android - 如果 Facebook Conceal 仅将 key 存储在 SharedPreferences 中，它如何保证安全？

Question

我想保护一些存储在 SharedPreferences 中的用户数据，所以我查看了 Facebook Conceal。

存储在 SharedPreferences 中的内在问题是有访问它和查看数据的方法，所以自然而然地人们会考虑加密它以便查看它是没有用的，但是如果Facebook Conceal 还将 key 存储在 SharedPreferences 中，它如何安全？看起来在这种情况下查看数据现在只需要两个额外的步骤——获取 key 并使用它来解密数据。

我想我在这里遗漏了一些东西，所以我只是想澄清为什么 Facebook Conceal 是安全的，如果它将用于解密数据的 key 存储在数据所在的同一位置一开始就没有安全感。

Answer 1

Well Shared Prefs 可以是公共(public)的或私有(private)的。但这意味着将安全组分配给存储键/值对及其位置的 xml 文件。

如果您希望某些东西是安全的，您可以使用 SecureSharedPreference 实现。这将确保没有人可以窃取您的信息(永远不会保证 super 黑客哈哈)，但这就像偷一门外语并祝你好运。

但是，如果你想确保它不被盗，不被触及，那么使用本地数据库会更好。不过，这也容易受到有才华的黑客的攻击，因此如果确实需要确保它在数据库中加密并为您的应用程序私下存储，您可以使用 SQLCipher。

因此，您的架构和安全需求取决于您以及您的安全团队可以接受的内容。这是一个开源 securePref 文件，我将其用于需要安全存储和访问的数据，但如果有人窃取了我的 mumble jumble，这还不是世界末日，因为他们无法对它做任何事情。

 /*
Copyright (C) 2012 Sveinung Kval Bakken, sveinung.bakken@gmail.com
Permission is hereby granted, free of charge, to any person obtaining
a copy of this software and associated documentation files (the
"Software"), to deal in the Software without restriction, including
without limitation the rights to use, copy, modify, merge, publish,
distribute, sublicense, and/or sell copies of the Software, and to
permit persons to whom the Software is furnished to do so, subject to
the following conditions:
The above copyright notice and this permission notice shall be
included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 */

import android.content.Context;
import android.content.SharedPreferences;
import android.util.Base64;

import java.io.UnsupportedEncodingException;
import java.security.GeneralSecurityException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;

import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;


public class SecuredPreferences {

    public static class SecurePreferencesException extends RuntimeException {

        public SecurePreferencesException(Throwable e) {
            super(e);
        }

    }

        private static final String TRANSFORMATION = "AES/CBC/PKCS5Padding";
        private static final String KEY_TRANSFORMATION = "AES/ECB/PKCS5Padding";
        private static final String SECRET_KEY_HASH_TRANSFORMATION = "SHA-256";
        private static final String CHARSET = "UTF-8";

        private final boolean encryptKeys;
        private final Cipher writer;
        private final Cipher reader;
        private final Cipher keyW

riter;
    private final SharedPreferences preferences;

    /**
     * This will initialize an instance of the SecurePreferences class
     * @param context your current context.
     * @param preferenceName name of preferences file (preferenceName.xml)
     * @param secureKey the key used for encryption, finding a good key scheme is hard.
     * Hardcoding your key in the application is bad, but better than plaintext preferences. Having the user enter the key upon application launch is a safe(r) alternative, but annoying to the user.
     * @param encryptKeys settings this to false will only encrypt the values,
     * true will encrypt both values and keys. Keys can contain a lot of information about
     * the plaintext value of the value which can be used to decipher the value.
     * @throws SecurePreferencesException
     */
    public SecuredPreferences(Context context, String preferenceName, String secureKey, boolean encryptKeys) throws SecurePreferencesException {
        try {
            this.writer = Cipher.getInstance(TRANSFORMATION);
            this.reader = Cipher.getInstance(TRANSFORMATION);
            this.keyWriter = Cipher.getInstance(KEY_TRANSFORMATION);

            initCiphers(secureKey);

            this.preferences = context.getSharedPreferences(preferenceName, Context.MODE_PRIVATE);

            this.encryptKeys = encryptKeys;
        }
        catch (GeneralSecurityException e) {
            throw new SecurePreferencesException(e);
        }
        catch (UnsupportedEncodingException e) {
            throw new SecurePreferencesException(e);
        }
    }

    protected void initCiphers(String secureKey) throws UnsupportedEncodingException, NoSuchAlgorithmException, InvalidKeyException,
            InvalidAlgorithmParameterException {
        IvParameterSpec ivSpec = getIv();
        SecretKeySpec secretKey = getSecretKey(secureKey);

        writer.init(Cipher.ENCRYPT_MODE, secretKey, ivSpec);
        reader.init(Cipher.DECRYPT_MODE, secretKey, ivSpec);
        keyWriter.init(Cipher.ENCRYPT_MODE, secretKey);
    }

    protected IvParameterSpec getIv() {
        byte[] iv = new byte[writer.getBlockSize()];
        System.arraycopy("fldsjfodasjifudslfjdsaofshaufihadsf".getBytes(), 0, iv, 0, writer.getBlockSize());
        return new IvParameterSpec(iv);
    }

    protected SecretKeySpec getSecretKey(String key) throws UnsupportedEncodingException, NoSuchAlgorithmException {
        byte[] keyBytes = createKeyBytes(key);
        return new SecretKeySpec(keyBytes, TRANSFORMATION);
    }

    protected byte[] createKeyBytes(String key) throws UnsupportedEncodingException, NoSuchAlgorithmException {
        MessageDigest md = MessageDigest.getInstance(SECRET_KEY_HASH_TRANSFORMATION);
        md.reset();
        byte[] keyBytes = md.digest(key.getBytes(CHARSET));
        return keyBytes;
    }

    public void put(String key, String value) {
        if (value == null) {
            preferences.edit().remove(toKey(key)).commit();
        }
        else {
            putValue(toKey(key), value);
        }
    }

    public boolean containsKey(String key) {
        return preferences.contains(toKey(key));
    }

    public void removeValue(String key) {
        preferences.edit().remove(toKey(key)).commit();
    }

public String getString(String key) throws SecurePreferencesException {
    if (preferences.contains(toKey(key))) {
        String securedEncodedValue = preferences.getString(toKey(key), "");
        return decrypt(securedEncodedValue);
    }
    return null;
}

public void clear() {
    preferences.edit().clear().commit();
}

private String toKey(String key) {
    if (encryptKeys)
        return encrypt(key, keyWriter);
    else return key;
}

private void putValue(String key, String value) throws SecurePreferencesException {
    String secureValueEncoded = encrypt(value, writer);

    preferences.edit().putString(key, secureValueEncoded).commit();
}

protected String encrypt(String value, Cipher writer) throws SecurePreferencesException {
    byte[] secureValue;
    try {
        secureValue = convert(writer, value.getBytes(CHARSET));
    }
    catch (UnsupportedEncodingException e) {
        throw new SecurePreferencesException(e);
    }
    String secureValueEncoded = Base64.encodeToString(secureValue, Base64.NO_WRAP);
    return secureValueEncoded;
}

protected String decrypt(String securedEncodedValue) {
    byte[] securedValue = Base64.decode(securedEncodedValue, Base64.NO_WRAP);
    byte[] value = convert(reader, securedValue);
    try {
        return new String(value, CHARSET);
    }
    catch (UnsupportedEncodingException e) {
        throw new SecurePreferencesException(e);
    }
}

private static byte[] convert(Cipher cipher, byte[] bs) throws SecurePreferencesException {
    try {
            return cipher.doFinal(bs);
        }
        catch (Exception e) {
            throw new SecurePreferencesException(e);
        }
    }
}

希望这对您有所帮助。对于安全 key ，只需制作您自己的随机盐，但保持固定，这样它就不会改变。