Calling .getEncoded() on SecretKey returns null
I use the following code to generate an AES key:
KeyGenParameterSpec.Builder builder = new KeyGenParameterSpec.Builder(\"db_enc_key\", KeyProperties.PURPOSE_
-
That you cannot retrieve the encoded key is by design as the Keystore should be the only one knowing it. However you can use a double layered key:
1) Generate a random key and store it in the Keystore.
2) Generate the "real" key used by Realm and encrypt it using the key from the Keystore.
3) Now you have some completely random text that can be stored in e.g SharedPreferences or in a file on disk.
4) Whenever people wants to open the Realm, read the encrypted key on disk, decrypt it using the Keystore and now you can use it to open the Realm.
This repo here uses the same technique to save User data in a secure way: https://github.com/realm/realm-android-user-store
This is probably the class you are after: https://github.com/realm/realm-android-user-store/blob/master/app/src/main/java/io/realm/android/CipherClient.java It also handle fallback through the various Android versions (the Keystore has quite a few quirks).
讨论(0)
加载中...
- 热议问题