AndroidX Security EncryptedSharedPreferences v1.1.0/w API 21问题 [英] AndroidX Security EncryptedSharedPreferences v1.1.0 /w API 21 issue
问题描述
我决定使用AndroidX安全性库中的新EncryptedSharedPreferences.由于该应用程序支持API 21和更高版本,因此我决定尝试此新的v1.1.0-alpha02版本,因为它支持API 21 +
I decided to use new EncryptedSharedPreferences from AndroidX Security library. Since the app is supporting API 21 and higher, I decided to try out this new v1.1.0-alpha02 version, since it supports API 21+
因此,我成功地实现了API 23+的实现,但是对于不支持Android KeyStore的较旧版本,我做得不好,也没有确切的说明如何创建主密钥来实现.它以某种方式起作用.
So, I succeded to make the implementation for API 23+, but for older versions where Android KeyStore is not supported, I couldn't make it right, and there are no exact instructions how the master key should be created to make it work somehow.
用于初始化SharedPrefs的代码:
The code for initializing SharedPrefs:
EncryptedSharedPreferences.create(
"prefs_name",
createMasterKey(),
App.appContext,
EncryptedSharedPreferences.PrefKeyEncryptionScheme.AES256_SIV,
EncryptedSharedPreferences.PrefValueEncryptionScheme.AES256_GCM
)
具有用于创建主密钥的功能
with this function for creating master key
private fun createMasterKey(): String {
return if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) {
MasterKeys.getOrCreate(MasterKeys.AES256_GCM_SPEC)
} else {
val alias = "my_alias"
val start: Calendar = GregorianCalendar()
val end: Calendar = GregorianCalendar()
end.add(Calendar.YEAR, 30)
val spec = KeyPairGeneratorSpec.Builder(App.appContext)
.setAlias(alias)
.setSubject(X500Principal("CN=$alias"))
.setSerialNumber(BigInteger.valueOf(abs(alias.hashCode()).toLong()))
.setStartDate(start.time).setEndDate(end.time)
.build()
val kpGenerator: KeyPairGenerator = KeyPairGenerator.getInstance(
"RSA",
"AndroidKeyStore"
)
kpGenerator.initialize(spec)
val kp: KeyPair = kpGenerator.generateKeyPair()
kp.public.toString()
}
}
我在某个地方找到了该解决方案,但尚未验证(没有确认它确实有效),但似乎应该可以.
I found this solution somewhere out there, but it's not verified (no confirmation that it actually works), but it seems it should work.
将此代码块用于API 21和22时,在创建EncryptedSharedPreferences时出现错误,并显示: 方法引发了"com.google.crypto.tink.shaded.protobuf.InvalidProtocolBufferException"异常. 协议消息包含无效标签(零).
When using this code block for API 21 and 22, the error appears on creating EncryptedSharedPreferences, and it says: Method threw 'com.google.crypto.tink.shaded.protobuf.InvalidProtocolBufferException' exception. Protocol message contained an invalid tag (zero).
有人找到了此实现的解决方案,还是您知道为什么会这样? 我认为这会对很多人有帮助,因为没有确切的解释,这个主密钥应该包含什么.
Did someone find the solution for this implementation, or do you know why is this happening? I think this would help a lot of people, since there is no exact explanation what should this master key contain.
提前谢谢!
推荐答案
添加到清单
android:allowBackup="false" android:fullBackupContent="false"
由于卸载了应用程序后,您仍然备份了加密文件,在安装新版本后,您肯定无法对其进行解密.
Because after uninstalling the application you still have backed up your crypto file which you definitely can't decrypt after installing a new version.
这篇关于AndroidX Security EncryptedSharedPreferences v1.1.0/w API 21问题的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!