I'll have a look, thanks for the suggestion. The trick will be to hide the key in such a way as to make it difficult to find, I'm hoping a combination of proguard and additional obfuscation of my own will do the trick.
On Oct 5, 6:34 pm, Dimitris <[email protected]> wrote: > Yes, look for CipherOutputStream and CipherInputStream for writing and > reading the file safely. I would use a symmetric encryption algorithm > such as AES unless the XML is coming from a web service. > > On Oct 5, 9:18 am, Kostya Vasilyev <[email protected]> wrote: > > > 05.10.2010 19:59, DanH пишет: > > > > If you encrypt the entire XML file you won't be able to use Android's > > > "compiled' XML access tools, and you'll expose the unencrypted file on > > > the phone. If you encrypt individual entries then you have a > > > complicated build process and, due to the shorter elements being > > > encrypted, a more complicated decryption process and (technically) > > > less secure encryption. > > > It's possible to use CipherInputStream to do on-the-fly decryption while > > reading data from a file or from the network. > > > Per-application data files located in phone storage are private, and > > could be used to cache decrypted data. Unless, of course, the user roots > > their phone, but that's not commonplace. > > > -- > > Kostya Vasilyev -- WiFi Manager + pretty widget > > --http://kmansoft.wordpress.com > > -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
