Android Question Using keystore for storing sensitive data

iCAB · May 3, 2020

Hi There

I would like to use the android keystore for storing sensitive data.

I found the thread below, but I was unable to figure out how to use it to store & retrieve data.
https://www.b4x.com/android/forum/t...r-android-keystore-system.112600/#post-702658

How to get the encrypted string from the call below, store it and then retrieve it later on?

B4X:

ks.encryptString(alias,strtoencrypt)

Can someone clarify please,

Thanks
iCAB

DonManfred · May 4, 2020

B4X:

   ks.encryptString(alias,strtoencrypt)

End Sub
Sub KeyStore_Encrypted(encrypted() As Byte, iv() As Byte, base64 As String)
    Log($"KeyStore_Encrypted(${base64},${encrypted.Length},${iv.Length})"$)
    ' Note to save the iv array to later be able to Decrypt!
    Log($"Decrypt using the IV"$)
    Dim decrypted As String = ks.decryptString("DonManfred",base64,iv)
    Log($"Decrypted: ${decrypted}"$)
    
End Sub

iCAB · May 4, 2020

Hi Don

Thanks for your reply.
Sorry still not clear

1. Does this encrypt the string? and if so how to capture the returned value?

B4X:

 ks.encryptString(alias,strtoencrypt)

2. I don't see this function being called anywhere in the sample code

B4X:

Sub KeyStore_Encrypted(encrypted() As Byte, iv() As Byte, base64 As String)

and when called, what values should be provided in enctypted() & iv()

Thanks
iCAB

DonManfred · May 4, 2020

iCAB said:
2. I don't see this function being called anywhere in the sample code

It is an Event which is raised when the encryption is ready.

iCAB said:
and when called, what values should be provided in enctypted() & iv()

The values are FILLED in the Event.

It is a Event which is raised because i need to return multiple values; not only the encrypted string.
In the event you get the encrypted string AND the iv Vector.

DonManfred said:
' Note to save the iv array to later be able to Decrypt!

iCAB · May 4, 2020

Thanks Don for your great help!

iCAB · May 4, 2020

One more question please

Are we supposed to store "base64" securely in the keystore or is it ok to store it anywhere at this point?

DonManfred · May 4, 2020

the base 64 is the encryted string. It it up to you to do what you want to do with.
It is the encrypted string converted to base64. You can save it if you want.
Remember to have a copy of the iv used.

iCAB · May 4, 2020

Thanks Don, you're the best!

Android Question Using keystore for storing sensitive data

iCAB

Well-Known Member

DonManfred

Expert

iCAB

Well-Known Member

DonManfred

Expert

iCAB

Well-Known Member

iCAB

Well-Known Member

DonManfred

Expert

iCAB

Well-Known Member

Similar Threads