Is it possible to invoke secretkey from android keystore file.

[muttineni2020]

For security concern, would it be possible to invoke secret key alias stored in androidkeystore ( while signing the apk). Can anybody help me on this issue.

Thanks,

[ggozad]

I am sorry I have no idea what you are talking about. Could you please phrase this a bit better?

[muttineni2020]

We have a concern about secret key store. This secret key should not be visible in code. To achieve this scenario planning to use this this plugin secure-storage. But when I look at options for this plugin, it is asking to set key and value. So in our case we don't want to specify value in code. To achieve this what we are thinking is to get key value from keystore(keystore certificate used to signin apk).

Can this be possible with secure storage plugin or any other solution appreciated.

Thanks

On Tue, May 15, 2018, 05:04 Yiorgis Gozadinos notifications@github.com wrote:

I am sorry I have no idea what you are talking about. Could you please phrase this a bit better?

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/Crypho/cordova-plugin-secure-storage/issues/144#issuecomment-389096741, or mute the thread https://github.com/notifications/unsubscribe-auth/AebdemUxXUo95XWqvRa31WAGw7y82x0Oks5typoOgaJpZM4T-d32 .

[ggozad]

Oh I see. No I am afraid this plugin is meant to encrypt and store user secrets.

[muttineni2020]

Any other solution or suggestion you might have. We are having hard time to get this kind functionality.

[ggozad]

I am afraid not. Gonna reopen this for a week or so in case someone else does. To be honest, I can't think of why you would want to do what you want to do. Relying on a secret that is not user known but rather client known feels wrong, so perhaps you want to explain a bit further.