Android™
Android™
Yubikey RSA Encrypt/Decrypt
See more RSA Examples
Demonstrates how to do RSA decryption using a private key stored on a Yubikey (or other USB token or smartcard).Note: RSA encryption uses the public key, which is freely exportable and does not need to occur on the token/smartcard.
Chilkat Android™ Downloads
// Important: Don't forget to include the call to System.loadLibrary
// as shown at the bottom of this code sample.
package com.test;
import android.app.Activity;
import com.chilkatsoft.*;
import android.widget.TextView;
import android.os.Bundle;
public class SimpleActivity extends Activity {
private static final String TAG = "Chilkat";
// Called when the activity is first created.
@Override
public void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
boolean success = false;
// This example assumes you have a certificate with private key on the Yubikey token.
// When doing simple RSA encryption/decryption, we don't actually need the certificate,
// but we'll be using the private key associated with the certificate.
//
// The sensitive/secret material that needs to be kept private is the private key.
// The certificate itself and the public key can be freely shared.
//
// We're going to encrypt and decrypt 32-bytes of data.
CkBinData bd = new CkBinData();
success = bd.AppendEncoded("000102030405060708090A0B0C0D0E0F","hex");
success = bd.AppendEncoded("000102030405060708090A0B0C0D0E0F","hex");
// Let's get the desired cert.
// For this example, a self-signed certificate with a 2048-bit RSA key was generated in slot 9A.
CkCert cert = new CkCert();
// Force Chilkat to use PKCS11 over ScMinidriver (if on Windows) and Apple Keychain (if on MacOS)
cert.put_UncommonOptions("NoScMinidriver,NoAppleKeychain");
cert.put_SmartCardPin("123456");
success = cert.LoadFromSmartcard("cn=chilkat_test_2048");
if (success == false) {
Log.i(TAG, cert.lastErrorText());
return;
}
// RSA encrypt using the public key.
CkRsa rsa = new CkRsa();
// Provide the RSA object with the certificate on the Yubkey.
success = rsa.SetX509Cert(cert,true);
if (success == false) {
Log.i(TAG, rsa.lastErrorText());
return;
}
// RSA encrypt using the public key.
boolean usePrivateKey = false;
success = rsa.EncryptBd(bd,usePrivateKey);
if (success == false) {
Log.i(TAG, rsa.lastErrorText());
return;
}
Log.i(TAG, "RSA Encrypted Output in Hex:");
Log.i(TAG, bd.getEncoded("hex"));
// Now let's decrypt, using the private key on the Yubikey.
usePrivateKey = true;
success = rsa.DecryptBd(bd,usePrivateKey);
if (success == false) {
Log.i(TAG, rsa.lastErrorText());
return;
}
Log.i(TAG, "RSA Decrypted Output in Hex:");
Log.i(TAG, bd.getEncoded("hex"));
}
static {
System.loadLibrary("chilkat");
// Note: If the incorrect library name is passed to System.loadLibrary,
// then you will see the following error message at application startup:
//"The application <your-application-name> has stopped unexpectedly. Please try again."
}
}