Granny's Programming Pearls
"inside of every large program is a small program struggling to get out"
JavaRanch.com/granny.jsp
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Bear Bibeault
  • Devaka Cooray
  • Liutauras Vilda
  • Jeanne Boyarsky
Sheriffs:
  • Knute Snortum
  • Junilu Lacar
  • paul wheaton
Saloon Keepers:
  • Ganesh Patekar
  • Frits Walraven
  • Tim Moores
  • Ron McLeod
  • Carey Brown
Bartenders:
  • Stephan van Hulst
  • salvin francis
  • Tim Holloway

Trying to display a file from another Application  RSS feed

 
Greenhorn
Posts: 27
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi All,
I have to create an application that needs to print out the values of a file stored by another note file application.

I have the content uri and the path of where the file is stored but I don't know how to code this.

When I pull back the file I have to decode the message content as well using AES decode.

Im totally new to android development.


Any help at all would be appreciated.
 
Pol Denais
Greenhorn
Posts: 27
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
meant to say I found the path like this in the file app:

this.complete_path = ("/data/data/" + this.path.getAuthority() + "/files" + this.path.getPath());


so the path is /data/data/MyAUTHORITY/files




Pol Denais wrote:Hi All,
I have to create an application that needs to print out the values of a file stored by another note file application.

I have the content uri and the path of where the file is stored but I don't know how to code this.

When I pull back the file I have to decode the message content as well using AES decode.

Im totally new to android development.


Any help at all would be appreciated.

 
Bartender
Posts: 9496
184
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You need to be a little bit more exact in your problem description.

/data/data/MyAUTHORITY/files is not an URI.

AES is not an encoding, it's an encryption algorithm.

If you need to decode the file, you didn't tell us what the file was encoded with.

If you need to decrypt the file with AES, you didn't tell us how the decryption cipher needs to be configured, or where the application will get the decryption key from.
 
Pol Denais
Greenhorn
Posts: 27
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks Stephan for the reply. Below is some details:

Ok I have to create an android application that will display the contents of a file created by another app.

I have the content URI: com.paul.safenote.
The file that is created is stored at : /data/data/MyAUTHORITY/files

AES Decryption Details:

Input text Format is Base64

Mode: ECB
Key size: 256

The secret key is hardcoded in the app.
 
Stephan van Hulst
Bartender
Posts: 9496
184
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Great, now you just have to break up the problem in steps.

  • Download the file from the remote server.
  • Base64 decode the file's content to a binary ciphertext.
  • Initialize an AES cipher and decrypt the binary ciphertext to a binary secret message.
  • Decode the binary secret message with whatever encoding was used by the original plain text message. Probably ASCII, Latin-1 or UTF-8.


  • First things first. Download the file from the remote server. I don't know if the Android standard library has ready-made tools for this, but otherwise you can create an instance of the URL class, and with it open a HttpURLConnection. You can get an input stream from the connection and then use a reader to read the base64 encoded ciphertext from the remote location. We can continue to the next step after your application has downloaded the encoded ciphertext.
     
    Pol Denais
    Greenhorn
    Posts: 27
    • Mark post as helpful
    • send pies
    • Quote
    • Report post to moderator
    Thanks Stephan, this file isn't on a remote server, its on the android device stored in a folder under data/data/authority/files.


    I need to create another android app on the same device to read from this file.
     
    Stephan van Hulst
    Bartender
    Posts: 9496
    184
    • Likes 2
    • Mark post as helpful
    • send pies
    • Quote
    • Report post to moderator
    Ahh okay then I think you can do something like this:

    And you would call it like this:

    Here, packageName is whatever you mean by "authority" and filePath is the path to the file you want to read, relative to /data/data/<packageName>/files/.

    I don't do Android development and I haven't tested this, so you may have to play around a little.
     
    Rancher
    Posts: 506
    15
    Java Notepad
    • Likes 2
    • Mark post as helpful
    • send pies
    • Quote
    • Report post to moderator
    You may want to take a look at this Android documentation on Sharing Files. This may have information you are looking for: https://developer.android.com/training/secure-file-sharing/index.html
     
    Pol Denais
    Greenhorn
    Posts: 27
    • Mark post as helpful
    • send pies
    • Quote
    • Report post to moderator
    Thanks all for the help so far (Stephan & Prasad).

    I think Im nearly there and nearly over the line but I have one more piece to figure out related to the AES work.


    I have to do the AES part now and decrypt the password values in one piece of code and then in the bottom piece of code I need to decrypt the content of a file that I am printing out.

    This is completely new to me.


    In the code below its the Passwordprovider.PASSWORD value that is coming back encrypted, I have the key figured out.




     
    Pol Denais
    Greenhorn
    Posts: 27
    • Mark post as helpful
    • send pies
    • Quote
    • Report post to moderator
    I don't actually know how or where to include this type of work.

    Base64 decode the file's content to a binary ciphertext.
    Initialize an AES cipher and decrypt the binary ciphertext to a binary secret message.
    Decode the binary secret message with whatever encoding was used by the original plain text message. Probably ASCII, Latin-1 or UTF-8......

    IT's UTF-8 by the way.
     
    Stephan van Hulst
    Bartender
    Posts: 9496
    184
    • Likes 1
    • Mark post as helpful
    • send pies
    • Quote
    • Report post to moderator
    Can you take a step back and describe the purpose of your application to me? Encrypting and decrypting passwords sounds very iffy to me, especially when they have been encrypted with a useless block cipher mode like ECB. That's just asking to have your passwords stolen.
     
    Pol Denais
    Greenhorn
    Posts: 27
    • Mark post as helpful
    • send pies
    • Quote
    • Report post to moderator
    its a dummy app for security testing Stephan, Don't worry :-) The app Im creating is trying to interact with two test android apps.
     
    Stephan van Hulst
    Bartender
    Posts: 9496
    184
    • Likes 1
    • Mark post as helpful
    • send pies
    • Quote
    • Report post to moderator
    Well, what form are the encrypted passwords in that you retrieve from the manager? Are they also AES/ECB encrypted and base64 encoded?

    What is their role in the messages that you retrieved earlier?
     
    Pol Denais
    Greenhorn
    Posts: 27
    • Mark post as helpful
    • send pies
    • Quote
    • Report post to moderator
    Yes Stephan, the passwords AES/ECB encrypted and base64 encoded.

    I have the key to decrypt.

    so you can see this is whats retrieved below and the third column is the password one.

    | 2   | NasherApp         | RGYGqAh9sHRx5BmUU506wg==
     
    Stephan van Hulst
    Bartender
    Posts: 9496
    184
    • Likes 1
    • Mark post as helpful
    • send pies
    • Quote
    • Report post to moderator
    You can get a Cipher instance using Cipher.getInstance("AES/ECB"). Then you initialize it with cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(key, "AES")). Finally, whether you're decrypting a password or a secret message, you just call cipher.doFinal(cipherText) to get the unencrypted data.

    Note that this process is more complicated when you use a less terrible block mode than ECB. Check our Security forum for some of my posts to see how you can perform encryption and decryption in a more secure way.
     
    Prasad Saya
    Rancher
    Posts: 506
    15
    Java Notepad
    • Mark post as helpful
    • send pies
    • Quote
    • Report post to moderator
    Hi Pol, I had given this link in the earlier post for the same query. Did you get a chance to take a look at it?

    The link's post says its a AES encrypt/decrypt example. Here is the link: https://howtodoinjava.com/security/java-aes-encryption-example/

     
    Stephan van Hulst
    Bartender
    Posts: 9496
    184
    • Mark post as helpful
    • send pies
    • Quote
    • Report post to moderator
    The techniques used in that example fail on a couple of points. First of all, ECB is NOT secure unless your message is smaller than the key size, and you never ever use the key again. You need to select a different cipher mode, the choice of which depends on your application, so it's REALLY important to read up on them and understand their benefits and limitations.

    Secondly, it uses a really poor key derivation algorithm. Just tossing the UTF-8 encoded bytes into a SHA1 hash does not a proper key derivation function make. Use a SecretKeyFactory with an algorithm such as PBKDF2WithHmacSHA1.

    Thirdly, keeping key material and passwords around as String is not a good idea. There's a reason that password based components accept char arrays.
     
    Pol Denais
    Greenhorn
    Posts: 27
    • Mark post as helpful
    • send pies
    • Quote
    • Report post to moderator


    Ok I was passing the password value into this piece of code below (strToDecrypt):

    But when I hit that code then I get this error:

    java.security.NoSuchAlgorithmException: Invalid transformation format:AES/ECB



     
    Stephan van Hulst
    Bartender
    Posts: 9496
    184
    • Mark post as helpful
    • send pies
    • Quote
    • Report post to moderator
    What happens when you try "AES/ECB/NoPadding"?

    Your identifiers don't make sense by the way. You base64-decode a hard-coded key and then call it encoded? Why don't you call it key?

    There's also no point in passing cipher.getParameters() to cipher.init(). That's like assigning a variable to itself. AES/ECB doesn't take any additional parameters, so just leave them out.

    Don't use the parameterless String.getBytes() method. Pass an encoding to it explicitly.

    plain.toString() doesn't do what you think it does. It returns garbage. Instead, use new String(plain, Charset.forName("UTF-8")).
     
    Pol Denais
    Greenhorn
    Posts: 27
    • Mark post as helpful
    • send pies
    • Quote
    • Report post to moderator
    OK changed this code around:


     
    Pol Denais
    Greenhorn
    Posts: 27
    • Mark post as helpful
    • send pies
    • Quote
    • Report post to moderator

    Pol Denais wrote:OK changed this code around: SORRY STILL NOT WORKING: doing something really stupid here now.


     
    Stephan van Hulst
    Bartender
    Posts: 9496
    184
    • Likes 1
    • Mark post as helpful
    • send pies
    • Quote
    • Report post to moderator
    In a private message, your code said that you're sending the message to decrypt, and a secret to decrypt it with. You said that the thing that you're decrypting seemingly decrypts back to itself. Let's continue the discussion here.

    I don't understand why you're passing in a message to decrypt and a secret, when you're not using the secret for anything. What is it that you need to decrypt, what is the key that you need to decrypt with, and why are you additionally supplying either the other secret/hardcoded key?

    If I were to venture a guess, you want to use the hardcoded key to decrypt the secret, and then use that decrypted key to decrypt the message. You're either skipping a step here, or you didn't explain exactly what you're trying to do.
     
    Pol Denais
    Greenhorn
    Posts: 27
    • Mark post as helpful
    • send pies
    • Quote
    • Report post to moderator
    Hi Stephan,
    Thanks I went back through it all and I have it sorted now looking at bits of code online.

    Thanks alot for you help on this and giving me pointers.

    Greatly appreciated.

    Pol
     
    Stephan van Hulst
    Bartender
    Posts: 9496
    184
    • Mark post as helpful
    • send pies
    • Quote
    • Report post to moderator
    Did you manage to get the original message that was encrypted by the other application? Was it what you expected?
     
    It is sorta covered in the JavaRanch Style Guide.
    • Post Reply Bookmark Topic Watch Topic
    • New Topic
    Boost this thread!