I need to save some private user values in SharedPreferences.
I came across this article:
https://medium.com/@ericfu/securely-storing-secrets-in-an-android-application-501f030ae5a3
It explains most of the things you need to do, but there seems to be a missing part on how to store the private and public key (for APIs and 23) in the keystore.
So, if we have API version 18-22, we do the following: we open the keystore
KeyStore keyStore = KeyStore.getInstance(AndroidKeyStore);
keyStore.load(null);
we generate a key pair
Calendar start = Calendar.getInstance();
Calendar end = Calendar.getInstance();
end.add(Calendar.YEAR, 30);
KeyPairGeneratorSpec spec = new KeyPairGeneratorSpec.Builder(mContext)
.setAlias(KEY_ALIAS)
.setSubject(new X500Principal("CN=" + KEY_ALIAS))
.setSerialNumber(BigInteger.TEN)
.setStartDate(start.getTime())
.setEndDate(end.getTime())
.build();
KeyPairGenerator kpg = KeyPairGenerator.getInstance(KeyProperties.KEY_ALGORITHM_RSA, AndroidKeyStore);
kpg.initialize(spec);
mEncryptionPair = kpg.generateKeyPair();
Now we can use the public key to encrypt data and the private key to decrypt it. But we need to save the key pair in the keystore, and then restore it. How should I do it?
, Android Studio
KeyPairGenerator kpg = KeyPairGenerator.getInstance(KeyProperties.KEY_ALGORITHM_RSA, AndroidKeyStore);
:
Field requires API level 23 (current min is 14): android.security.keystore.KeyProperties#KEY_ALGORITHM_RSA