First Commit

libraries/cryptography/api/build.gradle.kts

@@ -0,0 +1,15 @@
+/*
+ * Copyright (c) 2025 Element Creations Ltd.
+ * Copyright 2023-2025 New Vector Ltd.
+ *
+ * SPDX-License-Identifier: AGPL-3.0-only OR LicenseRef-Element-Commercial.
+ * Please see LICENSE files in the repository root for full details.
+ */
+
+plugins {
+    id("io.element.android-library")
+}
+
+android {
+    namespace = "io.element.android.libraries.cryptography.api"
+}

libraries/cryptography/api/src/main/kotlin/io/element/android/libraries/cryptography/api/AESEncryptionSpecs.kt

@@ -0,0 +1,19 @@
+/*
+ * Copyright (c) 2025 Element Creations Ltd.
+ * Copyright 2023-2025 New Vector Ltd.
+ *
+ * SPDX-License-Identifier: AGPL-3.0-only OR LicenseRef-Element-Commercial.
+ * Please see LICENSE files in the repository root for full details.
+ */
+
+package io.element.android.libraries.cryptography.api
+
+import android.security.keystore.KeyProperties
+
+object AESEncryptionSpecs {
+    const val BLOCK_MODE = KeyProperties.BLOCK_MODE_GCM
+    const val PADDINGS = KeyProperties.ENCRYPTION_PADDING_NONE
+    const val ALGORITHM = KeyProperties.KEY_ALGORITHM_AES
+    const val KEY_SIZE = 128
+    const val CIPHER_TRANSFORMATION = "$ALGORITHM/$BLOCK_MODE/$PADDINGS"
+}

libraries/cryptography/api/src/main/kotlin/io/element/android/libraries/cryptography/api/EncryptionDecryptionService.kt

@@ -0,0 +1,22 @@
+/*
+ * Copyright (c) 2025 Element Creations Ltd.
+ * Copyright 2023-2025 New Vector Ltd.
+ *
+ * SPDX-License-Identifier: AGPL-3.0-only OR LicenseRef-Element-Commercial.
+ * Please see LICENSE files in the repository root for full details.
+ */
+
+package io.element.android.libraries.cryptography.api
+
+import javax.crypto.Cipher
+import javax.crypto.SecretKey
+
+/**
+ * Simple service to provide encryption and decryption operations.
+ */
+interface EncryptionDecryptionService {
+    fun createEncryptionCipher(key: SecretKey): Cipher
+    fun createDecryptionCipher(key: SecretKey, initializationVector: ByteArray): Cipher
+    fun encrypt(key: SecretKey, input: ByteArray): EncryptionResult
+    fun decrypt(key: SecretKey, encryptionResult: EncryptionResult): ByteArray
+}

libraries/cryptography/api/src/main/kotlin/io/element/android/libraries/cryptography/api/EncryptionResult.kt

@@ -0,0 +1,51 @@
+/*
+ * Copyright (c) 2025 Element Creations Ltd.
+ * Copyright 2023-2025 New Vector Ltd.
+ *
+ * SPDX-License-Identifier: AGPL-3.0-only OR LicenseRef-Element-Commercial.
+ * Please see LICENSE files in the repository root for full details.
+ */
+
+@file:OptIn(ExperimentalEncodingApi::class)
+
+package io.element.android.libraries.cryptography.api
+
+import java.nio.ByteBuffer
+import kotlin.io.encoding.Base64
+import kotlin.io.encoding.ExperimentalEncodingApi
+
+/**
+ * Holds the result of an encryption operation.
+ */
+class EncryptionResult(
+    val encryptedByteArray: ByteArray,
+    val initializationVector: ByteArray
+) {
+    fun toBase64(): String {
+        val initializationVectorSize = ByteBuffer.allocate(Int.SIZE_BYTES).putInt(initializationVector.size).array()
+        val cipherTextWithIv: ByteArray =
+            ByteBuffer.allocate(Int.SIZE_BYTES + initializationVector.size + encryptedByteArray.size)
+                .put(initializationVectorSize)
+                .put(initializationVector)
+                .put(encryptedByteArray)
+                .array()
+        return Base64.encode(cipherTextWithIv)
+    }
+
+    companion object {
+        /**
+         * @param base64 the base64 representation of the encrypted data.
+         * @return the [EncryptionResult] from the base64 representation.
+         */
+        fun fromBase64(base64: String): EncryptionResult {
+            val cipherTextWithIv = Base64.decode(base64)
+            val buffer = ByteBuffer.wrap(cipherTextWithIv)
+            val initializationVectorSize = buffer.int
+            val initializationVector = ByteArray(initializationVectorSize)
+            buffer.get(initializationVector)
+            val encryptedByteArray = ByteArray(buffer.remaining())
+            buffer.get(encryptedByteArray)
+            return EncryptionResult(encryptedByteArray, initializationVector)
+        }
+    }
+}

libraries/cryptography/api/src/main/kotlin/io/element/android/libraries/cryptography/api/SecretKeyRepository.kt

@@ -0,0 +1,30 @@
+/*
+ * Copyright (c) 2025 Element Creations Ltd.
+ * Copyright 2023-2025 New Vector Ltd.
+ *
+ * SPDX-License-Identifier: AGPL-3.0-only OR LicenseRef-Element-Commercial.
+ * Please see LICENSE files in the repository root for full details.
+ */
+
+package io.element.android.libraries.cryptography.api
+
+import javax.crypto.SecretKey
+
+/**
+ * Simple interface to get, create and delete a secret key for a given alias.
+ * Implementation should be able to store the generated key securely.
+ */
+interface SecretKeyRepository {
+    /**
+     * Get or create a secret key for a given alias.
+     * @param alias the alias to use
+     * @param requiresUserAuthentication true if the key should be protected by user authentication
+     */
+    fun getOrCreateKey(alias: String, requiresUserAuthentication: Boolean): SecretKey
+
+    /**
+     * Delete the secret key for a given alias.
+     * @param alias the alias to use
+     */
+    fun deleteKey(alias: String)
+}