EncryptedSharedPreferences が deprecated になっちゃった！どうしよう！ / Oh no! EncryptedSharedPreferences has been deprecated! What should I do?

Transcript

1. ͋Μ͍͟Ώ͖ (@yanzm) &ODSZQUFE4IBSFE1SFGFSFODFT
   ͕
   EFQSFDBUFE
   ʹͳͬͪΌͬͨʂ
   Ͳ͏͠Α͏ʂ 1 2025.9.12 DroidKaigi 2025

2. :VLJ
   "O[BJ w "OESPJE
   &OHJOFFS
   w (PPHMF
   %FWFMPQFS
   &YQFSU
   GPS
   "OESPJE
   w 9
   UXJUUFS
   
   !ZBO[N
   w

   CMPH
   
   ZBO[NCMPHTQPUDPN
   w גࣜձࣾ΢ϑΟΧ
   ୅දऔక໾
   w ࡳຈɾؔ౦
   ڌ఺ੜ׆ 2

3. "HFOEB w +FUQBDL
   4FDVSJUZ
   w ͳͥඇਪ঑
   EFQSFDBUFE
   ʹͳͬͨͷ͔
   w Ҡߦઌͷબ୒ࢶ
   w

   ϚΠάϨʔγϣϯ
   w க໋తΫϥογϡ΁ͷରԠ 3

4. +FUQBDL
   4FDVSJUZ 4

5. +FUQBDL
   4FDVSJUZ
   +FU4FD w "OESPJE9ϥΠϒϥϦ܈ͷҰͭ
   w BOESPJEYTFDVSJUZ
   άϧʔϓ
   w TFDVSJUZDSZQUP
   
   EFQSFDBUFE
   w TFDVSJUZBQQBVUIFOUJDBUPS
   

   w TFDVSJUZBQQBVUIFOUJDBUPSUFTUJOH
   w TFDVSJUZJEFOUJUZDSFEFOUJBM 5 https://developer.android.com/jetpack/androidx/releases/security https://developer.android.com/privacy-and-security/cryptography#security-crypto-jetpack-deprecated

6. TFDVSJUZDSZQUP w (PPHMF
   *0
   
   Ͱൃද
   w 
   TUBCMF
   ͸೥݄
   w ηΩϡϦςΟͷϕετϓϥΫςΟεΛ؆ૉԽ͢ΔͨΊʹઃܭ͞ΕͨϥΠϒϥϦ
   w +$"ͷΑ͏ͳ௿Ϩϕϧ"1*͸ඇৗʹڧྗ͕ͩෳࡶͰޡ༻͠΍͍͢
   w

   ઐ໳ՈʹΑͬͯݕূ͞Εͨ҆શͳσϑΥϧτઃఆΛఏڙ
   w NJO4EL7FSTJPO
   ʢ"OESPJE
   
   .BSTINBMMPXʣ
   w ,FZ(FO1BSBNFUFS4QFD
   Λར༻͢ΔͨΊ 6 https://android-developers.googleblog.com/2019/05/whats-new-with-android-jetpack.html

7. ओཁͳػೳ w &ODSZQUFE4IBSFE1SFGFSFODFT
   w &ODSZQUFE'JMF 7 https://developer.android.com/reference/kotlin/androidx/security/crypto/package-summary

8. &ODSZQUFE4IBSFE1SFGFSFODFT w 4IBSFE1SFGFSFODFT
   ΠϯλʔϑΣʔεΛ࣮૷͠ɺΩʔͱ஋ͷ྆ํΛࣗಈతʹ ҉߸Խ͢ΔΫϥε 8 val masterKey = MasterKey.Builder(context) .setKeyScheme(MasterKey.KeyScheme.AES256_GCM)

   .build() val pref: SharedPreferences = EncryptedSharedPreferences.create( context, "secret_shared_prefs", masterKey, EncryptedSharedPreferences.PrefKeyEncryptionScheme.AES256_SIV, EncryptedSharedPreferences.PrefValueEncryptionScheme.AES256_GCM ) pref.edit { … }

9. &ODSZQUFE'JMF w ϑΝΠϧͷಡΈॻ͖Λ҉߸Խ͢ΔϢʔςΟϦςΟ 9 val masterKey = MasterKey.Builder(context) .setKeyScheme(MasterKey.KeyScheme.AES256_GCM) .build()

   val encryptedFile = EncryptedFile.Builder( context, File(context.filesDir, "secret_data"), masterKey, EncryptedFile.FileEncryptionScheme.AES256_GCM_HKDF_4KB ).build() val encryptedOutputStream = encryptedFile.openFileOutput() val encryptedInputStream = encryptedFile.openFileInput()

10. ಺෦ͷґଘؔ܎ w TFDVSJUZDSZQUP
    ˠ
    5JOL
    ˠ
    "OESPJE
    ,FZTUPSF
    ˠ
    0&.
    fi SNXBSF IBSEXBSF
    w 5JOL
    
    (PPHMF
    ੡ͷϚϧνϓϥοτϑΥʔϜରԠͷΦʔϓϯιʔε҉߸ԽϥΠ ϒϥϦ
    w

    IUUQTHJUIVCDPNUJOLDSZQUPUJOLKBWB 10

11. ಺෦ߏ଄
    
    ૚ߏ଄γεςϜ w ϚελʔΩʔ
    
    "OESPJE
    ,FZTUPSF
    ಺ʹੜ੒ɾอ؅͞ΕɺΞϓϦͷϓϩηε ۭؒʹ͸ܾͯ͠࿐ग़͠ͳ͍ڧྗͳ伴
    w Ωʔηοτ
    
    ࣮ࡍͷσʔλΛ҉߸Խ͢ΔͨΊͷαϒΩʔͷू߹ମ 11 ϚελʔΩʔ Android Keystore

    ҉߸Խ σʔλ SharedPreferences ͷ XML Ωʔηοτ ҉߸Խ

12. &ODSZQUFE4IBSFE1SFGFSFODFTͷ҉߸ԽεΩʔϜ w ஋ͷ҉߸Խ
    w ඇܾఆతͳ
    "&4@($.
    Λ࢖༻
    w ಉ͡ฏจΛෳ਺ճ҉߸Խͯ͠΋ɺຖճҟͳΔ҉߸จ͕ੜ੒͞ΕΔ
    w Ωʔͷ҉߸Խ
    w

    ܾఆతͳ
    "&4@4*7
    Λ࢖༻
    w ಉ͡Ωʔ͸ৗʹಉ͡҉߸จʹม׵͞ΕΔ 12

13. &ODSZQUFE4IBSFE1SFGFSFODFT
    ͷத਎ 13 <?xml version='1.0' encoding='utf-8' standalone='yes' ?> <map> <string name="__androidx_security_crypto_encrypted_prefs_key_keyset__">12a90104ce…</string>

    <string name="ARLtwLTPSwFHnBUu54Fx9pjOOKgg7HZnjv4E6WW8rxRxloI=">AYMKS+BZSF6B6Mmxan…</string> <string name="__androidx_security_crypto_encrypted_prefs_value_keyset__">1288015e…</string> </map> <?xml version='1.0' encoding='utf-8' standalone='yes' ?> <map> <string name="__androidx_security_crypto_encrypted_prefs_key_keyset__">12a90104ce…</string> <string name=“ARLtwLTPSwFHnBUu54Fx9pjOOKgg7HZnjv4E6WW8rxRxloI=">AYMKS+C1JGpFULdDV…</string> <string name="__androidx_security_crypto_encrypted_prefs_value_keyset__">1288015e…</string> </map> ಉ͡ฏจΛ҉߸Խͯ͠΋ ҟͳΔ҉߸จʹͳΔ ৗʹಉ͡҉߸จʹͳΔ

14. ͳͥඇਪ঑
    EFQSFDBUFE
    ʹ
    ͳͬͨͷ͔ 14

15. ୈҰͷཁҼɿ҆ఆੑͷةػʢٕज़తཧ༝ʣ w ಛఆͷ0&.σόΠεͰൃੜͨ͠ɺճ෮ෆೳͳக໋తΫϥογϡ
    w ىಈ࣌ʹൃੜ͢Δ͜ͱ͕ଟ͘Ϣʔβʔ͕ΞϓϦΛશ͘࢖༻Ͱ͖ͳ͘ͳΔ
    w "OESPJEΤίγεςϜͷʮஅยԽʯ 15 https://issuetracker.google.com/issues/176215143 https://issuetracker.google.com/issues/370009394

    https://issuetracker.google.com/issues/367562662 https://issuetracker.google.com/issues/147480931

16. ୈೋͷཁҼɿࢥ૝తస׵ʢηΩϡϦςΟ্ͷཧ༝ʣ w ʮͦͷσʔλ͸ɺຊ౰ʹσόΠε্ʹอଘ͢Δඞཁ͕͋Δͷ͔ʁʯ
    w ࠷΋҆શͳσʔλ͸ɺͦ΋ͦ΋อଘ͠ͳ͍σʔλ
    w 04ϨϕϧͷϑΝΠϧϕʔε҉߸Խ
    
    αϯυϘοΫεϞσϧʹΑΔอޢ
    w 04ͷอޢΛ৴ͯ͡ɺ༨ܭͳ҉߸Խ͸͠ͳ͍
    

    w 04ͷอޢΛ௒͑Δ҉߸Խ͕ຊ౰ʹඞཁͳ΄Ͳػີੑ͕ߴ͍σʔλ
    w ։ൃऀ͸ந৅ԽʹཔΔͷͰ͸ͳ͘ɺͦͷϓϩηεΛ׬શʹཧղ͠ɺ੍ޚ͢ Δ੹೚Λෛ͏΂͖ 16

17. Ҡߦઌͷબ୒ࢶ 17

18. &ODSZQUFE4IBSFE1SFGFSFODFT
    ͷҠߦઌ w TFDVSJUZDSZQUP
    Λ࢖͍ଓ͚Δ
    w 5JOLʢ಺෦Ͱ
    "OESPJE
    ,FZTUPSF
    ࢖༻ʣ
    
    4IBSFE1SFGFSFODFT
    w 5JOLʢ಺෦Ͱ
    "OESPJE
    ,FZTUPSF
    ࢖༻ʣ
    
    %BUB4UPSF
    w

    "OESPJE
    ,FZTUPSF
    
    $JQIFS
    
    4IBSFE1SFGFSFODFT
    w "OESPJE
    ,FZTUPSF
    
    $JQIFS
    
    %BUB4UPSF 18

19. "OESPJE
    ,FZTUPSF
    
    $JQIFS 19

20. "OESPJE
    ,FZTUPSF w ҉߸伴Λίϯςφ಺ʹ֨ೲ͠ɺσόΠε͔Βͷநग़Λࠔ೉ʹ͢Δ͜ͱΛ໨తͱ ͨ͠γεςϜϨϕϧͷαʔϏε
    w 伴ϚςϦΞϧͷඇΤΫεϙʔτੑ
    w ϋʔυ΢ΣΞϨϕϧͷอޢ
    w 5&&
    

    5SVTUFE
    &YFDVUJPO
    &OWJSPONFOU
    
    04ຊମ͔Β΋ִ཭͞Εͨɺϓϩ ηοα಺ͷ҆શͳ࣮ߦ؀ڥ
    w 4USPOH#PY
    
    ઐ༻ͷ଱λϯύʔੑΛ࣋ͭϋʔυ΢ΣΞνοϓ 20

21. 伴ͷΞΫηε੍ޚ w Ϣʔβʔೝূͷཁٻ
    w 伴ͷ࢖༻લʹࢦ໲ೝূ΍إೝূͳͲͷੜମೝূΛϢʔβʔʹཁٻ
    w ༗ޮظؒͷઃఆ
    w 伴͕༗ޮͳظؒʢ։࢝೔࣌ͱऴྃ೔࣌ʣΛࢦఆ
    w

    ҉߸Խύϥϝʔλͷ੍ݶ
    w ಛఆͷΞϧΰϦζϜɺϒϩοΫϞʔυɺύσΟϯάํࣜͰͷΈ伴ͷ࢖༻ΛڐՄ
    w ʜ 21

22. +BWB
    $SZQUPHSBQIZ
    "SDIJUFDUVSF
    +$" w +$"ͷΫϥεੜ੒࣌ʹϓϩόΠμͱͯ͠
    l"OESPJE,FZ4UPSFz
    Λࢦఆ͢Δ 22 val keyStore = KeyStore.getInstance("AndroidKeyStore") val

    keyPairGenerator = KeyPairGenerator.getInstance( KeyProperties.KEY_ALGORITHM_EC, "AndroidKeyStore" ) val keyGenerator = KeyGenerator.getInstance( KeyProperties.KEY_ALGORITHM_AES, "AndroidKeyStore" ) https://developer.android.com/privacy-and-security/keystore#UsingAndroidKeyStore

23. 4FDSFU,FZ
    ͷੜ੒ 23 private const val ANDROID_KEY_STORE_PROVIDER = "AndroidKeyStore" private const

    val KEY_STORE_ALIAS = "my_data_key_store_alias" private fun getOrCreateSecretKey(): SecretKey { val keyStore = KeyStore.getInstance(ANDROID_KEY_STORE_PROVIDER).apply { load(null) } if (keyStore.containsAlias(KEY_STORE_ALIAS)) { val entry = keyStore.getEntry(KEY_STORE_ALIAS, null) return (entry as KeyStore.SecretKeyEntry).secretKey } // 伴Λੜ੒ …

24. 4FDSFU,FZ
    ͷੜ੒ 24 https://developer.android.com/privacy-and-security/cryptography#choose-algorithm

25. 25 private const val ANDROID_KEY_STORE_PROVIDER = "AndroidKeyStore" private const val

    KEY_STORE_ALIAS = "my_data_key_store_alias" private fun getOrCreateSecretKey(): SecretKey { … // 伴Λੜ੒ val params = KeyGenParameterSpec.Builder( KEY_STORE_ALIAS, KeyProperties.PURPOSE_ENCRYPT or KeyProperties.PURPOSE_DECRYPT ) .setBlockModes(KeyProperties.BLOCK_MODE_GCM) .setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_NONE) .setKeySize(256) .build() val keyGenerator = KeyGenerator.getInstance( KeyProperties.KEY_ALGORITHM_AES, ANDROID_KEY_STORE_PROVIDER ) keyGenerator.init(params) return keyGenerator.generateKey() }

26. "&4($./P1BEEJOH w "&"%ʢ"VUIFOUJDBUFE
    &ODSZQUJPO
    XJUI
    "TTPDJBUFE
    %BUBʣ҉߸
    w σʔλͷػີੑʢ҉߸Խʣ͚ͩͰͳ͘ɺσʔλͷ׬શੑͱೝূੑʢվ͟ΜΛ ݕ஌͢Δೝূλάʣ΋ಉ࣌ʹఏڙ
    w ॳظԽϕΫτϧʢ*7
    *OJUJBMJ[BUJPO
    7FDUPSʣ 26

27. ॳظԽϕΫτϧʢ*7
    *OJUJBMJ[BUJPO
    7FDUPSʣ w ಉ͡伴Ͱಉ͡σʔλΛ҉߸Խͯ͠΋ɺຖճҟͳΔ҉߸จ͕Ͱ͖ΔΑ͏ʹ͢Δ ͨΊͷɺϥϯμϜͳσʔλ
    w "&4($.
    Ͱಉ͡伴ʹରͯ͠
    *7
    Λ࢖͍ճ͢ͷ͸ઈରʹμϝ 27

28. *7
    ͷ؅ཧํ๏  ҉߸Խૢ࡞ͷͨͼʹɺ҉߸࿦తʹ҆શͳ৽͍͠ϥϯμϜ
    *7
    Λੜ੒ʢ/*45
    ʹ ΑΔ
    ($.
    Ͱͷ
    *7
    ௕ͷਪ঑͸όΠτʣ
    w $JQIFS
    ಺Ͱߦͬͯ͘ΕΔ
     *7
    Λ҉߸จͱҰॹʹอଘʢҰൠతʹ͸
    *7
    Λ҉߸จͷઌ಄ʹ݁߹ʣ
     ෮߸࣌ʹ͸ɺอଘ͓͍ͯͨ͠
    *7
    Λ࢖ͬͯ
    $JQIFS
    ΛॳظԽ

    28 http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38d.pdf

29. 29 private const val TRANSFORMATION = "AES/GCM/NoPadding" private const val

    IV_SIZE_BYTES = 12 private const val TAG_SIZE_BITS = 128 fun encrypt(plaintext: String): String { val cipher = Cipher.getInstance(TRANSFORMATION) cipher.init(Cipher.ENCRYPT_MODE, getOrCreateSecretKey()) val ciphertext = cipher.doFinal(plaintext.toByteArray(Charsets.UTF_8)) val ivAndCiphertext = cipher.iv + ciphertext // IV ͱ҉߸จΛ݁߹ return Base64.getEncoder().encodeToString(ivAndCiphertext) }

30. 30 private const val TRANSFORMATION = "AES/GCM/NoPadding" private const val

    IV_SIZE_BYTES = 12 private const val TAG_SIZE_BITS = 128 fun decrypt(encryptedString: String): String { val cipher = Cipher.getInstance(TRANSFORMATION) val ivAndCiphertext = Base64.getDecoder().decode(encryptedString) // อଘ͓͍ͯͨ͠ IV Λ࢖༻ val spec = GCMParameterSpec(TAG_SIZE_BITS, ivAndCiphertext, 0, IV_SIZE_BYTES) cipher.init(Cipher.DECRYPT_MODE, getOrCreateSecretKey(), spec) val plaintextBytes = cipher.doFinal( /* input = */ ivAndCiphertext, /* inputOffset = */ IV_SIZE_BYTES, /* inputLen = */ ivAndCiphertext.size - IV_SIZE_BYTES ) return String(plaintextBytes, Charsets.UTF_8) }

31. 5JOL 31

32. 5JOL w IUUQTHJUIVCDPNUJOLDSZQUPUJOLKBWB
    w TFDVSJUZDSZQUP
    
    ˠ
    5JOL
    +BWB
    
    w MBUFTU
    5JOL
    +BWB
    
     32 implementation("com.google.crypto.tink:tink-android:1.18.0")

33. &ODSZQUFE4IBSFE1SFGFSFODFT
    Ͱͷ
    5JOL
    ࢖༻ 33

34. &ODSZQUFE4IBSFE1SFGFSFODFT
    Ͱͷ
    5JOL
    ࢖༻ 34 1.16.0 Ͱ௥Ճ

35. 35

36. ΩʔηοτػೳΛ࢖Θͳ͍৔߹ 36 class TinkHelper { private val aead: Aead init

    { AeadConfig.register() if(!AndroidKeystore.hasKey(KEY_STORE_ALIAS)) { AndroidKeystore.generateNewAes256GcmKey(KEY_STORE_ALIAS) } aead = AndroidKeystore.getAead(KEY_STORE_ALIAS) } … }

37. 37 class TinkHelper { private val aead: Aead … fun

    encrypt(plaintext: String): String { val plaintextBytes = plaintext.toByteArray(Charsets.UTF_8) val encrypted = aead.encrypt(plaintextBytes, ByteArray(0)) return Base64.getEncoder().encodeToString(encrypted) } fun decrypt(encryptedString: String): String { val encrypted = Base64.getDecoder().decode(encryptedString) val plaintextBytes = aead.decrypt(encrypted, ByteArray(0)) return String(plaintextBytes, Charsets.UTF_8) } }

38. ΩʔηοτػೳΛ࢖͍͍ͨ৔߹ 38

39. ΩʔηοτػೳΛ࢖͍͍ͨ৔߹ w Ωʔηοτػೳ͕ຊ౰ʹඞཁ͔ߟ͑Δ
    w ଎͕͞ඞཁʁʢ"OESPJE
    ,FZTUPSF
    Λ࢖ͬͨ৔߹ΑΓ଎͍ʣ
    w ૚ߏ଄ͷηΩϡϦςΟ͕ඞཁʁ
    w 伴Λϩʔςʔγϣϯ͍ͨ͠ʁ
    w

    ΩʔόϦϡʔͷΩʔ໊΋҉߸Խ͢Δඞཁ͋Δʁ 39

40. ΩʔηοτػೳΛ࢖͍͍ͨ৔߹ w Ωʔηοτػೳ͕ຊ౰ʹඞཁ͔ߟ͑Δ
    w ଎͕͞ඞཁʁʢ"OESPJE
    ,FZTUPSF
    Λ࢖ͬͨ৔߹ΑΓ଎͍ʣ
    w ૚ߏ଄ͷηΩϡϦςΟ͕ඞཁʁ
    w 伴Λϩʔςʔγϣϯ͍ͨ͠ʁ
    w

    ΩʔόϦϡʔͷΩʔ໊΋҉߸Խ͢Δඞཁ͋Δʁ
    w 5JOL
    ͷΩʔηοτػೳΛΑ͘ཧղ͔ͯ͠Β࢖͏ 40

41. 41 class TinkHelperWithKeyset(context: Context) { private val aead: Aead private

    val keysetPref: SharedPreferences by lazy { … } init { … val masterKeyAead = AndroidKeystore.getAead(KEY_STORE_MASTER_KEY_ALIAS) val keysetHex = keysetPref.getString("keyset_name", null) val handle = if (keysetHex == null) { KeysetHandle.generateNew(KeyTemplates.get("AES256_GCM").toParameters()).also { val encryptedKeyset = TinkProtoKeysetFormat.serializeEncryptedKeyset(it, masterKeyAead, ByteArray(0)) keysetPref.edit { putString("keyset_name", Hex.encode(encryptedKeyset)) } } } else { LegacyKeysetSerialization.parseEncryptedKeyset( BinaryKeysetReader.withBytes(Hex.decode(keysetHex)), masterKeyAead, ByteArray(0) ) } aead = handle.getPrimitive<Aead>(RegistryConfiguration.get(), Aead::class.java) }

42. ϚΠάϨʔγϣϯ 42

43. ϚΠάϨʔγϣϯͷεςοϓ  ϚΠάϨʔγϣϯࡁΈ͔Ͳ͏͔νΣοΫ͢Δ
    w ྫʣϚΠάϨʔγϣϯࡁΈ͔Ͳ͏͔ͷϑϥάΛӬଓԽ͢Δ
    w ྫʣTFDVSJUZDSZQUP
    ͷϚελʔΩʔ͕ଘࡏ͍ͯ͠Δ͔Ͳ͏͔Ͱ൑அ 43

44. ϚΠάϨʔγϣϯͷεςοϓ  ϚΠάϨʔγϣϯࡁΈ͔Ͳ͏͔νΣοΫ͢Δ
     &ODSZQUFE4IBSFE1SFGFSFODF
    ʹอଘ͍ͯ͠ΔσʔλΛϝϞϦ্ʹऔΓग़͢
     ৽͘͠࡞੒ͨ͠
    "OESPJE
    ,FZTUPSF
    
    $JQIFS
    ΋͘͠͸5JOL
    Ͱ҉߸Խ͢Δ
    

     ৽͘͠࡞੒ͨ͠
    %BUB4UPSF
    
    4IBSFE1SFGFSFODFT
    ʹอଘ͢Δ
     TFDVSJUZDSZQUP
    ͷΩʔηοτ͕อଘ͞Ε͍ͯͨ
    4IBSFE1SFGFSFODFT
    ϑΝ ΠϧΛ࡟আ͢Δ
     "OESPJE
    ,FZTUPSF
    ಺ͷ
    TFDVSJUZDSZQUP
    ͷϚελʔΩʔΛ࡟আ͢Δ 44

45. ϚελʔΩʔͱΩʔηοτͷ࡟আ 45 // delete SharedPreferences files deleteSharedPreferences("secret_shared_prefs") // delete MasterKey

    val keyStore = KeyStore.getInstance("AndroidKeyStore").apply { load(null) } if (keyStore.containsAlias(MasterKey.DEFAULT_MASTER_KEY_ALIAS)) { keyStore.deleteEntry(MasterKey.DEFAULT_MASTER_KEY_ALIAS) } EncryptedSharedPreferences.create( applicationContext, "secret_shared_prefs", … )

46. க໋తΫϥογϡ΁ͷରԠ 46

47. ใࠂ͞Ε͍ͯΔΫϥογϡͷཁҼ w όοΫΞοϓઃఆͷෆ଍
    w 0&.
    σόΠεͷ
    "OESPJE
    ,FZTUPSF
    ͷόά 47

48. όοΫΞοϓઃఆͷෆ଍ 48 όοΫΞοϓ Android Keystore SharedPreferences ͷ XML σόΠε A

    σόΠε B Android Keystore ❌

49. όοΫΞοϓઃఆͷෆ଍ 49 όοΫΞοϓ Android Keystore SharedPreferences ͷ XML σόΠε A

    σόΠε B Android Keystore ❌

50. όοΫΞοϓઃఆͷෆ଍ 50 όοΫΞοϓ Android Keystore SharedPreferences ͷ XML σόΠε A

    σόΠε B Android Keystore ❌ SharedPreferences ͷ XML ෳ߹ԽͰ͖ͳ͍

51. όοΫΞοϓઃఆͷෆ଍ 51 όοΫΞοϓ Android Keystore SharedPreferences ͷ XML σόΠε A

    σόΠε B Android Keystore ❌ SharedPreferences ͷ XML ෳ߹ԽͰ͖ͳ͍ ❌

52. όοΫΞοϓઃఆ 52 <application android:allowBackup="true" android:dataExtractionRules="@xml/data_extraction_rules" android:fullBackupContent="@xml/backup_rules" … https://developer.android.com/about/versions/12/behavior-changes-12#backup-restore Android 12ʢAPI

    31ʣ͔ΒϝʔΧʔʹΑͬͯ͸ allowBackup ʹ false Λઃఆͯ͠΋ Device to Device transfer ͸ແޮԽ͞Εͳ͍

53. 53 <?xml version="1.0" encoding="utf-8"?> <data-extraction-rules> <cloud-backup> <!-- security-crypto ͷ৔߹ -->

    <exclude domain="sharedpref" path="secret_shared_prefs.xml"/> <exclude domain="sharedpref" path="__androidx_security_crypto_encrypted_file_pref__.xml"/> <!-- Tink + DataStore/SharedPreferences ͷ৔߹ --> <exclude domain="sharedpref" path="tink_pref_file.xml"/> <exclude domain="file" path="datastore/secret_data_store.preferences_pb" /> <exclude domain="sharedpref" path="my_secret_prefs.xml"/> <!-- Android Keystore + Cipher + DataStore/SharedPreferences ͷ৔߹ --> <exclude domain="file" path="datastore/secret_data_store.preferences_pb" /> <exclude domain="sharedpref" path="my_secret_prefs.xml"/> </cloud-backup> <device-transfer> … <cloud-backup> ಺ͱಉ͡ … </device-transfer> </data-extraction-rules> https://developer.android.com/identity/data/autobackup?utm_source=chatgpt.com#IncludingFiles data_extraction_rules.xml EncryptedSharedPreferences.create() Ͱࢦఆ໊ͨ͠લ EncryptedFile.Builder Ͱ࢖ΘΕ͍ͯΔσϑΥϧτ໊ withSharedPref()Ͱࢦఆͨ͠ ໊લʢΩʔηοτͷอଘઌʣ ҉߸Խͨ͠σʔλͷอଘઌ

54. 0&.
    σόΠεͷ
    "OESPJE
    ,FZTUPSF
    ͷόά 54 https://github.com/tink-crypto/tink/issues/535#issuecomment-912170221

55. "OESPJE
    ,FZTUPSF
    ͷόάʹରॲ͢Δ  ྫ֎ΛัଊͰ͖ΔΑ͏ʹ͢Δ
     "OESPJE
    ,FZTUPSF
    ಺ͷ伴ɺ҉߸Խͨ͠σʔλ͕อଘ͞Ε͍ͯΔϑΝΠϧɺ ʢ5JOL
    Λ࢖͍ͬͯΔ৔߹͸ΩʔηοτʣΛ࡟আ͢Δ
     σʔλΛ࠶औಘ͢Δʢྫ
    ϢʔβʔʹϩάΠϯ͠௚ͯ͠΋Β͏ʣ
     伴Λ࡞Γ௚͢
    

     ৽͍͠伴Ͱ࠶औಘͨ͠σʔλΛ҉߸Խͯ͠อଘ͢Δ 55 ӬٱʹࣦΘΕͯࠔΔ΋ͷ͸อଘ͠ͳ͍ʢ࠶औಘͰ͖Δ΋ͷͷΈʹ͢Δʣ

56. ·ͱΊ w ຊ౰ʹ҉߸Խ͢Δඞཁ͕͋Δͷ͔Α͘ߟ͑Δ
    w ӬٱʹࣦΘΕͯࠔΔ΋ͷ͸อଘ͠ͳ͍
    w "OESPJE
    ,FZTUPSF
    
    $JQIFS
    ΋͘͠͸
    5JOL
    Ͱͷ҉߸ԽʹҠߦ͢Δ
    w ҉߸Խ͞Εͨσʔλ͕อଘ͞Ε͍ͯΔϑΝΠϧΛόοΫΞοϓର৅͔Βআ͘
    

    w "OESPJE
    ,FZTUPSF
    ͷόάʹૺ۰͢ΔલఏͰରԠࡦΛ࣮૷͓ͯ͘͠ 56