
try { | ||
encryptedOutputStream = encryptedFile.openFileOutput() | ||
bytes?.let { nonNullBytes -> encryptedOutputStream.write(nonNullBytes) } | ||
result.text = getString(R.string.file_downloaded) | ||
} catch (e: Exception) { | ||
Log.e("TAG", "Could not open encrypted file", e) | ||
result.text = e.message | ||
} finally { | ||
encryptedOutputStream?.close() | ||
} | ||
} | ||
} | ||
|
||
private fun decryptAndReadFile() { | ||
Log.i("TAG", "Encrypting file...") | ||
var encryptedInputStream: FileInputStream? = null | ||
try { | ||
encryptedInputStream = encryptedFile.openFileInput() | ||
val reader = BufferedReader(InputStreamReader(encryptedInputStream)) | ||
var text = "" | ||
reader.forEachLine { line -> text += "$line \n" } | ||
Log.e("TAG", text) | ||
result.text = text | ||
} catch (e: Exception) { | ||
Log.e("TAG", "Error occurred when reading encrypted file", e) | ||
result.text = e.message | ||
} finally { | ||
encryptedInputStream?.close() | ||
} | ||
} | ||
|
||
private fun readFile() { | ||
Log.i("TAG", "Loading encrypted file...") | ||
var encryptedInputStream: FileInputStream? = null | ||
try { | ||
encryptedInputStream = file.inputStream() | ||
val reader = BufferedReader(InputStreamReader(encryptedInputStream)) | ||
var text = "" | ||
reader.forEachLine { line -> text += "$line \n" } | ||
result.text = text | ||
} catch (e: Exception) { | ||
Log.e("TAG", "Error occurred when reading encrypted file", e) | ||
result.text = e.message | ||
} finally { | ||
encryptedInputStream?.close() | ||
} | ||
} | ||
|
||
companion object { | ||
val masterKeyAlias = MasterKeys.getOrCreate(MasterKeys.AES256_GCM_SPEC) | ||
val okHttpClient: OkHttpClient = OkHttpClient.Builder().build() | ||
const val ENC_KEY = "ENCRYPT_KEY" | ||
const val PREFS_FILENAME = "ENCRYPTED_PREFS" | ||
|
||
const val ENCRYPTED_FILE_NAME = "ENCRYPTED_FILE_NAME" | ||
const val FILE_URL = | ||
"https://raw.githubusercontent.com/stramek/Android-Security-Playground/master/README.md" | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,34 @@ | ||
<vector xmlns:android="http://schemas.android.com/apk/res/android" | ||
xmlns:aapt="http://schemas.android.com/aapt" | ||
android:width="108dp" | ||
android:height="108dp" | ||
android:viewportWidth="108" | ||
android:viewportHeight="108"> | ||
<path | ||
android:fillType="evenOdd" | ||
android:pathData="M32,64C32,64 38.39,52.99 44.13,50.95C51.37,48.37 70.14,49.57 70.14,49.57L108.26,87.69L108,109.01L75.97,107.97L32,64Z" | ||
android:strokeWidth="1" | ||
android:strokeColor="#00000000"> | ||
<aapt:attr name="android:fillColor"> | ||
<gradient | ||
android:endX="78.5885" | ||
android:endY="90.9159" | ||
android:startX="48.7653" | ||
android:startY="61.0927" | ||
android:type="linear"> | ||
<item | ||
android:color="#44000000" | ||
android:offset="0.0" /> | ||
<item | ||
android:color="#00000000" | ||
android:offset="1.0" /> | ||
</gradient> | ||
</aapt:attr> | ||
</path> | ||
<path | ||
android:fillColor="#FFFFFF" | ||
android:fillType="nonZero" | ||
android:pathData="M66.94,46.02L66.94,46.02C72.44,50.07 76,56.61 76,64L32,64C32,56.61 35.56,50.11 40.98,46.06L36.18,41.19C35.45,40.45 35.45,39.3 36.18,38.56C36.91,37.81 38.05,37.81 38.78,38.56L44.25,44.05C47.18,42.57 50.48,41.71 54,41.71C57.48,41.71 60.78,42.57 63.68,44.05L69.11,38.56C69.84,37.81 70.98,37.81 71.71,38.56C72.44,39.3 72.44,40.45 71.71,41.19L66.94,46.02ZM62.94,56.92C64.08,56.92 65,56.01 65,54.88C65,53.76 64.08,52.85 62.94,52.85C61.8,52.85 60.88,53.76 60.88,54.88C60.88,56.01 61.8,56.92 62.94,56.92ZM45.06,56.92C46.2,56.92 47.13,56.01 47.13,54.88C47.13,53.76 46.2,52.85 45.06,52.85C43.92,52.85 43,53.76 43,54.88C43,56.01 43.92,56.92 45.06,56.92Z" | ||
android:strokeWidth="1" | ||
android:strokeColor="#00000000" /> | ||
</vector> |
Oops, something went wrong.