发表新帖
发表新帖

Android Secure Storage

前端 未结
关注
3 1884
后悔当初
后悔当初 2020-12-09 09:09

I want to store some small but critical piece of information such as AES keys in my Android application. What would be the recommended way to do this? I do not want to hardc

3条回答
  • 伪装坚强ぢ
    伪装坚强ぢ (楼主)
    2020-12-09 09:33

    You have to distinguish here between keys and app data.

    The "AndroidKeyStore" KeyPairGenerator and KeyGenerator stores the keys they generate from your app under an alias in the KeyStore and associates the keys to your app. If the device has "secure hardware" you can specify that it be used and the keys will be stored there.

    There is no password for the keys. You use the alias to specify which key you want to use. Only your app can retrieve the keys it had generated.

    see:https://developer.android.com/training/articles/keystore.html

    For your app's private data, if I understand ".. an Android API for storage such that guarantees that only the application that stored some information can retrieve it back. ..", you might look at these:

    https://developer.android.com/guide/topics/data/data-storage.html#filesInternal https://developer.android.com/guide/topics/data/data-storage.html#db

    0 讨论(0)
 看不清?
提交回复
热议问题