I need to perform simple encryption in SharedPreferences .

So I found these 2 simple methods, one to encrypt the other, on the contrary, to get data.

 private static String encrypt(String input) { return Base64.encodeToString(input.getBytes(), Base64.DEFAULT); } private static String decrypt(String input) { return new String(Base64.decode(input, Base64.DEFAULT)); }

And you need to use them like this

 // Write SharedPreferences preferences = getSharedPreferences("some_prefs_name", MODE_PRIVATE); SharedPreferences.Editor editor = preferences.edit(); editor.putString(encrypt("password"), encrypt("dummypass")); editor.apply(); // Or commit if targeting old devices // Read SharedPreferences preferences = getSharedPreferences("some_prefs_name", MODE_PRIVATE); String pass = preferences.getString(decrypt("password"), "default");

And now I have a question, will this method work correctly when saving and retrieving boolean and int values? As this example shows how to work with String ...

  • one
    This has nothing to do with browsing, so it’s better to encrypt and decrypt rename methods so as not to mislead readers - andreymal

1 answer 1

Your methods can work only with the String type, as in Java static typing. However, you can use the toString() and valueOf() methods of the corresponding wrapper classes to work with the types boolean and int .

Boolean.toString ()

Boolean.valueOf ()

Integer.toString ()

Integer.valueOf ()

I note that in this case, for the type boolean , only two results of the output of your function are possible (corresponding to true and false values).

Also note that the implementations of the functions you specify do not encrypt the string (they do not even take the encryption key as input), they simply convert the string to Base64 encoding. If you really need to encrypt the text, try looking here , here and here .

  • OK thanks! Well, then, as for the conclusion ... It seems to me that this encoding will be enough, just so that if the user gets into the file pref he does not want to change something, because nothing is clear ... What do you think? - Aleksey Timoshchenko
  • one
    The laziness factor for the average user is quite significant, but you can accidentally create a “market” for those who are not too lazy to parse the “tangled” data for the lazy. - DimXenon
  • one
    @AlekseyTimoshchenko In addition to Base64, it is possible to process a string using a XOR mask, and it will not be too lazy to parse only the "villain" who is very interested in decoding, and it is very easy to implement such encryption. - pavlofff
  • one
    In principle, you can apply a simple replacement cipher with a hard-coded replacement table. Those. In fact, the same Base64, but not the default, but its own. If your file is small and the plaintext is not very similar to the text of a natural language (which is just typical for configuration files), then probably even frequency analysis will not give anything to a potential hacker. And to disassemble manually - laziness. - hunter
  • one
    UPD: no, a little lied. Just frequency analysis and can give results. A ciphertext will have two features: 1) because of the digits (int), there will be approximately equally frequent some 10 ciphertext characters. 2) boolean - blocks of 4 (true) and 5 (false) ciphertext characters will be repeated frequently. - hunter