0

I am using Nox player as an emulator and the working environment is Android Studio. The current project's min-SDK version is 23 and compileSDKversion is 29.

java.lang.NoClassDefFoundError: Failed resolution of: Landroid/security/keystore/KeyGenParameterSpec$Builder;

This error happened in this part of the code.

try {
      masterKeyAlias = MasterKeys.getOrCreate(MasterKeys.AES256_GCM_SPEC);
} catch (GeneralSecurityException e) {
      e.printStackTrace();
} catch (IOException e) {
      e.printStackTrace();
}

I also have added these dependencies.

 implementation 'androidx.security:security-crypto:1.0.0-rc04'
 implementation "androidx.security:security-identity-credential:1.0.0-alpha02"

I've tried to change android:allowbackup="false", also tried to change min-SDK version to 24 or above, but the same issue happened always.

If anyone has an idea, please help me. Thanks. (P.S. If you have any recommendations to keep simple values in the android app)

top jobstar
  • 1
  • 2
  • "What is the best way to keep (simple) values securely in android?" -- use ordinary `SharedPreferences`. Only people who root the device can access them. This sort of encryption is for apps that needs security beyond that. Plus, [`EncryptedSharedPreferences` has bugs](https://issuetracker.google.com/issues?q=EncryptedSharedPreferences). "This error happened in this part of the code" -- when you tried on Android hardware, what were your results? – CommonsWare Apr 05 '21 at 22:34
  • Thanks for your reply, but as far as I know `SharedPreferences` can be hacked simply. Is it a proper way to store like passphrases(25 mnemonic words) for the algorand account? This is just a [reference](https://stackoverflow.com/questions/9244318/android-sharedpreference-security) for the security of `SharedPreferences` – top jobstar Apr 05 '21 at 22:38
  • "but as far as I know SharedPreferences can be hacked simply" -- primarily by rooting the device. How easy or difficult that is depends on the device. After that, it's down to app bugs or major device security flaws in terms of attack vectors. "Is it a proper way to store like passphrases(25 mnemonic words) for the algorand account?" -- perhaps that should be in the user's preferred password manager rather than in the app. Regardless, I would not recommend using alpha-grade libraries for app security, unless you are very experienced in encryption and Android app development. – CommonsWare Apr 05 '21 at 22:46
  • "This is just a reference for the security of SharedPreferences" -- that question, and its answers, are all rather old. Even back then, as the answers point out, the primary attack vector was to root the device. Some of the other attacks mentioned there (e.g., "if someone was able to mount your device's filesystem without using the installed Android OS") have been rendered moot over the past several years (e.g., full disk encryption at rest). – CommonsWare Apr 05 '21 at 22:50
  • @CommonsWare "Only people who root the device can access them. This sort of encryption is for apps that needs security beyond that." -- if a malicious program has root, then it can decrypt any data previously encrypted by EncryptedSharedPreferences. –  Jul 05 '22 at 07:24

0 Answers0