干货|加密shared_prefs/xml中的内容防窃取

Secure Preferences用来加密Android上的Shared Preferences防止安全防护不足的情况下被窃取

https://github.com/scottyab/secure-preferences
https://github.com/scottyab/secure-preferences/releases
git clone https://github.com/scottyab/secure-preferences.git

编译secure-preferences源码中的library模块生成了library-debug.aar

secure-preferenceslibraryuildoutputsaarlibrary-debug.aar

Android项目中引用secure-preferences加密模块

library-debug.aar
或
implementation com.scottyab:secure-preferences-lib:0.1.7

@DebugLog
public SharedPreferences getSharedPreferences() {
  if(mSecurePrefs==null){
    mSecurePrefs = new SecurePreferences(this, "", "my_prefs.xml");
    SecurePreferences.setLoggingEnabled(true);
  }
  return mSecurePrefs;
}

@DebugLog
public SharedPreferences getSharedPreferences1000() {
  try {
    AesCbcWithIntegrity.SecretKeys myKey = AesCbcWithIntegrity.generateKeyFromPassword(Build.SERIAL,AesCbcWithIntegrity.generateSalt(),1000);
    return new SecurePreferences(this, myKey, "my_prefs_1000.xml");
  } catch (GeneralSecurityException e) {
    Log.e(TAG, "Failed to create custom key for SecurePreferences", e);
  }
  return null;
}

@DebugLog
public SharedPreferences getDefaultSharedPreferences() {
  return PreferenceManager.getDefaultSharedPreferences(this);
}

@DebugLog
public SecurePreferences getUserPinBasedSharedPreferences(String password){
  if(mUserPrefs==null) {
    mUserPrefs = new SecurePreferences(this, password, "user_prefs.xml");
  }
  return mUserPrefs;
}

@DebugLog
public boolean changeUserPrefPassword(String newPassword){
  if(mUserPrefs!=null){
    try {
      mUserPrefs.handlePasswordChange(newPassword, this);
      return true;
    } catch (GeneralSecurityException e) {
      Log.e(TAG, "Error during password change", e);
    }
  }
  return false;
}

XML using Standard Android SharedPreferences

<map>
    <int name="timeout" value="500" />
    <boolean name="is_logged_in" value="true" />
</map>

XML with SecurePreferences

<map>
    <string name="TuwbBU0IrAyL9znGBJ87uEi7pW0FwYwX8SZiiKnD2VZ7">
        pD2UhS2K2MNjWm8KzpFrag==:MWm7NgaEhvaxAvA9wASUl0HUHCVBWkn3c2T1WoSAE/g=rroijgeWEGRDFSS/hg
    </string>
    <string name="8lqCQqn73Uo84Rj">k73tlfVNYsPshll19ztma7U">
        pD2UhS2K2MNjWm8KzpFrag==:MWm7NgaEhvaxAvA9wASUl0HUHCVBWkn3c2T1WoSAE/g=:jWm8KzUl0HUHCVBWkn3c2T1WoSAE/g=
    </string>
</map>

implementation com.scottyab:secure-preferences-lib:0.1.7