Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enable support for EncryptedSharedPreferences #13846

Open
1 task done
jonasfunk opened this issue Jun 13, 2023 · 1 comment · May be fixed by #13848
Open
1 task done

Enable support for EncryptedSharedPreferences #13846

jonasfunk opened this issue Jun 13, 2023 · 1 comment · May be fixed by #13848
Labels
android feature needs triage This issue hasn't been reviewed by maintainers

Comments

@jonasfunk
Copy link

I have searched and made sure there are no existing issues for the issue I am filing

  • I have searched the existing issues

Description

We've had white hat hackers test our system for vulnerabilities. One of the things they pointed out was the current use of "SharedPreferences" (Ti.App.properties).

Solution

The hackers suggested we should use "EncryptedSharedPreferences" instead.
https://developer.android.com/reference/androidx/security/crypto/EncryptedSharedPreferences.

Alternatives

No response

Platforms

Android
@jonasfunk jonasfunk added feature needs triage This issue hasn't been reviewed by maintainers labels Jun 13, 2023
@m1ga m1ga added the android label Jun 15, 2023
@m1ga
Copy link
Contributor

m1ga commented Jun 18, 2023

already made some progress here :)

Screenshot_20230618_142738

It will store value2 inside the secret_share_prefs.xml file. The other value is stored in the normal titanium.xml

Just have to see if it should be a different setString like setStringSecure() so you could use both or if this way is better but then (at the moment) you can't get both values

@m1ga m1ga linked a pull request Jun 18, 2023 that will close this issue
Open
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
android feature needs triage This issue hasn't been reviewed by maintainers
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

feat(android): use EncryptedSharedPreferences tidev/titanium-sdk
2 participants
@jonasfunk @m1ga