{"id":37027232,"url":"https://github.com/yakivmospan/scytale","last_synced_at":"2026-01-14T03:13:36.492Z","repository":{"id":57729848,"uuid":"77251767","full_name":"yakivmospan/scytale","owner":"yakivmospan","description":"One tool to manage key generation, key storing and encryption on different APIs of Android.","archived":false,"fork":false,"pushed_at":"2017-04-04T11:03:13.000Z","size":184,"stargazers_count":432,"open_issues_count":11,"forks_count":44,"subscribers_count":14,"default_branch":"develop","last_synced_at":"2023-11-07T15:27:28.940Z","etag":null,"topics":["3rd-party-libraries","android","encryption","scytale"],"latest_commit_sha":null,"homepage":null,"language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/yakivmospan.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2016-12-23T21:35:47.000Z","updated_at":"2023-10-16T06:53:59.000Z","dependencies_parsed_at":"2022-08-30T06:11:19.333Z","dependency_job_id":null,"html_url":"https://github.com/yakivmospan/scytale","commit_stats":null,"previous_names":[],"tags_count":2,"template":null,"template_full_name":null,"purl":"pkg:github/yakivmospan/scytale","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yakivmospan%2Fscytale","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yakivmospan%2Fscytale/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yakivmospan%2Fscytale/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yakivmospan%2Fscytale/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/yakivmospan","download_url":"https://codeload.github.com/yakivmospan/scytale/tar.gz/refs/heads/develop","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yakivmospan%2Fscytale/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28408816,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-14T01:52:23.358Z","status":"online","status_checked_at":"2026-01-14T02:00:06.678Z","response_time":107,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["3rd-party-libraries","android","encryption","scytale"],"created_at":"2026-01-14T03:13:35.962Z","updated_at":"2026-01-14T03:13:36.482Z","avatar_url":"https://github.com/yakivmospan.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Scytale\n\n[ ![Download](https://api.bintray.com/packages/yakivmospan/maven/scytale/images/download.svg) ](https://bintray.com/yakivmospan/maven/scytale/_latestVersion)\n\nOne tool to manage key generation, key storing and encryption on different APIs of Android.\n\n![](assets/logo.png)\n\nAs you may know Android provides API to use `keystore` that is stored in system only from API 18. They introduced [AndroidKeyStore](http://developer.android.com/training/articles/keystore.html) provider that is responsible for managing this.\n\nBut as always there are underwater stones. Up to API 23 you are only able to create asymmetric keys using `AndroidKeyStore` provider. Also [algorithms](http://developer.android.com/training/articles/keystore.html#SupportedAlgorithms) that you can use are limited. And what about devices below API 18?\n\nI've create API that wraps default [JCA](http://docs.oracle.com/javase/7/docs/technotes/guides/security/crypto/CryptoSpec.html) API and `AndroidKeyStore` API and makes it easy to create, manage and use your keys on any Android API.\n\n## Sample\n\n```java\n// Create and save key\nStore store = new Store(getApplicationContext());\nif (!store.hasKey(\"test\")) {\n SecretKey key = store.generateSymmetricKey(\"test\", null);\n}\n...\n\n// Get key\nSecretKey key = store.getSymmetricKey(\"test\", null);\n\n// Encrypt/Decrypt data\nCrypto crypto = new Crypto(Options.TRANSFORMATION_SYMMETRIC);\nString text = \"Sample text\";\n\nString encryptedData = crypto.encrypt(text, key);\nLog.i(\"Scytale\", \"Encrypted data: \" + encryptedData);\n\nString decryptedData = crypto.decrypt(encryptedData, key);\nLog.i(\"Scytale\", \"Decrypted data: \" + decryptedData);\n```\n\n## How it works?\n\nDepending on what key you need and what Android you are using, API will create `keystore` file in application inner cache or will use `AndroidKeyStore` to hold keys. Key generation will be also made with different API. The tables below show what will be used in different cases.\n\nIn case you want to generate and save `Asymmetric` key\n\n| API | Application Keystore | AndroidKeyStore |\n|:-----:|:--------------------:|:---------------:|\n|`\u003c 18` | `+` | |\n|`\u003e= 18`| | `+` |\n\n\nIn case you want to generate and save `Symmetric` key\n\n| API | Application Keystore | AndroidKeyStore |\n|:-----:|:--------------------:|:---------------:|\n|`\u003c 23` | `+` | |\n|`\u003e= 23`| | `+` |\n\nAfter calling one of `generateKey` methods, key will be automatically stored in `keystore`.\n\nTo store asymmetric `PrivateKey` we need to provide `X509Certificate`. And of course there is no default API to do that.\n\nOn `18+` devices it's pretty easy, Google did it for us.\n\nFor `pre 18` there is one 3rd party library that can create self signed `X509Certificate`. It is called [Bouncy Castle](http://www.bouncycastle.org/) and is available on Maven as well. But after some research I found that [Google copied this library](https://goo.gl/Zcaqpj) to their API but made it private. Why? Don't ask me...\n\nSo I decided to make it like this:\n\n- API will try to get Google Bouncy Castle using reflection (I've checked it on few APIs and it seems to work well)\n- If Google version is missing, API will try to get 3rd party Bouncy Castle library. It will use reflection as well. This has two advantages:\n - You can add this API for 18+ devices without any additional libraries.\n - You can run this API on pre 18 devices without any additional libraries as well. And in case some device will miss Google hidden API you will receive an error and then include Bouncy Castle to project. This is pretty cool if you are getting error on 15 API but your min project API is 16, and there is no errors on it.\n\nIn general it creates simple interface to work with `Keystore` using API provided by Java and different versions of Android.\n\n## Extended Usage\n\nInstead of using `generateAsymmetricKey(@NonNull String alias, char[] password)` method you can use ` generateAsymmetricKey(@NonNull KeyProps keyProps)` one, and define key with specific options.\n\n```java\n// Create store with specific name and password\nStore store = new Store(context, STORE_NAME, STORE_PASSWORD);\n\nfinal String alias = \"alias\";\nfinal char[] password = \"password\".toCharArray();\nfinal int keysize = 512;\n\nfinal Calendar start = Calendar.getInstance();\nfinal Calendar end = Calendar.getInstance();\nend.add(Calendar.YEAR, 1);\n\n// Create a key store params, some of them are specific per platform\n// Check KeyProps doc for more info\nKeyProps keyProps = new KeyProps.Builder()\n .setAlias(alias)\n .setPassword(password)\n .setKeySize(keysize)\n .setKeyType(\"RSA\")\n .setSerialNumber(BigInteger.ONE)\n .setSubject(new X500Principal(\"CN=\" + alias + \" CA Certificate\"))\n .setStartDate(start.getTime())\n .setEndDate(end.getTime())\n .setBlockModes(\"ECB\")\n .setEncryptionPaddings(\"PKCS1Padding\")\n .setSignatureAlgorithm(\"SHA256WithRSAEncryption\")\n .build();\n\n// Generate KeyPair depending on KeyProps\nKeyPair keyPair = store.generateAsymmetricKey(keyProps);\n\n// Encrypt/Dencrypt data using buffer with or without Initialisation Vectors\n// This additional level of safety is required on 23 API level for\n// some algorithms. Specify encryption/decryption block size to use buffer for\n// large data when using block based algorithms (such as RSA)\n\nfinal int encryptionBlockSize = keysize / 8 - 11; // as specified for RSA/ECB/PKCS1Padding keys\nfinal int decryptionBlockSize = keysize / 8; // as specified for RSA/ECB/PKCS1Padding keys\n\nCrypto crypto = new Crypto(\"RSA/ECB/PKCS1Padding\", encryptionBlockSize, decryptionBlockSize);\n\nString text = \"Sample text\";\nString encryptedData = crypto.encrypt(text, key, false);\nString decryptedData = crypto.decrypt(encryptedData, key, false);\n```\n\n## Download\n\nAdd dependency to your app `build.gradle` file:\n\n```java\ncompile 'com.yakivmospan:scytale:1.0.1'\n```\n\nMinimum supported API version is 8.\n\n## License\n\n```\nCopyright 2016 Yakiv Mospan\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fyakivmospan%2Fscytale","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fyakivmospan%2Fscytale","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fyakivmospan%2Fscytale/lists"}