Cache your keys for a certain period of type (say 10 mins) and clear them afterwards. You can set alarms using AlarmService
for this. There was a library project that does this for you, but I haven't used it personally:
Keep data decrypted during runtime
-
14-07-2023 - |
Question
In my app, i generate and save private keys. They are encrypted using AES as described here (http://nelenkov.blogspot.com/2012/05/storing-application-secrets-in-androids.html). I've seen another entry on smiliar subject (http://nelenkov.blogspot.com/2012/05/storing-application-secrets-in-androids.html), but this solution gives no guarantee to work on all devices.
Everything is fine except one thing. Everytime usertime wants to get access to one of the encrypted files (or create new one) he needs to enter pin/password (which is very frustrating). I'm looking for a way to somehow avoid this, so as long as user don't leave aplication his password is stored.
The only solution i found is to load everything after user enters password and keep it in memory, but I don't think it's good one.
Solution
OTHER TIPS
Why not create a custom Application subclass, and store the password there?
So something like:
public class App extends Application {
private static String sPassword;
public String getPassword() {
return sPassword;
}
}
Then use it:
String password = ((App) context.getApplication()).getPassword();
if(password != null && !password.isEmpty() {
// Decrypt files
} else {
// Prompt user for password, and save it to the Application
}
You'll also have to specify your custom Application in your manifest:
<application android:name="com.my.awesome.App" ....