Comments (4)
Keys still get deleted in API levels lower than 21. But on API level 21+ we might be able to enforce key encryption at rest. Some testing is required and if everything seems ok then I'll set the library's minSDK level to be 21 and turn on key encryption at rest.
from secured-preference-store.
In API 21+, do keys not get deleted? It was my understanding that not every device can provide the hardware-backed keystore and in those cases, if the keys are encrypted at rest, they are encrypted using the device lock and I would assume they would have to be deleted upon a change? Did you get round to testing this?
from secured-preference-store.
In API 21+ if there is a hardware backed store available then the keys aren't supposed to get deleted. But keys are still reported to be lost or rendered unrecoverable on some devices. That's why the library now has a recovery mechanism (actually a notifying mechanism) to handle that kind of an event.
from secured-preference-store.
Also see the comment from a Google engineer who says the following about the setEncryptionRequired
method in API < 21:
(in the opinion of the Android security team) unnecessary encryption
and justifies it with the following argument:
it provides very little security, because you have to root the device to get at the encrypted keys, and once you've done that you have all sorts of options to get at the plaintext.
from secured-preference-store.
Related Issues (20)
- Some help would be appreciated HOT 1
- Add ability to seed SecureRandom
- App Crashed in lollipop OS version with error "java.lang.IllegalStateException: Must call init() before using the store" HOT 2
- RSA Key Generation failed with "IllegalArgumentException: startDate == null" HOT 1
- Failed to init Secured Preference Store. Exception: java.lang.ClassCastException: java.lang.Integer cannot be cast to java.lang.String HOT 4
- Cannot connect to keystore HOT 1
- KeyStoreException Signature/MAC verification failed
- java.lang.NoClassDefFoundError: devliving.online.securedpreferencestore.Logger on Android APi 19 HOT 1
- Cipher not initialized issue sometimes(Once if i run the test case 10 times). HOT 1
- KeyStore exception in log on Android 9 device HOT 6
- llegalStateException: Must call init() before using the store HOT 4
- Should seedKey be stored securely? HOT 1
- AndroidManifest contains application label HOT 2
- [Question] - Sharing among multiple apps HOT 3
- Getting encrypted value when using OnSharedPreferenceChangeListener HOT 2
- AES only supported by Android API 23+
- anr when generateAESKey and call mStore.containsAlias(AES_KEY_ALIAS)
- Very long strings are not stored
- "Key not yet valid" on device HOT 1
- Alternative to this library? HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from secured-preference-store.