This example shows you how to encrypt and decrypt messages using the SATSA-CRYPTO API. The SATSA MIDlet example presented in this document allows the user to store messages that are encrypted with a 128-bit AES key (see Advanced Encryption Standard (AES)). The AES Encryption is symmetric, that is, there is only one key, which is used for both encryption and decryption. The messages are stored in the MIDlet's record store for later retrieval.
Each message is first encrypted using the AES method and a message digest is included to ensure that the original message has not been tampered. This is done using the SHA-1 digest algorithm. A stronger version of this scheme would use digital signatures to ensure the origin of the message. However, as mentioned previously, SATSA-CRYPTO does not include support for the creation of such signatures. The figure below shows the process of encoding and decoding of messages including the cryptographic processes used in SATSA MIDlet.
Figure: Simplified cryptographic model used in this example
Each message is stored containing the length of the message in two bytes, the encrypted message, and a SHA-1 digest. The length of the message is necessary since the encryption process may enlarge the original message with some padding due to the cipher's block size. The figure below shows the format of the messages.
Figure: Message format
The MIDlet's user interface has five views for operation. One is
used for scrolling through and selecting previously saved messages,
one is for entering a new message to be stored in the record store
of the device, and three are used for displaying the message in both
encrypted and decrypted form (see the figure below). In addition, InfoScreen
is used for displaying error messages.
Figure: SATSA MIDlet UI screens
Note: All files in this example application contain the Nokia copyright statement.
The example is also provided on Forum Nokia. Instead of creating the example from scratch as shown in this document, you can download the example files and run them immediately with your SDK.