Lab 7 - Cryptography

• Protect the app's data using encryption
• Use Android's Keystore to generate and store cryptographic keys
• Protect the app's APK using signing
• Use Android's KeyStore to generate and store cryptographic keys and use them to sign an app
• Verify message integrity using HMAC (hash-based message authentication code)
  • generate HMAC to sign a message
  • verify HMAC to check that the received message was not modified

Target API >= 23. - the reason is provided in the Android Keystore section

If you are Android users you might have noticed that certain apps require you to setup a lock screen for your device if you don't have one already.

Android's Keyguard handles the lock/unlocking of the device. The SDK offers the KeyguardManager system service using which you can check if the device is secured with a screen lock and if it's locked or not.

To interact with this service, you need to obtain it using the Context's method getSystemService and providing it a string representing the service, in this case the Context.KEYGUARD_SERVICE constant. You have done something similar, in a previous lab for obtaining Connectivity Service.

// assuming this is called from an Activity, which is a Context
keyguardService = (KeyguardService) getSystemService(Context.KEYGUARD_SERVICE); 

To improve the app's security allow access to the app only if the device is protected by a Lock screen. Don't allow the use of the app unless it is set.

• Hint: use KeyguardManager.isDeviceSecure method
• Show an Alert Dialog (tutorial) informing the users that they need to setup their Lock screen.
  • for the setPositiveButton send an implicit intent with the action DevicePolicyManager.ACTION_SET_NEW_PASSWORD
  • for the setNegativeButton close the app (call finish())
• You can perform this check when the activity is resuming.

If you skip this task and your phone is not secured, the decryption from the other tasks might throw an Exception unless you set a flag like in this solution.

The Android Keystore system (tutorial, documentation) provides mechanisms for securing storage and for generating the cryptographic keys needed by an app. Its role as a security container is guaranteed by the fact that the keys cannot be extracted from the application's process and from the device.

Why do we need this?

• user authentication
• use the keys to secure data stored in internal storage or shared preferences
• hold the keys needed for the communication between the app and a remote device/server, e.g. if we encrypt the communication between the app and a wearable device.

The Android M (Marshmallow, API Level 23) release introduced several security related improvements and features: runtime permissions, different SSL library and updates for its Keystore API, which is now supporting also symmetric keys in addition to the asymmetric available from API 18. The way we generate these keys also changed from this level, now using KeyGenParameterSpec instead of the KeyPairGeneratorSpec.

Terminology and classes related to the Keystore system, some of them from Java Cryptography API:

• Provider
  • implementation of the Java Security API features: algorithms, key related operations
  • although we can have multiple providers, we need to use only one when creating the keystore
  • “AndroidKeyStore” is the provider introduced in API 18
  • we must specify a provider when using the Android Keystore system
• KeyPairGenerator - generates the keys based on a given algorithm and using a given provider.
• Cipher - cipher transformations
  • used for encryption, decryption, signing
  • the transformation is configured by specifying the algorithm or the combination of algorithm + mode + padding
• SecretKey — a symmetric key
• Certificate - represents certificates and also provides the public key
• PrivateKey — the key from the asymmetric algorithms
• Alias - the name of the key as we identify it inside the keystore. We provide this alias when storing the key and when retrieving it.

1. Obtain a Keystore instance with a given Provider. In our examples we will use the “AndroidKeyStore” provider.
2. Call one of the load methods, depending if we use a password for the keystore or not. If we use no password we can just call load(null). This password is unrelated to the device password if a LockScreen is setup.

 keyStore = KeyStore.getInstance("AndroidKeyStore");
 keyStore.load(inputStream, password);

To obtain the keys:

• getKey(alias, password) - the private key or the secret key
• getCertificate(alias).getPublicKey() - the public key
• containsAlias - to check if a key with a given alias exists in the Keystore

If you have not provided a password to the Keystore, when you get the keys just provide null as the password parameter.

To generate the keys (API > 23):

1. Obtain a KeyPairGenerator with a given algorithm and provider (list of supported algorithms)
2. Create a KeyGenParameterSpec for configuring all the parameters need for the keys (e.g. size, dates, purpose)
   • ! we can limit the usage of a key by providing a specific purpose (available purposes are defined in Builder docs)
3. Provide the key specification to the key generator using one of the initialize methods
4. Obtain a KeyPair object by calling the KeyPairGenerator's generateKeyPair method

// (1)
KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
// instead of using hardcoded strings, we can also use the KeyProperties.KEY_ALGORITHM_* variables.
 
// (2) create keys only used for signing
KeyGenParameterSpec keyGenParameterSpec = new KeyGenParameterSpec.Builder(alias, KeyProperties.PURPOSE_SIGN)
                .setDigests(KeyProperties.DIGEST_SHA256, KeyProperties.DIGEST_SHA512)
                .setSignaturePaddings(KeyProperties.ENCRYPTION_PADDING_NONE)
                .build();
// (3)                   
generator.initialize(keyGenParameterSpec);
 
// (4)
generator.generateKeyPair();

To store the keys:

• No need to call anything explicitly, they are automatically saved by the generateKeyPair() of the KeyPairGenerator.

When the app starts, initialize the Keystore and generate a pair of keys if they don't exist yet.

• Generate a pair of asymmetric keys with the following configuration:
  • purposes: ENCRYPT, DECRYPT
  • RSA
  • key size 2048
  • encryption paddings: RSA_PCKS1 (use setEncryptionPaddings)
• Generate the keys only once, not every time you start the app
  • check if the keys exist using the containsAlias method provided by the KeyStore
• Use the AndroidKeyStore provider when initializing the Keystore, like in the we showed in this section.
• Design Advice: separate the crypto logic from the UI logic. In MainActivity just call methods of a separate class, that handles the initialization of the keystore, the generation of keys etc.

Using the keys obtained from the Keystore, we can perform cryptographic transformations on our data using the Cipher class.

In the following example we encrypt and decrypt data using a symmetric key algorithm. For an asymmetric-key algorithm the code is similar, it differs just the initialization of the Cipher and that we provide the public key for encryption and the private one for decryption.

// The KeyPairGenerator was configured with the spec:
// * KeyProperties.KEY_ALGORITHM_RSA (asymmetric-key algorithm)
// * KeyProperties. ENCRYPTION_PADDING_RSA_PKCS1
Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding"); //<-- provide the same configuration!
 
// Encrypt
cipher.init(Cipher.ENCRYPT_MODE, publicKey);
byte[] bytes = cipher.doFinal(data);
String encodedData = Base64.encodeToString(bytes, Base64.DEFAULT);
 
// Decrypt
cipher.init(Cipher.DECRYPT_MODE, privateKey);
byte[] encryptedData = Base64.decode(encodedData, Base64.DEFAULT);
String data = new String(cipher.doFinal(encryptedData));

• When the user presses the “Save” button encrypt the data provided by the user and store them as SharedPreferences
• Initialise the Cipher with the following algorithm/mode/padding string: “RSA/ECB/PKCS1Padding”

• When the user presses the “Show pin” button load the data from SharedPreferences and decrypt it

• Save more than one description & pin pair and show them in a list.

If you want to install an application on Android, the apk must be digitally signed with a certificate. For example, when you test your application on the emulator, Android Studio signs the apk with a debug certificate. The first time when you run or debug a project in Android Studio, a debug keystore and certificate is automatically created using the Android SDK tools in $HOME/.android/debug.keystore. Also the keystore is initialized and the key password is set.

As a security measure the debug certificate needs to be used only for testing and for debug builds. This certificate is not secure for using on app stores.

For later runs/debugs Android Studio automatically stores the debug signing configuration so that we do not need to enter it every time we launch the app. The signing configuration contains the keystore location $HOME/.android/debug.keystore, keystore password, key name and key password. This debug signing configuration used at run/debug is not available for editing. You can create a signing config for your release builds.

Steps for generating and uploading key and keystore:

1. Go to Build > Generate Signed Bundle/APK
2. Select APK
3. Under Key store path choose Create new
4. Complete the fields and then continue with the signing steps below

From here we continue to sign the app with the key stored in the newly created keystore. You can skip the first two steps if you are already in the window at the 3rd step:

1. Build → Generate Signed Bundle/APK
2. In the Generate Signed Bundle/APK choose APK
3. The app module should be selected if not choose it or choose a module from the drop down
4. Enter the path to your keystore, the alias for the key and the passwords for keystore and key
5. Enter destination folder for the signed app, enter the release build type, choose the flavor
6. Choose the APK Signature version your app to support - v2 for Android 7.0+
7. Finish

For more details on application signing and distribution check App Signing

In this task will see how Android applications are signed:

• Create a new application (with an empty activity).
• Using the steps presented in the lab create a key and keystore and generate the signed APK of the application.
• Use adb tool to install the APK.

In this task will create a signing configuration for different build types.

1. Create a release signing configuration with the data from Task 1. Auto sign
2. Build a release version when pressing Run. Check Build → Select Build Variant view from Android Studio.
3. Create a release signing configuration using a new key.
4. Sign the application wth the new release config and use adb to install the signed apk. You should install the new signed apk on top of the one from item #2. What happens with the application?

Add an activity to the project. Include an EditText and a Button in the first activity. When the user types a text and presses the button, it will send the text to the second activity through an intent (putExtra). In the second activity, get the message from the Intent and display it in the TextView.

In the first activity generate a symmetric key using KeyGenerator for HmacSha256 algorithm. Save this key in a Singleton (that can be accessed from both activities). Then generate the HMAC of the text introduced by the user (using MAC with HmacSha256 algorithm) and send the HMAC along with the initial message (through the Intent). In the second activity, obtain the HMAC from the Intent, obtain the Singleton, get the symmetric key and recompute the HMAC. If the HMAC is valid (equal with the recomputed one), Display the message “Data is unmodified”.

Send the data and HMAC as byte arrays in the Intent. Use Arrays.equals() for byte arrays comparison.

 String secret = "secret";
 String message = "important message";
 
 Mac sha256HMAC = Mac.getInstance("HmacSHA256");
 SecretKeySpec secretKey = new SecretKeySpec(secret.getBytes(),"HmacSHA256");
 sha256HMAC.init(secretkey);
 byte[] secretMessageBytes = sha256HMAC.doFinal(message.getBytes())

• Optional code skeleton: archive github
• Android Cryptography Guide
• Keystore tutorial
• Jetpack Security library - new library, in beta
• EncryptedSharedPreferences example
• Secure data in Android — Encryption in Android (Part 1)
• Lecture 5 - Cryptography and Network Security
• Security Best Practices: Symmetric Encryption with AES in Java and Android