android - Save RSA PublicKey / PrivateKey safely -
i create , use rsa public/private key encrypt/decrypt message.i store them sharedpreferences string , when need them create string. works perfectly, secure store private key in sharedpreferences string. question :
sharedpreferences mode_private security
i learned that, can reach sharedpreferences , can generate private key string. can make private key secure while save on phone?
it depends on the level of sensitivity of private/public key pair. think, storing them in sharedpreferences not bad idea. key pair stored relative app directory , has system protection external access. but, word "shared"preferences implied, key pair shared among app components. so, if need better protection, consider storing key pair in keystore class instead . of now, best solution key pair protection. provides password based key protection.
update: there great article on android keystore , keychain usage here.
Comments
Post a Comment