A shared preference implementation for confidential data in Android. Per default uses AES-GCM, BCrypt and HKDF as cryptographic primitives. Uses the concept of device fingerprinting combined with optional user provided passwords and strong password hashes.
Armadillo builder now has a new medoth (supportVerifyPassword()) that allows you to enable this feature.
If you enable it, a known value (preferences salt) is stored encrypted with the password the first time that Armadillo is initialised.
ArmadilloSharedPreferences has a new medoth (isValidPassword()), it tries to decrypt the stored value and compares it to the original known value. If the values match the validation succeeds, otherwise, it fails.
By default, support verify password is disabled.
It takes around 400ms in my device to verify the password.
Known issues:
If RecoveryPolicy.shouldRemoveBrokenContent() is enabled, the verification value is deleted when the password verification fails.
patrickfav
commented
6 years ago
Ref #24
POC of password verification
supportVerifyPassword()) that allows you to enable this feature.isValidPassword()), it tries to decrypt the stored value and compares it to the original known value. If the values match the validation succeeds, otherwise, it fails.Known issues:
RecoveryPolicy.shouldRemoveBrokenContent()is enabled, the verification value is deleted when the password verification fails.