Learn how to use Alibaba Cloud’s Key Management Service (KMS) to create, control, and manage encryption keys on your Android mobile device in this tutorial.
Let’s be friends:
Comment ( 0)
Join the DZone community and get the full member experience.
In this tutorial, we will explore how to use the Alibaba Cloud Key Management Service (KMS) to create, control, and manage your encryption keys on your mobile device.
You need an Alibaba Cloud Account. If you need, you can sign up for a free trial here.
Android Studio 3.0.0
Basic knowledge of Android/Java
Please login to Alibaba Cloud, navigate to the console, and click on «KMS Service.»
Activate the service.
Please make a note of the region you want to create the keys in. I created in the «Hangzhou» region.
You can follow this illustrative guide for obtaining access keys.
Please make a note of all keys.
Create an Android project with the name you want. I gave it the name «KMSSample.»
Select the minimum SDK and the device compatibility. I am targeting devices with a minimum API level 19 and later, for only phones and tablets.
Select «Empty activity» and proceed.
Keep all the defaults as shown and click «finish.»
We have only one Java file and all the code related to the application will be in one single file. We need to update the code in MainActivity.java. We will go through a detailed walkthrough later. Please copy the below code into the MainActivity.java file.
We have only one activity_main.xml file which has the all the UI-related code: «activity_main.xml.» Please copy the below code and paste it in the corresponding activity file.
Now we need to udpate the strings.xml file with the relevant details.
Make sure you download the dependencies.
We need to include two jars, which ensure the proper functioning of the project.
Download aliyun-java-sdk-core-3.2.8.jar .
Download aliyun-java-sdk-kms-2.4.0.jar .
Add the jars into the libs folder in the projectview and add the jars to the dependencies:
Add the following code into your app level gradle file.
Make sure your build is successful.
Make sure you added the permission for Internet access to the application in the AndroidManifest using the following line:
In the onCreate method, we obtain references to all of the objects in the UI and create and assign the onClickListener to all the buttons.
We have four Async Taks which are responsible for the functionality:
Encrypt Credentials: Creates the key on the cloud and updates it; we use the corresponding key to encrypt the username and password. Your key will not be stored anywhere in your code
Decrypt Credentials: Takes the cipherBlob and calls the decrypt API to decrypt the information, then displays it on the screen. Escape characters like n r t are preserved, even after the decrypting, which enables us to have the formatted text encrypted.
Encrypt Form Data: This class encrypts the complete form data, primarily to demonstrate the uniqueness of the keys we are getting from the server.
Decrypt Form Data: This class decrypts the form data. We are storing all the encrypted data in sharedPreferences and fetching it when we call the Decrypt tasks.
Alibaba Cloud KMS service provides the awesome service of fetching the keys and deleting them at blazing speed. This provides the application with a high level of security.
As you can see, all the methods are self-explanatory. If everything is done correctly, all your compilation issues will go away and the application starts installing by clicking the small play (run) button in the status bar of Android studio.
I strongly recommend cloning the repo — you will eliminate a lot of manual errors and get this app running in minutes.
Please take a look at this repo for the final code repo and let me know if you face any issues or raise any pull requests for improvements.
Free DZone Refcard
Comment ( 0)
Published at DZone with permission
of
Sai Sarath Chandra
, DZone MVB. See the original article here.
Opinions expressed by DZone contributors are their own.
