Add encryption in firebase group chat

 Brief summary of this post:

1. The user enters a passphrase which is unique to the group chat and has to be shared to the user for granting him access.

2. The passphrase is saved in SharedPreferences.

3. A master key is generated using the passphrase.

4. While sending message, a secret key is generated using the master key and message ID. The message is encrypted using this secret key.

5. On retrieving message, it is decrypted using a secret key generated using master key and message ID.


Steps:

1. In Button to enter the group chat page, add a dialog box (dialog2) with EditText (dialog_text1) where user can enter the passphrase. On entering the passphrase it is saved in SharedPreferences (sp:sp) and user moves to group chat activity using intent component.



Code to add an EditText to Dialog component:

final EditText dialog_text1 = new EditText(AdminpageActivity.this);

dialog_text1.setLayoutParams(linear2.getLayoutParams());

dialog2.setView(dialog_text1);

Code to get text from EditText:

dialog_text1.getText().toString()

2. Add another button which can be used to reenter passphrase, in case user has entered the wrong passphrase.



3. In local library manager, add the following library and select it:

androidx.security:security-crypto:1.1.0-alpha06

4. In Java/Kotlin manager, add a new Java class file EncryptionHelper.java and put following codes in it. Make sure to keep your own package name at the top.


package com.my.dmchat;

import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.KeyProperties;
import android.util.Base64;
import java.util.Arrays;

import android.content.SharedPreferences;
import android.content.Context;
import androidx.security.crypto.MasterKey;
import androidx.security.crypto.EncryptedFile;
import androidx.security.crypto.EncryptedSharedPreferences;

import java.nio.charset.StandardCharsets;
import java.security.Key;
import java.security.KeyStore;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.Mac;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import java.security.spec.KeySpec;
import javax.crypto.spec.SecretKeySpec;

public class EncryptionHelper {

    /**
     * Derives a Master Key from a given passphrase using PBKDF2.
     * @param passphrase The user's passphrase.
     * @return SecretKey The derived master key.
     * @throws Exception if key derivation fails.
     */
    public static SecretKey deriveMasterKey(String passphrase) throws Exception {
        byte[] salt = "SomeFixedSaltValue".getBytes(StandardCharsets.UTF_8); // Can be static or unique per chat
        int iterations = 100000;
        int keyLength = 256;

        SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256");
        KeySpec spec = new PBEKeySpec(passphrase.toCharArray(), salt, iterations, keyLength);
        SecretKey tmpKey = new SecretKeySpec(factory.generateSecret(spec).getEncoded(), "AES");

        return tmpKey;
    }

    /**
     * Derives a unique chat-specific encryption key from the master key using HMAC.
     * @param masterKey The master key.
     * @param chatID The chat identifier.
     * @return SecretKey The derived chat key.
     * @throws Exception if key derivation fails.
     */
    public static SecretKey deriveChatKey(SecretKey masterKey, String chatID) throws Exception {
        Mac hmac = Mac.getInstance("HmacSHA256");
        hmac.init(masterKey);
        byte[] secretKeyBytes = hmac.doFinal(chatID.getBytes(StandardCharsets.UTF_8));
        
        return new SecretKeySpec(Arrays.copyOf(secretKeyBytes, 16), "AES"); // 128-bit AES key
    }

    /**
     * Encrypts a message using AES-GCM encryption.
     * @param chatKey The AES key used for encryption.
     * @param plaintext The message to be encrypted.
     * @return Encrypted message as a Base64 string.
     * @throws Exception if encryption fails.
     */
    public static String encryptMessage(SecretKey chatKey, String plaintext) throws Exception {
        Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
        cipher.init(Cipher.ENCRYPT_MODE, chatKey);
        byte[] iv = cipher.getIV();
        byte[] encryptedData = cipher.doFinal(plaintext.getBytes(StandardCharsets.UTF_8));
    
        byte[] combined = new byte[iv.length + encryptedData.length];
        System.arraycopy(iv, 0, combined, 0, iv.length);
        System.arraycopy(encryptedData, 0, combined, iv.length, encryptedData.length);
    
        return Base64.encodeToString(combined, Base64.DEFAULT);
    }

    /**
     * Decrypts an AES-GCM encrypted message.
     * @param chatKey The AES key used for decryption.
     * @param encryptedData The Base64 encoded encrypted message.
     * @return Decrypted plaintext message.
     * @throws Exception if decryption fails.
     */
    public static String decryptMessage(SecretKey chatKey, String encryptedData) throws Exception {
        byte[] decodedData = Base64.decode(encryptedData, Base64.DEFAULT);
        byte[] iv = new byte[12]; // GCM IV length is 12 bytes
        System.arraycopy(decodedData, 0, iv, 0, iv.length);
    
        byte[] encryptedBytes = new byte[decodedData.length - iv.length];
        System.arraycopy(decodedData, iv.length, encryptedBytes, 0, encryptedBytes.length);
    
        Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
        GCMParameterSpec spec = new GCMParameterSpec(128, iv);
        cipher.init(Cipher.DECRYPT_MODE, chatKey, spec);
    
        byte[] decryptedBytes = cipher.doFinal(encryptedBytes);
        return new String(decryptedBytes, StandardCharsets.UTF_8);
    }
}

5. In groupchat.xml add a ListView listview1, an EditText edittext1 and a Button send.



6. Create a Custom View groupchat_item.xml and add items as shown in image below. Select it as Custom View of listview1.



7. In GroupchatActivity, add following components:

FirebaseDb component group_chat:groupchat, Calendar component cal, Dialog components dialog and dialog2, SharedPreferences component sp:sp, and FirebaseAuth component fauth.

8. Add following variables:

- String variables message_id, message, encrypted_message, date, passphrase, uid and username.

- Map variable map.

- List Map variable maplist.

9. Add import event and put following imports:

import javax.crypto.SecretKey;

10. Create a more block Declared and put codes to declare masterkey in it:

}
SecretKey masterkey;
{

11. In onCreate, get passphrase from shared preferences and use it to generate masterkey as shown in image below:


The code to generate masterkey is:

try {
masterkey = EncryptionHelper.deriveMasterKey(passphrase);

} catch (Exception e){
showMessage(e.toString());
}

12. Create a more block addUsername(username) fromMap(Map:map) toList (List Map:maplist) and put blocks as shown below.


13. In group_chat onChildAdded event put blocks as shown in image below.

Here the code to get username from uid is

DatabaseReference usersRef = FirebaseDatabase.getInstance().getReference("users").child(uid);
 usersRef.addListenerForSingleValueEvent(new ValueEventListener() {

@Override
public void onDataChange(DataSnapshot snapshot) {
if (snapshot.exists()) {
username= snapshot.child("username").getValue(String.class);

// Put more block to add Username to maplist and refresh ListView.

}
}

@Override
public void onCancelled(DatabaseError error) {
username = uid;

// Put more block to add Username to maplist and refresh ListView.

}

});

14. In send button onClick event, put following blocks:

Here the code to derive Secret key from message_id and encrypt the message is:
try {
SecretKey messageKey = EncryptionHelper.deriveChatKey(masterkey, message_id);

encrypted_message = EncryptionHelper.encryptMessage(messageKey, message);

} catch (Exception e){
showMessage(e.toString());
}


15. In listview1 onBindCustomView, use following blocks to display the message and username.


The code to decrypt message using secret key derived from master key and message ID is following:
try {
SecretKey messageKey = EncryptionHelper.deriveChatKey(masterkey, message_id);
 
message = EncryptionHelper.decryptMessage(messageKey, encrypted_message);

} catch (Exception e){
showMessage(e.toString());
}

Use following blocks to display the date and time.


16. In listview1 itemLongClicked event show a dialog to delete item and delete item from firebase.



17. In group_chat onChildRemoved event put codes as shown in image below:


For more insight watch video on youtube.



Comments

Post a Comment

Popular posts from this blog

Simple car racing android game in Sketchware

Image
To create a simple car racing game in sketchware follow the steps given below. 1. Create a new project in Sketchware. 2. In VIEW area of main.xml add a TextView textview3 for displaying score of previous game, a TextView textview4 for displaying high score, and a Button button1 for starting game. 3. In MainActivity , add a Shared Preferences component sp:sp . 4. Add onStart event and put blocks to set the text of textview3 and textview4 . 5. Create a new page page2.xml . 6. On button1 click use intent to move to page2 . 7. On page2.xml add a LinearV linear1 with padding 0 and width and height MATCH_PARENT. 8. In Page2Activity , add a Shared Preferences component sp:sp . 9. Create a number variable highscore . 10. In onCreate event of Page2Activity , use blocks to set the value of number variable highscore , and use codes to create a new GameView and add it to linear1 , as shown in image below. The code used in the add source directly bloc...
Read more

Creating a Drawing View in Sketchware

Image
 To create a DrawingView with undo button, follow the instructions given below. 1. Create a new project in Sketchware. 2. In main.xml , add a LinearLayout linear1 with height wrap_content, weight 1, and padding 0. Add a LinearHorizontal below it, containing following ImageViews: imageview_stroke_width , imageview_stroke_color , imageview_background , imageview_undo,  and  imageview_clear. 3. Create a more block canvas and put following codes in it. Here we create a new View class called DrawingView and a new class called PathPaint. } DrawingView dv; private Paint mPaint; private Canvas mCanvas; private ArrayList<PathPaint> all_paths = new ArrayList<>(); public class DrawingView extends View { private Bitmap mBitmap; private Paint mBitmapPaint; Context context; private Paint circlePaint; private Path circlePath; private Path mPath; public DrawingView(Context c) { super(c); context=c; mPath = new Path(); mBitmapPaint = new Paint(Paint.DITHER_FLAG); circlePath...
Read more

How to enable upload from webview in Sketchware?

Image
Now that Sketchware has a block to add java code directly in the project, it is possible to enable file upload in webview. To enable file upload in webview in sketchware app, follow the steps given below. 1. Insert a webview in VIEW area in the sketchware project. Note the ID of webview, usually it is webview1 . 2. In LOGIC area of project, in onCreate event, add the block add source directly and copy the following code in it: webview1.setWebChromeClient(new WebChromeClient() { // For 3.0+ Devices protected void openFileChooser(ValueCallback uploadMsg, String acceptType) { mUploadMessage = uploadMsg; Intent i = new Intent(Intent.ACTION_GET_CONTENT); i.addCategory(Intent.CATEGORY_OPENABLE); i.setType("image/*"); startActivityForResult(Intent.createChooser(i, "File Browser"), FILECHOOSER_RESULTCODE); } // For Lollipop 5.0+ Devices public boolean onShowFileChooser(WebView mWebView, ValueCallback<Uri[]> filePathCallback, WebChromeClient.FileChoose...
Read more

Get frames in a video in Sketchware

Image
 This sample shows how to get the frames in a video and display it in a GridView in Sketchware. 1. Create a new project in Sketchware. 2. In main.xml add a LinearLayout linear1 . Below this add a ListView listview1 . 3. Create a more block custom.xml . Add an ImageView imageview1 in it. 4. For listview1 , select custom.xml as Custom View. Set height of linear1 to match_parent . 5. In View main.xml add a Floating Action Button _fab . 6. Add a FilePicker Component fp: video/* , and a Camera component cam . 7. Create a More block extra and declare GridView gridview1 and a list of bitmap images frames using following codes: } GridView gridview1; ArrayList<Bitmap> frames; { 8. Create a String path , a Map variable map , a List String list and a List Map imagelist . 9. In onCreate event put following codes. gridview1 = new GridView(this); gridview1.setLayoutParams(new GridView.LayoutParams(GridView.LayoutParams.MATCH_PARENT, GridView.LayoutParams.MATCH_PARENT)); gridview1....
Read more

List of Calendar Format symbols valid in Sketchware

Image
The calendar Format block in Sketchware provides a space where we can write the format in which we want the date or time to be displayed. We can use various symbols to construct our own custom date format. Here is a list of valid symbols along with their use which can be used in Sketchware for formatting the date/calendar. In all examples the date 12 Jul 2017 17:19:56 has been used. d : date of month without 0 prefix, e.g. 12. dd : date of month in two digits, e.g. 12. M : month in year, e.g. 7. MM : month in year in two digits, e.g. 07. MMM : month name in year displayed as three letter abbreviation, e.g. Jul. MMMM : month in year displayed as full month name, e.g. July. MMMMM : first letter of month name, e.g. J. y : year, e.g. 2017. yy : last two digits of year, e.g. 17. yyyy : year, e.g. 2017. h : hour in day in 12-hour format, e.g. 5. hh : hour in day in two digits, e.g. 05. H : hour in day in 24-hour format, e.g. 17. HH : hour in day 24-hour format in two...
Read more