Mal
Reputation: 373
Private Key storage in Android
I have to store the private key of my app in a secure location in the android device, i read about certStore, but it doesnt allow to store a file in it. Is there any location where I can store it securely and doesn't get deleted if app re-installs.
Upvotes: 2
Views: 2968
Answers (1)
user370305
Reputation: 109247
You can store the key in the Preferences of your App. This will protect the key from
getting read by other applications because of the underlying file system restrictions of
the Android system.
But this won't protect the key from being read by the user itself.
and if you want to use this shared preference after your application removed and again installed in device then try for Android Backup Manager. I think its help you in re-installation of your activity's data.
EDIT: Android (unfortunately) does not provide a way to do so. The approach I've used
before is to encrypt this token with another key generated within the app.
Your app key can be algorithmically generated. This, however, is only as secure as
your algorithm. Once that is known this is equivalent to storing the token in plain text.
Thanks.
Upvotes: 1
Related Questions
- Storing RSA Private Key Android
- Store Client Certificate and key (.pem) in Android securely
- Storing private keys in keystore in Android
- Saving private key with certificate in keystore - Android
- How to store key using Android Key Store Provider
- Encrypt data using private certificate inside android keystore
- How to store the certificate and private key in the keystore of SSL context?
- Android - Storing private keys in keystore
- Embedding private key into application code in Android
- Pack a certificate containing the private key in .apk on download