其他
干货|加密shared_prefs/xml中的内容防窃取
Secure Preferences用来加密Android上的Shared Preferences防止安全防护不足的情况下被窃取
https://github.com/scottyab/secure-preferenceshttps://github.com/scottyab/secure-preferences/releasesgit clone https://github.com/scottyab/secure-preferences.git编译secure-preferences源码中的library模块生成了library-debug.aar
secure-preferences\library\build\outputs\aar\library-debug.aarAndroid项目中引用secure-preferences加密模块
library-debug.aar或implementation 'com.scottyab:secure-preferences-lib:0.1.7'@DebugLogpublic SharedPreferences getSharedPreferences() { if(mSecurePrefs==null){ mSecurePrefs = new SecurePreferences(this, "", "my_prefs.xml"); SecurePreferences.setLoggingEnabled(true); } return mSecurePrefs;}
@DebugLogpublic SharedPreferences getSharedPreferences1000() { try { AesCbcWithIntegrity.SecretKeys myKey = AesCbcWithIntegrity.generateKeyFromPassword(Build.SERIAL,AesCbcWithIntegrity.generateSalt(),1000); return new SecurePreferences(this, myKey, "my_prefs_1000.xml"); } catch (GeneralSecurityException e) { Log.e(TAG, "Failed to create custom key for SecurePreferences", e); } return null;}@DebugLogpublic SharedPreferences getDefaultSharedPreferences() { return PreferenceManager.getDefaultSharedPreferences(this);}
@DebugLogpublic SecurePreferences getUserPinBasedSharedPreferences(String password){ if(mUserPrefs==null) { mUserPrefs = new SecurePreferences(this, password, "user_prefs.xml"); } return mUserPrefs;}
@DebugLogpublic boolean changeUserPrefPassword(String newPassword){ if(mUserPrefs!=null){ try { mUserPrefs.handlePasswordChange(newPassword, this); return true; } catch (GeneralSecurityException e) { Log.e(TAG, "Error during password change", e); } } return false;}Android系统本地/data/data/XXXXXX/shared_prefs目录里xml文件加密后的效果图
XML using Standard Android SharedPreferences
<map> <int name="timeout" value="500" /> <boolean name="is_logged_in" value="true" /></map>XML with SecurePreferences
<map> <string name="TuwbBU0IrAyL9znGBJ87uEi7pW0FwYwX8SZiiKnD2VZ7"> pD2UhS2K2MNjWm8KzpFrag==:MWm7NgaEhvaxAvA9wASUl0HUHCVBWkn3c2T1WoSAE/g=rroijgeWEGRDFSS/hg </string> <string name="8lqCQqn73Uo84Rj">k73tlfVNYsPshll19ztma7U"> pD2UhS2K2MNjWm8KzpFrag==:MWm7NgaEhvaxAvA9wASUl0HUHCVBWkn3c2T1WoSAE/g=:jWm8KzUl0HUHCVBWkn3c2T1WoSAE/g= </string></map>implementation 'com.scottyab:secure-preferences-lib:0.1.7'