加密SharedPreferences中的数据 [英] encrypt data in SharedPreferences
问题描述
这个键的问题是,一些平台,如twitter使用永久密钥,如果有人可以访问这个密钥,他可以使用用户twitter帐户做任何他想要的。
是否可以在数据存储在共享首选项之前自动加密数据?还是有更好的方式/地方存储非常重要的数据?
更新 - 另请阅读:在Android应用程序中存储用户设置的最合适的方法是什么
1)。如何加密?
在Android上,加密通过Java加密体系结构(JCA)完成。主要是 javax.crypto。* 包。
2)。在哪里存储?
加密API使用字节数组(而不是字符串)进行操作。这意味着您可以使用 SharedPreferences ,但是您需要在加密的字节数组上应用Base-64编码,然后将其放入 SharedPreferences (否则XML解析器将无法读取共享的首选项文件)。然后阅读,您将需要使用Base-64解码。请注意,默认情况下,大多数Android操作系统版本没有内置的Base-64 API(请参阅UPDATE部分)。所以要删除这个Base-64开销我建议只是把你的字节存储在一个私人文件。
更新:由于API级别为8,API的 android.util.Base64 。
Im currently developing a framework for oAuth 1 and 2 access to webservices and my question is, how do i store sensitive data like an oAuth access key in a secure way? the problem with this keys is that some platforms like twitter use a permanent key and if someone would get access to this key he could do whatever he wants with the users twitter account..
so is it possible to automatically encrypt the data before it is stored in the shared preferences? Or is there a better way/place to store very important data?
UPDATE - ALSO READ: What is the most appropriate way to store user settings in Android application
1). How to encrypt?
On Android the encryption is done via Java Cryptography Architecture (JCA). Mainly it is the javax.crypto.* package.
Here is an example of JCA API usage (AES alrorithm in particular).
2). Where to store?
Encryption API manipulates with byte arrays (not strings). This means you can use SharedPreferences, but you'll need to apply Base-64 encoding on the encrypted byte array before putting it into SharedPreferences (otherwise XML parser will fail to read the shared preferences file). Then to read you will need to use Base-64 decoding. Note that by default most Android OS versions do not have a built in Base-64 API (see UPDATE section). So to remove this Base-64 overhead I would recommend just to store your bytes in a private file.
UPDATE: Since API Level 8, the API has android.util.Base64.
这篇关于加密SharedPreferences中的数据的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
