Stack Overflow
Stack Overflow

Questions tagged [android-jetpack-security]

Work with data more securely

The Security library, part of Android Jetpack, provides an implementation of the security best practices related to reading and writing data at rest, as well as key creation and verification.

The library uses the builder pattern to provide safe default settings for the following security levels:

Strong security that balances great encryption and good performance. This level of security is appropriate for consumer apps, such as banking and chat apps, as well as enterprise apps that perform certificate revocation checking. Maximum security. This level of security is appropriate for apps that require a hardware-backed keystore and user presence for providing key access.

14 questions
11
votes
3 answers

Is there any proguard rules should use while using EncryptedSharedPreferences?

before using EncryptedSharedPreferences my app works fine in release mode with (minifyEnabled = true), After adding the security library (version 1.0.0-rc01) to my application the app crash while opening and if i use (minifyEnabled = false) the app…
Ahmed Mousa
  • 580
  • 1
  • 7
  • 22
8
votes
4 answers

Is there a way to integrate EncryptedSharedPreference with PreferenceScreen?

I am new to android development. Currently, I would like to encrypt a custom named Shared Preference and integrate with PreferenceScreen but failed to do so. I am using dependencies: androidx.security:security-crypto:1.0.0-alpha02…
Skeiths Chew
  • 151
  • 1
  • 13
4
votes
1 answer

No matching key found for the ciphertext in the stream Exception

Hi, I am using jetpack security encryption library for encrypting the file. I have generate Master Key with below code. MasterKey masterKey = null; try { masterKey = new MasterKey.Builder(context,…
sanket Thakare
  • 95
  • 13
3
votes
1 answer

What is in 2021 the best and safest way to encrypt Strings in Android?

I was surprised to find that Jatpack Security provides only support for File and SharedPreferences encryption. But I need to be able to encrypt and decrypt Strings because I want to use the AccountManager and to store refresh and access tokens and,…
Roberto Leinardi
  • 10,641
  • 6
  • 65
  • 69
3
votes
0 answers

Does Android Keystore and “Clear data” action of the “Settings” app are related?

I am working on a system app where I am storing some sensitive data in EncryptedSharedPreference. I realise that my app is not working as expected if I do clear data of android Settings app. That is happening because if I try to get the instance of…
GarryCyber
  • 31
  • 3
3
votes
1 answer

image encryption with jetpack EncryptedFile security

google introduced security-crypto jetpack library i want to use this library for encrypt image files, in documents of library there is no sample for encryption of image files. i converted image to bitmap - bitmap to byte array - then used library…
mabna groupe
  • 33
  • 5
2
votes
1 answer

EncryptedSharedPreferences isUserAuthenticationRequired not working properly

I am using EncryptedSharedPreferences to store encrypted data. val biometricManager = BiometricManager.from(this) val hasFingerprint = biometricManager.canAuthenticate() == BiometricManager.BIOMETRIC_SUCCESS val advanceSpec =…
Ismail Shaikh
  • 482
  • 4
  • 13
2
votes
2 answers

Save sensitive data on Android with EncryptedSharedPreferences and Biometric

I want to store sensitive information like a login PIN. Today with EncryptedSharedPreferences (ESP) one can argue that's enough. But let's say I want to offer the possibility to use Biometrics. This google sample show us how to use…
GuilhE
  • 11,591
  • 16
  • 75
  • 116
1
vote
2 answers

Need to obfuscate sensitive data in Android app

Currently in my android app is secured by DexGuard to obfuscate strings and sensitive information like network API keys which is present inside source code. I have used DexGuarsd so that no one can reverse engineer it. However I need to stop…
SVK
  • 676
  • 1
  • 5
  • 17
1
vote
1 answer

String encryption using Jetpack Security in Android

Currently we are encrypting our String as: import android.util.Base64; import java.security.Key; import java.util.Arrays; import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.SecretKeySpec; public class Cipher { private static…
Faizan Mubasher
  • 4,427
  • 11
  • 45
  • 81
1
vote
1 answer

Android Jetpack security - sample code won't compile "no suitable constructor found for FileReader(EncryptedFile)"

I'm working on testing the beta version of Google's Android Jetpack for security. The sample code here is simple enough, but it will not compile: foo.java:274: error: no suitable constructor found for FileReader(EncryptedFile) new…
spartygw
  • 3,289
  • 2
  • 27
  • 51
0
votes
0 answers

How to solve android.security.KeyStore.getKeyStoreException in Android 11?

I am getting to many of below android security related exception/crash on my test enviourment Device: Galaxy A52 5G Android: 11 android.security.KeyStore.getKeyStoreException KeyStore.java:1441 android.security.KeyStore.getInvalidKeyException…
Sultan
  • 119
  • 1
  • 12
0
votes
1 answer

In Android, How to secure api keys on client side even when device is rooted?

How do we secure api keys on rooted device? As you know we cant trust the client what we can do is make things difficult for the hacker. Following are some of the points which I know to secure keys Using NDK (store key in your C class and get it in…
Ahmad Shahwaiz
  • 1,432
  • 1
  • 17
  • 35
0
votes
0 answers

Usage of Jetpack Security with two master keys

Anyone had success in using Jetpack Security for encryption with two separate master keys? The use case for this is having one set of data encrypted with a "regular" key and another with a key with additional biometric protection. Tried the…
marcinm
  • 281
  • 1
  • 2
  • 11