Skip to content

flipper83/secure-preferences

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits

gradle/wrapper

gradle/wrapper

 
 

secure-preference-demo

secure-preference-demo

 
 

secure-preference

secure-preference

 
 

.gitignore

.gitignore

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

build.gradle

build.gradle

 
 

checkstyle.xml

checkstyle.xml

 
 

gradle.properties

gradle.properties

 
 

gradlew

gradlew

 
 

gradlew.bat

gradlew.bat

 
 

settings.gradle

settings.gradle

 
 

Repository files navigation

secure-preferences

Secure preferences is a small wrapper around AndroidShared preferences. The difference is secure preferences store the data encrypted, with a RsaPkcs1 cipher, instead of plain text. This wrapper obtain the public and private key for the internal Android keystore and encrypt with them.

These encrypted preferences are slower than normal sharedpreferences and also consume more storage size on the shared preferences. I strongly recommend you to use it only to store sensible information.

Limitations

This first version is only compatible with api-18 and higher. Methods getAll and listeners are not migrated now. But it will be soon.

Bugs & know Issues

In some handsets I founded a bug when the user change the phone PIN, because the keystore is signed with the pin and it cannot recover the private key. If you want to test it please follow the following steps:

  1. Run the demo app and write some info on the box to store.
  2. Click on store button, a toast must appear to notify that the data has been saved.
  3. Click load button and check that the info is correct.
  4. Close the app from App manager, clicking on Force close to invalidate sharedpreferences caches.
  5. Go to setting/security/Screen Lock and change it to Pin, and change to new a Pin.
  6. Go back to the app and click on load button. it's the info correct or empty storage appear(buggy case).

I cannot find a fix or work around for this problem, Secure preferences throw an InvalidatePrivateKeyException, and the user must manage the invalidate private key, to store again the information.

Other solution for this bug, it's set the app inside the system domain, you need add to your manifest the property android:sharedUserId="android.uid.system"

How to use

Init the securePreferences:

  SharedPreferences preferencesValue = getSharedPreferences("ValueTest", MODE_PRIVATE);
  SecurePreference uuiDataSourceKeyStore = SecurePreference.with(this, preferencesValue);

Storing data:

  try {
    uuiDataSourceKeyStore.putString("TestValue", params[0]);
  } catch (StoreValueException e) {
    Log.d(LOGTAG, "error storing values", e);
  }

Loading data:

   String value = null;
   try {
     value = uuiDataSourceKeyStore.getString("TestValue", getString(R.string.emptyValue));
   } catch (InvalidatedPrivateKeyException e) {
     Log.d(LOGTAG, "error loading private key", e);
   }

Download

License

About

store info on the preferences encrypted and only accesible for the process.

Resources

Readme

License

Apache-2.0 license
Activity

Stars

14 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages