我正在构建一个Android应用程序,需要在Android设备上存储安全数据,该设备也支持4.0之前的旧版本Android。我知道 android 4.0 及之后的版本支持钥匙串(keychain),但我的应用程序需要支持旧版本。 那么任何人都可以帮忙并让我知道旧版 Android 操作系统使用哪种方法吗?
最佳答案
在 ICS 之前的 Android 版本上,您可以使用 KeyStore
,以下是存储到 KeyStore
的示例:
public boolean setEntry(String alias, String secretKey) {
boolean keyStoreEntryWritten = false;
if (mKeystore != null && secretKey != null) {
// store something in the key store
SecretKeySpec sks = new SecretKeySpec(secretKey.getBytes(), "MD5");
KeyStore.SecretKeyEntry ske = new KeyStore.SecretKeyEntry(sks);
KeyStore.ProtectionParameter pp = new KeyStore.PasswordProtection(null);
try {
mKeystore.setEntry(alias, ske, pp);
// save key store
boolean success = saveKeyStore();
if (success) {
keyStoreEntryWritten = true;
}
} catch (KeyStoreException ex) {
Log.e(TAG, "Failed to read keystore" + mKeyStoreName);
}
}
return keyStoreEntryWritten;
}
private boolean saveKeyStore() {
FileOutputStream fos = null;
boolean keyStoreSaved = true;
// generate key store path
String keyStoreFilePath = generateKeyStoreFilePath(mKeyStoreName, mKeystoreDirectoryPath);
try {
fos = new FileOutputStream(keyStoreFilePath);
mKeystore.store(fos, mKeyStorePassword.toCharArray());
} catch (Exception ex) {
keyStoreSaved = false;
Log.e(TAG, "Failed to save keystore " + mKeyStoreName);
} finally {
if (fos != null) {
try {
fos.close();
} catch (IOException ex) {
keyStoreSaved = false;
Log.e(TAG, "Failed to close FileOutputStream");
}
}
}
return keyStoreSaved;
}
您可以在这里找到更多信息:http://developer.android.com/reference/java/security/KeyStore.html
编辑:
以下是检索 key 的方法:
public String getEntry(String alias) {
String secretStr = null;
byte[] secret = null;
if (mKeystore != null) {
try {
if (!mKeystore.containsAlias(alias)) {
Log.w(TAG, new StringBuilder().append("Keystore ").append(mKeyStoreName)
.append(" does not contain entry ").append(alias).toString());
return null;
}
} catch (KeyStoreException ex) {
Log.e(TAG, "Failed to read keystore entry " + alias);
}
// get my entry from the key store
KeyStore.ProtectionParameter pp = new KeyStore.PasswordProtection(null);
KeyStore.SecretKeyEntry ske = null;
try {
ske = (KeyStore.SecretKeyEntry) mKeystore.getEntry(alias, pp);
} catch (Exception ex) {
Log.e(TAG, "Failed to read keystore entry " + alias);
}
if (ske != null) {
SecretKeySpec sks = (SecretKeySpec) ske.getSecretKey();
secret = sks.getEncoded();
if (secret != null) {
secretStr = new String(secret);
} else {
Log.e(TAG, new StringBuilder().append("Read empty keystore entry ").append(alias).toString());
}
} else {
Log.e(TAG, "Failed to read keystore entry " + alias);
}
}
return secretStr;
}
关于java - 4.0之前的旧版本android如何安全地存储密码、访问 token 等数据?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/15815622/