Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: using encrypted shared preferences #29

Open
wants to merge 14 commits into
base: main
Choose a base branch
from
Open

feat: using encrypted shared preferences #29

wants to merge 14 commits into from

Conversation

jimcase
Copy link

@jimcase jimcase commented Dec 3, 2024
edited
Loading

The key changes include enhanced handling of encrypted shared preferences and migration from older storage implementations.

Key Changes

  1. Initialization Logic Enhancement:

    • Updated the initialization flow for better compatibility across Android versions.

  2. Migration Support:

    • Implemented migration of existing data from non-encrypted preferences to encrypted shared preferences for Android M+ (API 23+).
    • Ensured backward compatibility for pre-M devices using legacy shared preferences.

  3. Encryption and Decryption Updates:

    • For Android M+, switched to EncryptedSharedPreferences for modern and secure storage practices.

@jimcase jimcase changed the title Feature/using encrypted shared preferences feat: using encrypted shared preferences Dec 3, 2024
@jimcase jimcase marked this pull request as ready for review December 3, 2024 15:40
@axi92 axi92 added the enhancement New feature or request label Dec 10, 2024
@axi92 axi92 requested review from 0x7061 and mhochsto December 10, 2024 13:32
axi92
axi92 requested changes Dec 10, 2024
View reviewed changes
Copy link
Member

@axi92 axi92 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you for your PR!
It's nice to see that others use this fork as well and want to contribute too =)

package-lock.json Outdated Show resolved Hide resolved
axi92
axi92 reviewed Dec 16, 2024
View reviewed changes
android/build.gradle Outdated Show resolved Hide resolved
@axi92
Copy link
Member

axi92 commented Dec 19, 2024

Thank you for resolving the things that I mentioned 👍
@0x7061 will probably have time to look into that in January.

@0x7061
Copy link
Member

0x7061 commented Jan 7, 2025

After code review we realized the used Jetpack security crypto library seems to be deprecated.
https://developer.android.com/privacy-and-security/cryptography#jetpack_security_crypto_library

Any idea if the used EncryptedSharedPreferences can be attained through a different library?

@jimcase
Copy link
Author

jimcase commented Jan 8, 2025
edited
Loading

@axi92 @0x7061 I've reviewed the official Android documentation, and it appears that EncryptedSharedPreferences is not listed as deprecated. This component remains a recommended solution for secure storage practices on Android M+ (API 23+) devices. Thus, we can continue to use EncryptedSharedPreferences for our encryption needs as it provides a robust and updated framework for handling secure preference storage across supported Android versions.

I upgraded the lib to use the latest version androidx.security:security-crypto:1.1.0-alpha06 - April 19, 2023

https://developer.android.com/jetpack/androidx/releases/security

@jimcase
Copy link
Author

jimcase commented Jan 15, 2025

Hey @0x7061,

There unique deprecated method is EncryptedSharedPreferences.create. The docs suggest to the following:

* @deprecated Use {@link #create(Context, String, MasterKey,
* PrefKeyEncryptionScheme, PrefValueEncryptionScheme)} instead.

This means changing:

String masterKeyAlias = MasterKeys.getOrCreate(MasterKeys.AES256_GCM_SPEC);
Log.d(LOG_TAG, "Master key alias obtained or created: " + masterKeyAlias);

preferences = EncryptedSharedPreferences.create(
    PREFERENCES_FILE,
    masterKeyAlias,
    context,
    EncryptedSharedPreferences.PrefKeyEncryptionScheme.AES256_SIV,
    EncryptedSharedPreferences.PrefValueEncryptionScheme.AES256_GCM
);

To:

MasterKey masterKey = new MasterKey.Builder(context)
    .setKeyScheme(MasterKey.KeyScheme.AES256_GCM)
    .build();
Log.d(LOG_TAG, "Master key alias obtained or created: ");

preferences = EncryptedSharedPreferences.create(
    context,
    PREFERENCES_FILE,
    masterKey,
    EncryptedSharedPreferences.PrefKeyEncryptionScheme.AES256_SIV,
    EncryptedSharedPreferences.PrefValueEncryptionScheme.AES256_GCM
);

I updated the call to use the suggested EncryptedSharedPreferences.create and now i can remove the flag @SuppressWarnings("deprecation")

This was referenced Jan 20, 2025
Closed
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@axi92 axi92 axi92 requested changes

@0x7061 0x7061 Awaiting requested review from 0x7061

@mhochsto mhochsto Awaiting requested review from mhochsto

Requested changes must be addressed to merge this pull request.

Assignees

@0x7061 0x7061

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@jimcase @axi92 @0x7061