1

I would like to encrypt my resources .XML files in the following path: res / raw / fiche.xml and res / raw / so fiche1.XML each time the program uses both files and must first decipher the two files at the end of execution, it re-encrypts both files.

my question: how encrypts and decrypts files that are in the resources and do you have an example (source code) or source code that explains the steps?.

Tala
  • 19
  • 1
  • 7
  • "each time the program uses both files" -- those are resources. They are files on your development machine. They are *not* files on the device. "it re-encrypts both files" -- resources are read-only at runtime. – CommonsWare Mar 07 '16 at 16:25
  • Indeed, when I compile a program or when I extract my APK my two files are light so you can read both files easily, that's why I would like at least encrypt. – Tala Mar 07 '16 at 16:41

1 Answers1

4

This seems to be a popular question; Google finds a few stackoverflow responses that seem relevant.

I would advise you to not worry about it too much, and not to put anything sensitive into your apk. If you encrypt these files, you'll still have to ship your encryption key with them (so your application can decrypt them). Anyone with the capability/desire to extract your apk and retrieve these files will also be able to easily find and retrive your shipped key, and anyone without the capability/desire to do so will never look for these files in the first place.

Community
  • 1
  • 1
F. Stephen Q
  • 4,208
  • 1
  • 19
  • 42
  • Question about Android apps: Are the code binary files encrypted and if so when and by whom? – zaph Mar 07 '16 at 19:00
  • @zaph: Unless you count full-disk encryption, which would never prevent a user from accessing files on their own, functional device, executable binaries are not encrypted. As far as I know, Android has no support for encrypted binaries; even if it did, a decryption key would still have to be provided to decrypt the binaries at runtime. – F. Stephen Q Mar 07 '16 at 19:23
  • 1
    For completeness: iOS requires that all executable code be signed using an Apple-issued certificate and decrypted by hardware (so the decryption is not available) as loaded into memory for execution. Refference: [iOS Security iOS 9.0 or later](https://www.apple.com/business/docs/iOS_Security_Guide.pdf) – zaph Mar 07 '16 at 19:32