androidencryptioncryptographyandroid-jetpackandroid-jetpack-security

image encryption with jetpack EncryptedFile security

google introduced security-crypto jetpack library

i want to use this library for encrypt image files, in documents of library there is no sample for encryption of image files.

i converted image to bitmap - bitmap to byte array - then used library As mentioned in the document finaly file is encrypted, but when the file is decoded, a black image appears i donot get any exception where is the problem?

public class MainActivity extends AppCompatActivity {
private ImageView imageView;

@Override
protected void onCreate(Bundle savedInstanceState) {
    super.onCreate(savedInstanceState);
    setContentView(R.layout.activity_main);

    imageView =findViewById(R.id.image);

    // get image from asset and convert to bitmap
    Bitmap bitmap = getBitmapFromAsset(this,"temp.jpg");
    byte[] bytesOfBitmap= BitmapToByteArray(bitmap);


    // encrypt
    File pathForSaveEncryptedFile=new File(getFilesDir().getAbsolutePath() + File.separator+"encrypted.me");
    try {
        encryptToFile(this,pathForSaveEncryptedFile,bytesOfBitmap);
    } catch (GeneralSecurityException | IOException e) {
        e.printStackTrace();
    }

    // decrypt and show to image view
    try {
        byte[] decryptedFile = decryptFile(this,pathForSaveEncryptedFile);
        imageView.setImageBitmap(ByteArrayToBitmap(decryptedFile));
    } catch (GeneralSecurityException | IOException e) {
        e.printStackTrace();
    }

}

private void encryptToFile(Context context,File pathToSave,byte[] contents) throws GeneralSecurityException, IOException {
    MasterKey mainKey = new MasterKey.Builder(context)
            .setKeyScheme(MasterKey.KeyScheme.AES256_GCM)
            .build();
    EncryptedFile encryptedFile = new EncryptedFile.Builder(context,
            pathToSave,
            mainKey,
            EncryptedFile.FileEncryptionScheme.AES256_GCM_HKDF_4KB
    ).build();

    OutputStream outputStream = encryptedFile.openFileOutput();
    outputStream.write(contents);
    outputStream.flush();
    outputStream.close();
}

private byte[] decryptFile(Context context ,File target) throws GeneralSecurityException, IOException {

    MasterKey mainKey = new MasterKey.Builder(context)
            .setKeyScheme(MasterKey.KeyScheme.AES256_GCM)
            .build();
    EncryptedFile encryptedFile = new EncryptedFile.Builder(context,
            target,
            mainKey,
            EncryptedFile.FileEncryptionScheme.AES256_GCM_HKDF_4KB
    ).build();
    InputStream inputStream = encryptedFile.openFileInput();
    ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
    int nextByte = inputStream.read();
    while (nextByte != -1) {
        byteArrayOutputStream.write(nextByte);
        nextByte = inputStream.read();
    }
    return byteArrayOutputStream.toByteArray();
}

private byte[] BitmapToByteArray(Bitmap bitmap){
    ByteArrayOutputStream stream = new ByteArrayOutputStream();
    bitmap.compress(Bitmap.CompressFormat.JPEG, 100, stream);
    return stream.toByteArray();
}

private Bitmap ByteArrayToBitmap(byte[] bytes){
    return BitmapFactory.decodeByteArray(bytes, 0, bytes.length);
}

private Bitmap getBitmapFromAsset(Context context, String fileName) {
    AssetManager assetManager = context.getAssets();
    InputStream istr;
    Bitmap bitmap = null;
    try {
        istr = assetManager.open(fileName);
        bitmap = BitmapFactory.decodeStream(istr);
    } catch (IOException e) {
        // handle exception
    }

    return bitmap;
}

}

also i converted image to base64(String) and use the library but not work.

Solution

  • You have two ways to encrypt / decrypt bitmaps.

    Solution 1

    To use the streams provided by EncryptedFile. No need to use Base64 encoding/decoding at all.

    Encrypt:

    private void encrypt(final Context context, final File target, final Bitmap bitmap) throws GeneralSecurityException, IOException {
    final MasterKey mainKey = new MasterKey.Builder(context)
            .setKeyScheme(MasterKey.KeyScheme.AES256_GCM)
            .build();
    
    final EncryptedFile file = new EncryptedFile.Builder(context,
            target, mainKey, EncryptedFile.FileEncryptionScheme.AES256_GCM_HKDF_4KB)
            .build();

    final OutputStream stream = file.openFileOutput();
    bitmap.compress(Bitmap.CompressFormat.JPEG, 90, stream);
    stream.flush();
    stream.close();
}

    Decrypt:

    private Bitmap decrypt(final Context context, final File target) throws GeneralSecurityException, IOException  {
    final MasterKey mainKey = new MasterKey.Builder(context)
            .setKeyScheme(MasterKey.KeyScheme.AES256_GCM)
            .build();
    
    final EncryptedFile file = new EncryptedFile.Builder(context,
            target, mainKey, EncryptedFile.FileEncryptionScheme.AES256_GCM_HKDF_4KB)
            .build();

    final InputStream stream = file.openFileInput();
    return BitmapFactory.decodeStream(stream);
}

    Solution 2

    1. Before encrypting, encode the bitmap bytes to base64.
    2. After decrypting, decode from base64 before converting back to bitmap.

    For your specific code sample do as next:

    private byte[] bitmapToByteArray(final Bitmap bitmap) {
    final ByteArrayOutputStream stream = new ByteArrayOutputStream();
    bitmap.compress(Bitmap.CompressFormat.JPEG, 100, stream);

    final String data = Base64.encodeToString(stream.toByteArray(), Base64.DEFAULT);

    return data.getBytes();
}

private Bitmap byteArrayToBitmap(final byte[] bytes) {
    final byte[] data = Base64.decode(bytes, Base64.DEFAULT);
    return BitmapFactory.decodeByteArray(data, 0, data.length);
}