2

Thanks to dmon and the example here Process the value of preference before save in Android?

I was able to get the basic code down. But my value isn't being stored encrypted in preferences.xml on the device and I know this is a simple mistake on my part (java novice).

My encryption and decryption class is working outside of the EditTextPreference code.

Kind Regards,

Mike

My preferences.xml

    <ping.test.com.EncryptedEditTextpreference 
        android:key="key" 
        android:summary="Enter Your Public Key" 
        android:title="Public Key" 
        android:inputType="textPassword"/>

</PreferenceCategory>

My class to extend EditTextPreference

package ping.test.com;

import android.content.Context;
import android.preference.EditTextPreference;
import android.util.AttributeSet;

public class EncryptedEditTextPreference extends EditTextPreference {
  public EncryptedEditTextPreference(Context context, AttributeSet attrs, int defStyle) {
    super(context, attrs, defStyle);
  }

  public EncryptedEditTextPreference(Context context, AttributeSet attrs) {
    super(context, attrs);
  }

  public EncryptedEditTextPreference(Context context) {
    super(context);
  }

  @Override
  public String getText() {
    String value = super.getText();
    try {
        return SimpleCrypto.decrypt("BiteMe", value);
    } catch (Exception e) {
        // TODO Auto-generated catch block
        e.printStackTrace();
    }
    return value;
  }

  @Override
  protected void onSetInitialValue(boolean restoreValue, Object defaultValue) {
    super.setText(restoreValue ? getPersistedString(null) : (String) defaultValue);
  }

  @Override
  public void setText(String text) {

        try {
            super.setText(SimpleCrypto.encrypt("BiteMe", text ));
        } catch (Exception e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        }

  }
}
Community
  • 1
  • 1
Mike
  • 97
  • 3
  • 12
  • I'm trying to extend EditTextPreference in a class and I'm getting the following error. There is no default constructor available in 'android.preference.EditTextPreference' Any ideas how to resolve this? – tzg Apr 24 '19 at 16:44

2 Answers2

0

First, I know it's convenient to have Preference Views, but at you special case I would prefer to take a simple EditText and save the Preference manually inside SharedPreferences.

To answer your Question: According to the docs it should work, what you have tried. To get closer to the error try to add Logs like this:

@Override
public void setText(String text) {
    Log.v("setText", "from " + text);
    try {
        String to = SimpleCrypto.encrypt("BiteMe", text );
        Log.v("setText", "to " + to);
        super.setText(to);
    } catch (Exception e) {
        e.printStackTrace();
    }
}

verify , that your SimpleCrypt class works like expected, and you could add a TextWatcher to the EditText and log it also to see what happens.

Note that this might be usafe at all, as an attacker is able to decompile your apk and see how this encryption works!

Rafael T
  • 15,401
  • 15
  • 83
  • 144
  • Cool, I will take a look at the logs.. I understand that physical access to the device is an issue but not sure what else to do as its for a app where users aren't going to want to continuously enter passwords, I guess at least it won't be clear text. – Mike Mar 13 '12 at 01:52
  • 1
    You can generate a random salt to encrypt data, at the first time the user runs the app: `java.util.UUDI.randomUUID().toString()`. For safer, you can use [lock pattern](https://code.google.com/p/android-lockpattern/), quick and easy :-) To make sure the user can not clear data (which has your salt in preferences), use this flag inside tag `application` (AndroidManifest.xml): `android:manageSpaceActivity="your-fake-activity"`. –  Mar 13 '12 at 03:41
  • @haibison the salt doesn't really change anything, as the user has access to it (at least if the phone is rooted)! But this is not a "how can I implement security" question. – Rafael T Mar 14 '12 at 01:35
  • @Rafael, Thanks, I misunderstood the concept salt. –  Mar 14 '12 at 02:06
-1

doesn't show the encrypted value on showing the settings, since i mask the pswd. I only want encrypted when stored

protected void onSetInitialValue(boolean restoreValue, Object defaultValue) {
    if (!restoreValue) {
        super.setText((String) defaultValue);
    }
    else {
        try {
            String decrypted = SimpleCrypto.decrypt(Constants.MasterKey, getPersistedString(null));
            super.setText(decrypted);
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}
Jeremiah
  • 23
  • 4