A shared preference implementation for confidential data in Android. Per default uses AES-GCM, BCrypt and HKDF as cryptographic primitives. Uses the concept of device fingerprinting combined with optional user provided passwords and strong password hashes.
Currently the sharedPreference implementation keeps the char[] array of the user password in memory until its closed. This makes it quite easy to read the cleartext password when instrumenting the device and reading the current memory (e.g. with Frida). There is a datastructure which obfuscates the content of a field, so it can be used until it is actually used.
It WOULD be way better to derive a byte array directly when passing the password (using a hash function or similar), then use this byte array when deriving the main key (so the clear pw is never in memory again), but that would entail making non-backwards compatible changes.
Currently the sharedPreference implementation keeps the char[] array of the user password in memory until its closed. This makes it quite easy to read the cleartext password when instrumenting the device and reading the current memory (e.g. with Frida). There is a datastructure which obfuscates the content of a field, so it can be used until it is actually used.
It WOULD be way better to derive a byte array directly when passing the password (using a hash function or similar), then use this byte array when deriving the main key (so the clear pw is never in memory again), but that would entail making non-backwards compatible changes.