public final class EncryptedFile
Class used to create and read encrypted files. WARNING: The encrypted file should not be backed up with Auto Backup. When restoring the file it is likely the key used to encrypt it will no longer be present. You should exclude all EncryptedFiles from backup using backup rules. Be aware that if you are not explicitly calling setKeysetPrefName() there is also a silently-created default preferences file created at
ApplicationProvider
.getApplicationContext()
.getFilesDir()
.getParent() + "/shared_prefs/__androidx_security_crypto_encrypted_file_pref__"This preferences file (or any others created with a custom specified location) also should be excluded from backups. Basic use of the class:
MasterKey masterKey = new MasterKey.Builder(context)
.setKeyScheme(MasterKey.KeyScheme.AES256_GCM)
.build();
File file = new File(context.getFilesDir(), "secret_data");
EncryptedFile encryptedFile = EncryptedFile.Builder(
context,
file,
masterKey,
EncryptedFile.FileEncryptionScheme.AES256_GCM_HKDF_4KB
).build();
// write to the encrypted file
FileOutputStream encryptedOutputStream = encryptedFile.openFileOutput();
// read the encrypted file
FileInputStream encryptedInputStream = encryptedFile.openFileInput();
Summary
Public methods
openFileInput
public @NonNull FileInputStreamopenFileInput()
Opens a FileInputStream that reads encrypted files based on the previous settings.
Please ensure that the same master key and keyset are used to decrypt or it will cause failures.
openFileOutput
public @NonNull FileOutputStreamopenFileOutput()
Opens a FileOutputStream for writing that automatically encrypts the data based on the provided settings.
Please ensure that the same master key and keyset are used to decrypt or it will cause failures.