├── app
    ├── .gitignore
    ├── src
    │   ├── main
    │   │   ├── res
    │   │   │   ├── mipmap-hdpi
    │   │   │   │   ├── ic_launcher.webp
    │   │   │   │   └── ic_launcher_round.webp
    │   │   │   ├── mipmap-mdpi
    │   │   │   │   ├── ic_launcher.webp
    │   │   │   │   └── ic_launcher_round.webp
    │   │   │   ├── mipmap-xhdpi
    │   │   │   │   ├── ic_launcher.webp
    │   │   │   │   └── ic_launcher_round.webp
    │   │   │   ├── mipmap-xxhdpi
    │   │   │   │   ├── ic_launcher.webp
    │   │   │   │   └── ic_launcher_round.webp
    │   │   │   ├── mipmap-xxxhdpi
    │   │   │   │   ├── ic_launcher.webp
    │   │   │   │   └── ic_launcher_round.webp
    │   │   │   ├── mipmap-anydpi-v26
    │   │   │   │   ├── ic_launcher.xml
    │   │   │   │   └── ic_launcher_round.xml
    │   │   │   ├── values
    │   │   │   │   ├── strings.xml
    │   │   │   │   ├── colors.xml
    │   │   │   │   └── themes.xml
    │   │   │   ├── xml
    │   │   │   │   ├── backup_rules.xml
    │   │   │   │   └── data_extraction_rules.xml
    │   │   │   ├── values-night
    │   │   │   │   └── themes.xml
    │   │   │   ├── drawable-v24
    │   │   │   │   └── ic_launcher_foreground.xml
    │   │   │   ├── layout
    │   │   │   │   └── activity_main.xml
    │   │   │   └── drawable
    │   │   │   │   └── ic_launcher_background.xml
    │   │   ├── java
    │   │   │   └── de
    │   │   │   │   └── krbmr
    │   │   │   │       └── encryptedroomdb
    │   │   │   │           ├── database
    │   │   │   │               ├── Secret.kt
    │   │   │   │               ├── SecretDatabaseDao.kt
    │   │   │   │               └── SecretDatabase.kt
    │   │   │   │           ├── MainActivityViewModelFactory.kt
    │   │   │   │           ├── MainActivityViewModel.kt
    │   │   │   │           └── MainActivity.kt
    │   │   └── AndroidManifest.xml
    │   ├── test
    │   │   └── java
    │   │   │   └── de
    │   │   │       └── krbmr
    │   │   │           └── encryptedroomdb
    │   │   │               └── ExampleUnitTest.kt
    │   └── androidTest
    │   │   └── java
    │   │       └── de
    │   │           └── krbmr
    │   │               └── encryptedroomdb
    │   │                   └── ExampleInstrumentedTest.kt
    ├── proguard-rules.pro
    └── build.gradle
├── screenshots
    ├── screenshot_app.png
    └── screenshot_hex_not_encrypted.png
├── gradle
    └── wrapper
    │   ├── gradle-wrapper.jar
    │   └── gradle-wrapper.properties
├── .gitignore
├── settings.gradle
├── LICENSE
├── gradle.properties
├── gradlew.bat
├── gradlew
└── README.md


/app/.gitignore:
--------------------------------------------------------------------------------
1 | /build


--------------------------------------------------------------------------------
/screenshots/screenshot_app.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Lenz-K/android-encrypted-room-database-example/HEAD/screenshots/screenshot_app.png


--------------------------------------------------------------------------------
/gradle/wrapper/gradle-wrapper.jar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Lenz-K/android-encrypted-room-database-example/HEAD/gradle/wrapper/gradle-wrapper.jar


--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
 1 | *.iml
 2 | .gradle
 3 | /local.properties
 4 | /.idea/
 5 | .DS_Store
 6 | /build
 7 | /captures
 8 | .externalNativeBuild
 9 | .cxx
10 | local.properties
11 | 


--------------------------------------------------------------------------------
/app/src/main/res/mipmap-hdpi/ic_launcher.webp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Lenz-K/android-encrypted-room-database-example/HEAD/app/src/main/res/mipmap-hdpi/ic_launcher.webp


--------------------------------------------------------------------------------
/app/src/main/res/mipmap-mdpi/ic_launcher.webp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Lenz-K/android-encrypted-room-database-example/HEAD/app/src/main/res/mipmap-mdpi/ic_launcher.webp


--------------------------------------------------------------------------------
/screenshots/screenshot_hex_not_encrypted.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Lenz-K/android-encrypted-room-database-example/HEAD/screenshots/screenshot_hex_not_encrypted.png


--------------------------------------------------------------------------------
/app/src/main/res/mipmap-xhdpi/ic_launcher.webp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Lenz-K/android-encrypted-room-database-example/HEAD/app/src/main/res/mipmap-xhdpi/ic_launcher.webp


--------------------------------------------------------------------------------
/app/src/main/res/mipmap-xxhdpi/ic_launcher.webp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Lenz-K/android-encrypted-room-database-example/HEAD/app/src/main/res/mipmap-xxhdpi/ic_launcher.webp


--------------------------------------------------------------------------------
/app/src/main/res/mipmap-xxxhdpi/ic_launcher.webp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Lenz-K/android-encrypted-room-database-example/HEAD/app/src/main/res/mipmap-xxxhdpi/ic_launcher.webp


--------------------------------------------------------------------------------
/app/src/main/res/mipmap-hdpi/ic_launcher_round.webp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Lenz-K/android-encrypted-room-database-example/HEAD/app/src/main/res/mipmap-hdpi/ic_launcher_round.webp


--------------------------------------------------------------------------------
/app/src/main/res/mipmap-mdpi/ic_launcher_round.webp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Lenz-K/android-encrypted-room-database-example/HEAD/app/src/main/res/mipmap-mdpi/ic_launcher_round.webp


--------------------------------------------------------------------------------
/app/src/main/res/mipmap-xhdpi/ic_launcher_round.webp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Lenz-K/android-encrypted-room-database-example/HEAD/app/src/main/res/mipmap-xhdpi/ic_launcher_round.webp


--------------------------------------------------------------------------------
/app/src/main/res/mipmap-xxhdpi/ic_launcher_round.webp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Lenz-K/android-encrypted-room-database-example/HEAD/app/src/main/res/mipmap-xxhdpi/ic_launcher_round.webp


--------------------------------------------------------------------------------
/app/src/main/res/mipmap-xxxhdpi/ic_launcher_round.webp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Lenz-K/android-encrypted-room-database-example/HEAD/app/src/main/res/mipmap-xxxhdpi/ic_launcher_round.webp


--------------------------------------------------------------------------------
/gradle/wrapper/gradle-wrapper.properties:
--------------------------------------------------------------------------------
1 | #Tue May 10 16:54:25 CEST 2022
2 | distributionBase=GRADLE_USER_HOME
3 | distributionUrl=https\://services.gradle.org/distributions/gradle-7.3.3-bin.zip
4 | distributionPath=wrapper/dists
5 | zipStorePath=wrapper/dists
6 | zipStoreBase=GRADLE_USER_HOME
7 | 


--------------------------------------------------------------------------------
/app/src/main/res/mipmap-anydpi-v26/ic_launcher.xml:
--------------------------------------------------------------------------------
1 | <?xml version="1.0" encoding="utf-8"?>
2 | <adaptive-icon xmlns:android="http://schemas.android.com/apk/res/android">
3 |     <background android:drawable="@drawable/ic_launcher_background" />
4 |     <foreground android:drawable="@drawable/ic_launcher_foreground" />
5 | </adaptive-icon>


--------------------------------------------------------------------------------
/app/src/main/res/mipmap-anydpi-v26/ic_launcher_round.xml:
--------------------------------------------------------------------------------
1 | <?xml version="1.0" encoding="utf-8"?>
2 | <adaptive-icon xmlns:android="http://schemas.android.com/apk/res/android">
3 |     <background android:drawable="@drawable/ic_launcher_background" />
4 |     <foreground android:drawable="@drawable/ic_launcher_foreground" />
5 | </adaptive-icon>


--------------------------------------------------------------------------------
/app/src/main/res/values/strings.xml:
--------------------------------------------------------------------------------
1 | <resources>
2 |     <string name="app_name">Encrypted Room DB Example</string>
3 | 
4 |     <string name="enter_a_secret">Enter a secret to save in the database:</string>
5 |     <string name="save">Save</string>
6 |     <string name="all_the_secrets">All the secrets in the database:</string>
7 |     <string name="clear">clear database</string>
8 | </resources>


--------------------------------------------------------------------------------
/settings.gradle:
--------------------------------------------------------------------------------
 1 | pluginManagement {
 2 |     repositories {
 3 |         gradlePluginPortal()
 4 |         google()
 5 |         mavenCentral()
 6 |     }
 7 | }
 8 | dependencyResolutionManagement {
 9 |     repositoriesMode.set(RepositoriesMode.FAIL_ON_PROJECT_REPOS)
10 |     repositories {
11 |         google()
12 |         mavenCentral()
13 |     }
14 | }
15 | rootProject.name = "Encrypted Room DB Example"
16 | include ':app'
17 | 


--------------------------------------------------------------------------------
/app/src/main/java/de/krbmr/encryptedroomdb/database/Secret.kt:
--------------------------------------------------------------------------------
 1 | package de.krbmr.encryptedroomdb.database
 2 | 
 3 | import androidx.room.ColumnInfo
 4 | import androidx.room.Entity
 5 | import androidx.room.PrimaryKey
 6 | 
 7 | @Entity(tableName = "secret_table")
 8 | data class Secret(
 9 | 
10 |     @PrimaryKey(autoGenerate = true)
11 |     @ColumnInfo(name = "id")
12 |     var id: Long = 0L,
13 | 
14 |     @ColumnInfo(name = "secret_value")
15 |     val secretValue: String
16 | )


--------------------------------------------------------------------------------
/app/src/test/java/de/krbmr/encryptedroomdb/ExampleUnitTest.kt:
--------------------------------------------------------------------------------
 1 | package de.krbmr.encryptedroomdb
 2 | 
 3 | import org.junit.Test
 4 | 
 5 | import org.junit.Assert.*
 6 | 
 7 | /**
 8 |  * Example local unit test, which will execute on the development machine (host).
 9 |  *
10 |  * See [testing documentation](http://d.android.com/tools/testing).
11 |  */
12 | class ExampleUnitTest {
13 |     @Test
14 |     fun addition_isCorrect() {
15 |         assertEquals(4, 2 + 2)
16 |     }
17 | }


--------------------------------------------------------------------------------
/app/src/main/java/de/krbmr/encryptedroomdb/database/SecretDatabaseDao.kt:
--------------------------------------------------------------------------------
 1 | package de.krbmr.encryptedroomdb.database
 2 | 
 3 | import androidx.lifecycle.LiveData
 4 | import androidx.room.*
 5 | 
 6 | @Dao
 7 | interface SecretDatabaseDao {
 8 | 
 9 |     @Insert
10 |     fun insertSecret(secret: Secret)
11 | 
12 |     @Query("SELECT * FROM secret_table")
13 |     fun getAllSecrets(): LiveData<List<Secret>>
14 | 
15 |     @Query("Delete FROM secret_table")
16 |     fun clearSecrets()
17 | }


--------------------------------------------------------------------------------
/app/src/main/res/values/colors.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?>
 2 | <resources>
 3 |     <color name="purple_200">#FFBB86FC</color>
 4 |     <color name="purple_500">#FF6200EE</color>
 5 |     <color name="purple_700">#FF3700B3</color>
 6 |     <color name="teal_200">#FF03DAC5</color>
 7 |     <color name="teal_700">#FF018786</color>
 8 |     <color name="black">#FF000000</color>
 9 |     <color name="grey">#FFCCCCCC</color>
10 |     <color name="white">#FFFFFFFF</color>
11 | </resources>


--------------------------------------------------------------------------------
/app/src/main/res/xml/backup_rules.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?><!--
 2 |    Sample backup rules file; uncomment and customize as necessary.
 3 |    See https://developer.android.com/guide/topics/data/autobackup
 4 |    for details.
 5 |    Note: This file is ignored for devices older that API 31
 6 |    See https://developer.android.com/about/versions/12/backup-restore
 7 | -->
 8 | <full-backup-content>
 9 |     <!--
10 |    <include domain="sharedpref" path="."/>
11 |    <exclude domain="sharedpref" path="device.xml"/>
12 | -->
13 | </full-backup-content>


--------------------------------------------------------------------------------
/app/src/main/res/xml/data_extraction_rules.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?><!--
 2 |    Sample data extraction rules file; uncomment and customize as necessary.
 3 |    See https://developer.android.com/about/versions/12/backup-restore#xml-changes
 4 |    for details.
 5 | -->
 6 | <data-extraction-rules>
 7 |     <cloud-backup>
 8 |         <!-- TODO: Use <include> and <exclude> to control what is backed up.
 9 |         <include .../>
10 |         <exclude .../>
11 |         -->
12 |     </cloud-backup>
13 |     <!--
14 |     <device-transfer>
15 |         <include .../>
16 |         <exclude .../>
17 |     </device-transfer>
18 |     -->
19 | </data-extraction-rules>


--------------------------------------------------------------------------------
/app/src/main/java/de/krbmr/encryptedroomdb/MainActivityViewModelFactory.kt:
--------------------------------------------------------------------------------
 1 | package de.krbmr.encryptedroomdb
 2 | 
 3 | import androidx.lifecycle.ViewModel
 4 | import androidx.lifecycle.ViewModelProvider
 5 | import de.krbmr.encryptedroomdb.database.SecretDatabaseDao
 6 | 
 7 | class MainActivityViewModelFactory(private val dataSource: SecretDatabaseDao) : ViewModelProvider.Factory {
 8 | 
 9 |     @Suppress("unchecked_cast")
10 |     override fun <T : ViewModel?> create(modelClass: Class<T>): T {
11 |         if (modelClass.isAssignableFrom(MainActivityViewModel::class.java)) {
12 |             return MainActivityViewModel(dataSource) as T
13 |         }
14 |         throw IllegalArgumentException("Unknown ViewModel class")
15 |     }
16 | }


--------------------------------------------------------------------------------
/app/src/androidTest/java/de/krbmr/encryptedroomdb/ExampleInstrumentedTest.kt:
--------------------------------------------------------------------------------
 1 | package de.krbmr.encryptedroomdb
 2 | 
 3 | import androidx.test.platform.app.InstrumentationRegistry
 4 | import androidx.test.ext.junit.runners.AndroidJUnit4
 5 | 
 6 | import org.junit.Test
 7 | import org.junit.runner.RunWith
 8 | 
 9 | import org.junit.Assert.*
10 | 
11 | /**
12 |  * Instrumented test, which will execute on an Android device.
13 |  *
14 |  * See [testing documentation](http://d.android.com/tools/testing).
15 |  */
16 | @RunWith(AndroidJUnit4::class)
17 | class ExampleInstrumentedTest {
18 |     @Test
19 |     fun useAppContext() {
20 |         // Context of the app under test.
21 |         val appContext = InstrumentationRegistry.getInstrumentation().targetContext
22 |         assertEquals("de.krbmr.encryptedroomdb", appContext.packageName)
23 |     }
24 | }


--------------------------------------------------------------------------------
/app/proguard-rules.pro:
--------------------------------------------------------------------------------
 1 | # Add project specific ProGuard rules here.
 2 | # You can control the set of applied configuration files using the
 3 | # proguardFiles setting in build.gradle.
 4 | #
 5 | # For more details, see
 6 | #   http://developer.android.com/guide/developing/tools/proguard.html
 7 | 
 8 | # If your project uses WebView with JS, uncomment the following
 9 | # and specify the fully qualified class name to the JavaScript interface
10 | # class:
11 | #-keepclassmembers class fqcn.of.javascript.interface.for.webview {
12 | #   public *;
13 | #}
14 | 
15 | # Uncomment this to preserve the line number information for
16 | # debugging stack traces.
17 | #-keepattributes SourceFile,LineNumberTable
18 | 
19 | # If you keep the line number information, uncomment this to
20 | # hide the original source file name.
21 | #-renamesourcefileattribute SourceFile


--------------------------------------------------------------------------------
/app/src/main/res/values/themes.xml:
--------------------------------------------------------------------------------
 1 | <resources xmlns:tools="http://schemas.android.com/tools">
 2 |     <!-- Base application theme. -->
 3 |     <style name="Theme.EncryptedRoomDBExample" parent="Theme.MaterialComponents.DayNight.DarkActionBar">
 4 |         <!-- Primary brand color. -->
 5 |         <item name="colorPrimary">@color/purple_500</item>
 6 |         <item name="colorPrimaryVariant">@color/purple_700</item>
 7 |         <item name="colorOnPrimary">@color/white</item>
 8 |         <!-- Secondary brand color. -->
 9 |         <item name="colorSecondary">@color/teal_200</item>
10 |         <item name="colorSecondaryVariant">@color/teal_700</item>
11 |         <item name="colorOnSecondary">@color/black</item>
12 |         <!-- Status bar color. -->
13 |         <item name="android:statusBarColor" tools:targetApi="l">?attr/colorPrimaryVariant</item>
14 |         <!-- Customize your theme here. -->
15 |     </style>
16 | </resources>


--------------------------------------------------------------------------------
/app/src/main/res/values-night/themes.xml:
--------------------------------------------------------------------------------
 1 | <resources xmlns:tools="http://schemas.android.com/tools">
 2 |     <!-- Base application theme. -->
 3 |     <style name="Theme.EncryptedRoomDBExample" parent="Theme.MaterialComponents.DayNight.DarkActionBar">
 4 |         <!-- Primary brand color. -->
 5 |         <item name="colorPrimary">@color/purple_200</item>
 6 |         <item name="colorPrimaryVariant">@color/purple_700</item>
 7 |         <item name="colorOnPrimary">@color/black</item>
 8 |         <!-- Secondary brand color. -->
 9 |         <item name="colorSecondary">@color/teal_200</item>
10 |         <item name="colorSecondaryVariant">@color/teal_200</item>
11 |         <item name="colorOnSecondary">@color/black</item>
12 |         <!-- Status bar color. -->
13 |         <item name="android:statusBarColor" tools:targetApi="l">?attr/colorPrimaryVariant</item>
14 |         <!-- Customize your theme here. -->
15 |     </style>
16 | </resources>


--------------------------------------------------------------------------------
/app/src/main/AndroidManifest.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?>
 2 | <manifest xmlns:android="http://schemas.android.com/apk/res/android"
 3 |     xmlns:tools="http://schemas.android.com/tools"
 4 |     package="de.krbmr.encryptedroomdb">
 5 | 
 6 |     <application
 7 |         android:allowBackup="true"
 8 |         android:dataExtractionRules="@xml/data_extraction_rules"
 9 |         android:fullBackupContent="@xml/backup_rules"
10 |         android:icon="@mipmap/ic_launcher"
11 |         android:label="@string/app_name"
12 |         android:roundIcon="@mipmap/ic_launcher_round"
13 |         android:supportsRtl="true"
14 |         android:theme="@style/Theme.EncryptedRoomDBExample"
15 |         tools:targetApi="31">
16 |         <activity
17 |             android:name=".MainActivity"
18 |             android:exported="true">
19 |             <intent-filter>
20 |                 <action android:name="android.intent.action.MAIN" />
21 | 
22 |                 <category android:name="android.intent.category.LAUNCHER" />
23 |             </intent-filter>
24 |         </activity>
25 |     </application>
26 | 
27 | </manifest>


--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
 1 | MIT License
 2 | 
 3 | Copyright (c) 2022 Lenz Karbaumer
 4 | 
 5 | Permission is hereby granted, free of charge, to any person obtaining a copy
 6 | of this software and associated documentation files (the "Software"), to deal
 7 | in the Software without restriction, including without limitation the rights
 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 | 
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 | 
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 | 


--------------------------------------------------------------------------------
/app/src/main/java/de/krbmr/encryptedroomdb/MainActivityViewModel.kt:
--------------------------------------------------------------------------------
 1 | package de.krbmr.encryptedroomdb
 2 | 
 3 | import androidx.lifecycle.ViewModel
 4 | import de.krbmr.encryptedroomdb.database.Secret
 5 | import de.krbmr.encryptedroomdb.database.SecretDatabaseDao
 6 | import kotlinx.coroutines.*
 7 | 
 8 | class MainActivityViewModel(private val database: SecretDatabaseDao) : ViewModel() {
 9 | 
10 |     private var viewModelJob = Job()
11 | 
12 |     private val uiScope = CoroutineScope(Dispatchers.Main + viewModelJob)
13 | 
14 |     val allSecrets = database.getAllSecrets()
15 | 
16 |     fun onInsertSecret(secret: Secret) {
17 |         uiScope.launch {
18 |             insertSecret(secret)
19 |         }
20 |     }
21 | 
22 |     private suspend fun insertSecret(secret: Secret) {
23 |         withContext(Dispatchers.IO) {
24 |             database.insertSecret(secret)
25 |         }
26 |     }
27 | 
28 |     fun onClearSecrets() {
29 |         uiScope.launch {
30 |             clearSecrets()
31 |         }
32 |     }
33 | 
34 |     private suspend fun clearSecrets() {
35 |         withContext(Dispatchers.IO) {
36 |             database.clearSecrets()
37 |         }
38 |     }
39 | 
40 |     override fun onCleared() {
41 |         super.onCleared()
42 |         viewModelJob.cancel()
43 |     }
44 | }


--------------------------------------------------------------------------------
/gradle.properties:
--------------------------------------------------------------------------------
 1 | # Project-wide Gradle settings.
 2 | # IDE (e.g. Android Studio) users:
 3 | # Gradle settings configured through the IDE *will override*
 4 | # any settings specified in this file.
 5 | # For more details on how to configure your build environment visit
 6 | # http://www.gradle.org/docs/current/userguide/build_environment.html
 7 | # Specifies the JVM arguments used for the daemon process.
 8 | # The setting is particularly useful for tweaking memory settings.
 9 | org.gradle.jvmargs=-Xmx2048m -Dfile.encoding=UTF-8
10 | # When configured, Gradle will run in incubating parallel mode.
11 | # This option should only be used with decoupled projects. More details, visit
12 | # http://www.gradle.org/docs/current/userguide/multi_project_builds.html#sec:decoupled_projects
13 | # org.gradle.parallel=true
14 | # AndroidX package structure to make it clearer which packages are bundled with the
15 | # Android operating system, and which are packaged with your app"s APK
16 | # https://developer.android.com/topic/libraries/support-library/androidx-rn
17 | android.useAndroidX=true
18 | # Kotlin code style for this project: "official" or "obsolete":
19 | kotlin.code.style=official
20 | # Enables namespacing of each library's R class so that its R class includes only the
21 | # resources declared in the library itself and none from the library's dependencies,
22 | # thereby reducing the size of the R class for that library
23 | android.nonTransitiveRClass=true


--------------------------------------------------------------------------------
/app/src/main/java/de/krbmr/encryptedroomdb/MainActivity.kt:
--------------------------------------------------------------------------------
 1 | package de.krbmr.encryptedroomdb
 2 | 
 3 | import androidx.appcompat.app.AppCompatActivity
 4 | import android.os.Bundle
 5 | import androidx.lifecycle.ViewModelProvider
 6 | import de.krbmr.encryptedroomdb.database.Secret
 7 | import de.krbmr.encryptedroomdb.database.SecretDatabase
 8 | import de.krbmr.encryptedroomdb.databinding.ActivityMainBinding
 9 | 
10 | class MainActivity : AppCompatActivity() {
11 | 
12 |     private lateinit var binding: ActivityMainBinding
13 | 
14 |     private lateinit var viewModel: MainActivityViewModel
15 | 
16 |     override fun onCreate(savedInstanceState: Bundle?) {
17 |         super.onCreate(savedInstanceState)
18 | 
19 |         binding = ActivityMainBinding.inflate(layoutInflater)
20 |         setContentView(binding.root)
21 | 
22 |         val secretDatabaseDao = SecretDatabase.getInstance(application).secretDatabaseDao
23 |         val viewModelFactory = MainActivityViewModelFactory(secretDatabaseDao)
24 |         viewModel = ViewModelProvider(this, viewModelFactory).get(MainActivityViewModel::class.java)
25 | 
26 |         binding.saveButton.setOnClickListener {
27 |             val editable = binding.inputEditText.text
28 |             val secret = Secret(secretValue = editable.toString())
29 |             viewModel.onInsertSecret(secret)
30 |             editable.clear()
31 |         }
32 | 
33 |         binding.clearButton.setOnClickListener {
34 |             viewModel.onClearSecrets()
35 |         }
36 | 
37 |         viewModel.allSecrets.observe(this) { secrets ->
38 |             binding.valuesTextView.text = secrets.map { it.secretValue }.toString()
39 |         }
40 |     }
41 | }


--------------------------------------------------------------------------------
/app/src/main/res/drawable-v24/ic_launcher_foreground.xml:
--------------------------------------------------------------------------------
 1 | <vector xmlns:android="http://schemas.android.com/apk/res/android"
 2 |     xmlns:aapt="http://schemas.android.com/aapt"
 3 |     android:width="108dp"
 4 |     android:height="108dp"
 5 |     android:viewportWidth="108"
 6 |     android:viewportHeight="108">
 7 |     <path android:pathData="M31,63.928c0,0 6.4,-11 12.1,-13.1c7.2,-2.6 26,-1.4 26,-1.4l38.1,38.1L107,108.928l-32,-1L31,63.928z">
 8 |         <aapt:attr name="android:fillColor">
 9 |             <gradient
10 |                 android:endX="85.84757"
11 |                 android:endY="92.4963"
12 |                 android:startX="42.9492"
13 |                 android:startY="49.59793"
14 |                 android:type="linear">
15 |                 <item
16 |                     android:color="#44000000"
17 |                     android:offset="0.0" />
18 |                 <item
19 |                     android:color="#00000000"
20 |                     android:offset="1.0" />
21 |             </gradient>
22 |         </aapt:attr>
23 |     </path>
24 |     <path
25 |         android:fillColor="#FFFFFF"
26 |         android:fillType="nonZero"
27 |         android:pathData="M65.3,45.828l3.8,-6.6c0.2,-0.4 0.1,-0.9 -0.3,-1.1c-0.4,-0.2 -0.9,-0.1 -1.1,0.3l-3.9,6.7c-6.3,-2.8 -13.4,-2.8 -19.7,0l-3.9,-6.7c-0.2,-0.4 -0.7,-0.5 -1.1,-0.3C38.8,38.328 38.7,38.828 38.9,39.228l3.8,6.6C36.2,49.428 31.7,56.028 31,63.928h46C76.3,56.028 71.8,49.428 65.3,45.828zM43.4,57.328c-0.8,0 -1.5,-0.5 -1.8,-1.2c-0.3,-0.7 -0.1,-1.5 0.4,-2.1c0.5,-0.5 1.4,-0.7 2.1,-0.4c0.7,0.3 1.2,1 1.2,1.8C45.3,56.528 44.5,57.328 43.4,57.328L43.4,57.328zM64.6,57.328c-0.8,0 -1.5,-0.5 -1.8,-1.2s-0.1,-1.5 0.4,-2.1c0.5,-0.5 1.4,-0.7 2.1,-0.4c0.7,0.3 1.2,1 1.2,1.8C66.5,56.528 65.6,57.328 64.6,57.328L64.6,57.328z"
28 |         android:strokeWidth="1"
29 |         android:strokeColor="#00000000" />
30 | </vector>


--------------------------------------------------------------------------------
/app/build.gradle:
--------------------------------------------------------------------------------
 1 | plugins {
 2 |     id 'com.android.application'
 3 |     id 'org.jetbrains.kotlin.android'
 4 |     id 'kotlin-kapt'
 5 | }
 6 | 
 7 | android {
 8 |     compileSdk 32
 9 | 
10 |     defaultConfig {
11 |         applicationId "de.krbmr.encryptedroomdb"
12 |         minSdk 24
13 |         targetSdk 32
14 |         versionCode 1
15 |         versionName "1.0"
16 | 
17 |         testInstrumentationRunner "androidx.test.runner.AndroidJUnitRunner"
18 |     }
19 | 
20 |     buildTypes {
21 |         release {
22 |             minifyEnabled false
23 |             proguardFiles getDefaultProguardFile('proguard-android-optimize.txt'), 'proguard-rules.pro'
24 |         }
25 |     }
26 |     compileOptions {
27 |         sourceCompatibility JavaVersion.VERSION_1_8
28 |         targetCompatibility JavaVersion.VERSION_1_8
29 |     }
30 |     kotlinOptions {
31 |         jvmTarget = '1.8'
32 |     }
33 |     dataBinding {
34 |         enabled true
35 |     }
36 | }
37 | 
38 | dependencies {
39 | 
40 |     implementation 'androidx.core:core-ktx:1.7.0'
41 |     implementation 'androidx.appcompat:appcompat:1.4.1'
42 |     implementation 'com.google.android.material:material:1.6.0'
43 |     implementation 'androidx.constraintlayout:constraintlayout:2.1.3'
44 | 
45 |     // Room database
46 |     implementation 'androidx.room:room-runtime:2.4.2'
47 |     annotationProcessor 'androidx.room:room-compiler:2.4.2'
48 |     kapt 'androidx.room:room-compiler:2.4.2'
49 |     implementation 'androidx.room:room-ktx:2.4.2'
50 | 
51 |     // SQLCipher
52 |     implementation 'net.zetetic:android-database-sqlcipher:4.5.0'
53 |     // For EncryptedSharedPreferences
54 |     implementation "androidx.security:security-crypto:1.0.0"
55 |     // For MasterKey
56 |     implementation "androidx.security:security-crypto-ktx:1.1.0-alpha03"
57 | 
58 |     testImplementation 'junit:junit:4.13.2'
59 |     androidTestImplementation 'androidx.test.ext:junit:1.1.3'
60 |     androidTestImplementation 'androidx.test.espresso:espresso-core:3.4.0'
61 | }


--------------------------------------------------------------------------------
/gradlew.bat:
--------------------------------------------------------------------------------
 1 | @rem
 2 | @rem Copyright 2015 the original author or authors.
 3 | @rem
 4 | @rem Licensed under the Apache License, Version 2.0 (the "License");
 5 | @rem you may not use this file except in compliance with the License.
 6 | @rem You may obtain a copy of the License at
 7 | @rem
 8 | @rem      https://www.apache.org/licenses/LICENSE-2.0
 9 | @rem
10 | @rem Unless required by applicable law or agreed to in writing, software
11 | @rem distributed under the License is distributed on an "AS IS" BASIS,
12 | @rem WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | @rem See the License for the specific language governing permissions and
14 | @rem limitations under the License.
15 | @rem
16 | 
17 | @if "%DEBUG%" == "" @echo off
18 | @rem ##########################################################################
19 | @rem
20 | @rem  Gradle startup script for Windows
21 | @rem
22 | @rem ##########################################################################
23 | 
24 | @rem Set local scope for the variables with windows NT shell
25 | if "%OS%"=="Windows_NT" setlocal
26 | 
27 | set DIRNAME=%~dp0
28 | if "%DIRNAME%" == "" set DIRNAME=.
29 | set APP_BASE_NAME=%~n0
30 | set APP_HOME=%DIRNAME%
31 | 
32 | @rem Resolve any "." and ".." in APP_HOME to make it shorter.
33 | for %%i in ("%APP_HOME%") do set APP_HOME=%%~fi
34 | 
35 | @rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
36 | set DEFAULT_JVM_OPTS="-Xmx64m" "-Xms64m"
37 | 
38 | @rem Find java.exe
39 | if defined JAVA_HOME goto findJavaFromJavaHome
40 | 
41 | set JAVA_EXE=java.exe
42 | %JAVA_EXE% -version >NUL 2>&1
43 | if "%ERRORLEVEL%" == "0" goto execute
44 | 
45 | echo.
46 | echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
47 | echo.
48 | echo Please set the JAVA_HOME variable in your environment to match the
49 | echo location of your Java installation.
50 | 
51 | goto fail
52 | 
53 | :findJavaFromJavaHome
54 | set JAVA_HOME=%JAVA_HOME:"=%
55 | set JAVA_EXE=%JAVA_HOME%/bin/java.exe
56 | 
57 | if exist "%JAVA_EXE%" goto execute
58 | 
59 | echo.
60 | echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME%
61 | echo.
62 | echo Please set the JAVA_HOME variable in your environment to match the
63 | echo location of your Java installation.
64 | 
65 | goto fail
66 | 
67 | :execute
68 | @rem Setup the command line
69 | 
70 | set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar
71 | 
72 | 
73 | @rem Execute Gradle
74 | "%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %*
75 | 
76 | :end
77 | @rem End local scope for the variables with windows NT shell
78 | if "%ERRORLEVEL%"=="0" goto mainEnd
79 | 
80 | :fail
81 | rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of
82 | rem the _cmd.exe /c_ return code!
83 | if  not "" == "%GRADLE_EXIT_CONSOLE%" exit 1
84 | exit /b 1
85 | 
86 | :mainEnd
87 | if "%OS%"=="Windows_NT" endlocal
88 | 
89 | :omega
90 | 


--------------------------------------------------------------------------------
/app/src/main/res/layout/activity_main.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?>
 2 | <layout xmlns:android="http://schemas.android.com/apk/res/android"
 3 |     xmlns:app="http://schemas.android.com/apk/res-auto"
 4 |     xmlns:tools="http://schemas.android.com/tools">
 5 | 
 6 |     <data>
 7 | 
 8 |     </data>
 9 | 
10 |     <androidx.constraintlayout.widget.ConstraintLayout
11 |         android:layout_width="match_parent"
12 |         android:layout_height="match_parent"
13 |         tools:context=".MainActivity">
14 | 
15 |         <TextView
16 |             android:id="@+id/enterTextView"
17 |             android:layout_width="0dp"
18 |             android:layout_height="wrap_content"
19 |             android:layout_marginStart="16dp"
20 |             android:layout_marginTop="16dp"
21 |             android:layout_marginEnd="16dp"
22 |             android:text="@string/enter_a_secret"
23 |             app:layout_constraintEnd_toEndOf="parent"
24 |             app:layout_constraintStart_toStartOf="parent"
25 |             app:layout_constraintTop_toTopOf="parent" />
26 | 
27 |         <EditText
28 |             android:id="@+id/inputEditText"
29 |             android:layout_width="0dp"
30 |             android:layout_height="wrap_content"
31 |             android:layout_marginStart="16dp"
32 |             android:layout_marginTop="8dp"
33 |             android:layout_marginEnd="16dp"
34 |             android:background="@color/grey"
35 |             android:ems="10"
36 |             android:inputType="textPersonName"
37 |             app:layout_constraintEnd_toEndOf="parent"
38 |             app:layout_constraintStart_toStartOf="parent"
39 |             app:layout_constraintTop_toBottomOf="@+id/enterTextView" />
40 | 
41 |         <Button
42 |             android:id="@+id/saveButton"
43 |             android:layout_width="wrap_content"
44 |             android:layout_height="wrap_content"
45 |             android:layout_marginStart="16dp"
46 |             android:layout_marginTop="8dp"
47 |             android:layout_marginEnd="16dp"
48 |             android:text="@string/save"
49 |             app:layout_constraintEnd_toEndOf="parent"
50 |             app:layout_constraintStart_toStartOf="parent"
51 |             app:layout_constraintTop_toBottomOf="@+id/inputEditText" />
52 | 
53 |         <TextView
54 |             android:id="@+id/valuesLabelTextView"
55 |             android:layout_width="0dp"
56 |             android:layout_height="wrap_content"
57 |             android:layout_marginStart="16dp"
58 |             android:layout_marginTop="32dp"
59 |             android:layout_marginEnd="16dp"
60 |             android:text="@string/all_the_secrets"
61 |             app:layout_constraintEnd_toEndOf="parent"
62 |             app:layout_constraintStart_toStartOf="parent"
63 |             app:layout_constraintTop_toBottomOf="@+id/saveButton" />
64 | 
65 |         <TextView
66 |             android:id="@+id/valuesTextView"
67 |             android:layout_width="0dp"
68 |             android:layout_height="wrap_content"
69 |             android:layout_marginStart="16dp"
70 |             android:layout_marginTop="8dp"
71 |             android:layout_marginEnd="16dp"
72 |             android:textColor="@color/black"
73 |             android:textSize="20sp"
74 |             app:layout_constraintEnd_toEndOf="parent"
75 |             app:layout_constraintStart_toStartOf="parent"
76 |             app:layout_constraintTop_toBottomOf="@+id/valuesLabelTextView" />
77 | 
78 |         <Button
79 |             android:id="@+id/clearButton"
80 |             android:layout_width="wrap_content"
81 |             android:layout_height="wrap_content"
82 |             android:layout_marginStart="16dp"
83 |             android:layout_marginTop="16dp"
84 |             android:layout_marginEnd="16dp"
85 |             android:text="@string/clear"
86 |             app:layout_constraintEnd_toEndOf="parent"
87 |             app:layout_constraintStart_toStartOf="parent"
88 |             app:layout_constraintTop_toBottomOf="@+id/valuesTextView" />
89 | 
90 |     </androidx.constraintlayout.widget.ConstraintLayout>
91 | </layout>


--------------------------------------------------------------------------------
/app/src/main/java/de/krbmr/encryptedroomdb/database/SecretDatabase.kt:
--------------------------------------------------------------------------------
  1 | package de.krbmr.encryptedroomdb.database
  2 | 
  3 | import android.content.Context
  4 | import android.content.SharedPreferences
  5 | import androidx.core.content.edit
  6 | import androidx.room.Database
  7 | import androidx.room.Room
  8 | import androidx.room.RoomDatabase
  9 | import androidx.security.crypto.EncryptedSharedPreferences
 10 | import androidx.security.crypto.MasterKey
 11 | import net.sqlcipher.database.SupportFactory
 12 | import javax.crypto.KeyGenerator
 13 | 
 14 | const val DATABASE_NAME = "secret_database.db"
 15 | const val SHARED_PREFS_NAME = "de.krbmr.encryptedroomdb.shared_prefs" // Choose a unique name!
 16 | const val PREFS_KEY_PASSPHRASE = "PREFS_KEY_PASSPHRASE"
 17 | const val ALGORITHM_AES = "AES"
 18 | const val KEY_SIZE = 256
 19 | 
 20 | @Database(entities = [Secret::class], version = 1)
 21 | abstract class SecretDatabase : RoomDatabase() {
 22 | 
 23 |     abstract val secretDatabaseDao: SecretDatabaseDao
 24 | 
 25 |     companion object {
 26 | 
 27 |         @Volatile
 28 |         private var INSTANCE: SecretDatabase? = null
 29 | 
 30 |         /**
 31 |          * Returns the database instance. If the database does not exist yet, it will be created.
 32 |          */
 33 |         fun getInstance(context: Context): SecretDatabase {
 34 |             synchronized(this) {
 35 |                 var instance = INSTANCE
 36 | 
 37 |                 if (instance == null) {
 38 |                     instance = createDB(context)
 39 |                     INSTANCE = instance
 40 |                 }
 41 |                 return instance
 42 |             }
 43 |         }
 44 | 
 45 |         /**
 46 |          * Creates a database instance and returns it.
 47 |          */
 48 |         private fun createDB(context: Context): SecretDatabase {
 49 |             val passphrase = getPassphrase(context) ?: initializePassphrase(context)
 50 | 
 51 |             val factory = SupportFactory(passphrase)
 52 |             return Room.databaseBuilder(
 53 |                 context.applicationContext,
 54 |                 SecretDatabase::class.java,
 55 |                 DATABASE_NAME
 56 |             )
 57 |                 .openHelperFactory(factory)
 58 |                 .fallbackToDestructiveMigration()
 59 |                 .build()
 60 |         }
 61 | 
 62 |         /**
 63 |          * Generates a passphrase and stores it in the encrypted shared preferences.
 64 |          * Returns the newly generated passphrase.
 65 |          */
 66 |         private fun initializePassphrase(context: Context): ByteArray {
 67 |             val passphrase = generatePassphrase()
 68 | 
 69 |             getSharedPrefs(context).edit(commit = true) {
 70 |                 putString(PREFS_KEY_PASSPHRASE, passphrase.toString(Charsets.ISO_8859_1))
 71 |             }
 72 | 
 73 |             return passphrase
 74 |         }
 75 | 
 76 |         /**
 77 |          * Retrieves the passphrase for encryption from the encrypted shared preferences.
 78 |          * Returns null if there is no stored passphrase.
 79 |          */
 80 |         private fun getPassphrase(context: Context): ByteArray? {
 81 |             val passphraseString = getSharedPrefs(context)
 82 |                 .getString(PREFS_KEY_PASSPHRASE, null)
 83 |             return passphraseString?.toByteArray(Charsets.ISO_8859_1)
 84 |         }
 85 | 
 86 |         /**
 87 |          * Returns a reference to the encrypted shared preferences.
 88 |          */
 89 |         private fun getSharedPrefs(context: Context): SharedPreferences {
 90 |             val masterKey =
 91 |                 MasterKey.Builder(context, MasterKey.DEFAULT_MASTER_KEY_ALIAS)
 92 |                     .setKeyScheme(MasterKey.KeyScheme.AES256_GCM)
 93 |                     .build()
 94 | 
 95 |             return EncryptedSharedPreferences.create(
 96 |                 context,
 97 |                 SHARED_PREFS_NAME,
 98 |                 masterKey,
 99 |                 EncryptedSharedPreferences.PrefKeyEncryptionScheme.AES256_SIV,
100 |                 EncryptedSharedPreferences.PrefValueEncryptionScheme.AES256_GCM
101 |             )
102 |         }
103 | 
104 |         /**
105 |          * Generates and returns a passphrase.
106 |          */
107 |         private fun generatePassphrase(): ByteArray {
108 |             val keyGenerator = KeyGenerator.getInstance(ALGORITHM_AES)
109 |             keyGenerator.init(KEY_SIZE)
110 |             return keyGenerator.generateKey().encoded
111 |         }
112 |     }
113 | }


--------------------------------------------------------------------------------
/app/src/main/res/drawable/ic_launcher_background.xml:
--------------------------------------------------------------------------------
  1 | <?xml version="1.0" encoding="utf-8"?>
  2 | <vector xmlns:android="http://schemas.android.com/apk/res/android"
  3 |     android:width="108dp"
  4 |     android:height="108dp"
  5 |     android:viewportWidth="108"
  6 |     android:viewportHeight="108">
  7 |     <path
  8 |         android:fillColor="#3DDC84"
  9 |         android:pathData="M0,0h108v108h-108z" />
 10 |     <path
 11 |         android:fillColor="#00000000"
 12 |         android:pathData="M9,0L9,108"
 13 |         android:strokeWidth="0.8"
 14 |         android:strokeColor="#33FFFFFF" />
 15 |     <path
 16 |         android:fillColor="#00000000"
 17 |         android:pathData="M19,0L19,108"
 18 |         android:strokeWidth="0.8"
 19 |         android:strokeColor="#33FFFFFF" />
 20 |     <path
 21 |         android:fillColor="#00000000"
 22 |         android:pathData="M29,0L29,108"
 23 |         android:strokeWidth="0.8"
 24 |         android:strokeColor="#33FFFFFF" />
 25 |     <path
 26 |         android:fillColor="#00000000"
 27 |         android:pathData="M39,0L39,108"
 28 |         android:strokeWidth="0.8"
 29 |         android:strokeColor="#33FFFFFF" />
 30 |     <path
 31 |         android:fillColor="#00000000"
 32 |         android:pathData="M49,0L49,108"
 33 |         android:strokeWidth="0.8"
 34 |         android:strokeColor="#33FFFFFF" />
 35 |     <path
 36 |         android:fillColor="#00000000"
 37 |         android:pathData="M59,0L59,108"
 38 |         android:strokeWidth="0.8"
 39 |         android:strokeColor="#33FFFFFF" />
 40 |     <path
 41 |         android:fillColor="#00000000"
 42 |         android:pathData="M69,0L69,108"
 43 |         android:strokeWidth="0.8"
 44 |         android:strokeColor="#33FFFFFF" />
 45 |     <path
 46 |         android:fillColor="#00000000"
 47 |         android:pathData="M79,0L79,108"
 48 |         android:strokeWidth="0.8"
 49 |         android:strokeColor="#33FFFFFF" />
 50 |     <path
 51 |         android:fillColor="#00000000"
 52 |         android:pathData="M89,0L89,108"
 53 |         android:strokeWidth="0.8"
 54 |         android:strokeColor="#33FFFFFF" />
 55 |     <path
 56 |         android:fillColor="#00000000"
 57 |         android:pathData="M99,0L99,108"
 58 |         android:strokeWidth="0.8"
 59 |         android:strokeColor="#33FFFFFF" />
 60 |     <path
 61 |         android:fillColor="#00000000"
 62 |         android:pathData="M0,9L108,9"
 63 |         android:strokeWidth="0.8"
 64 |         android:strokeColor="#33FFFFFF" />
 65 |     <path
 66 |         android:fillColor="#00000000"
 67 |         android:pathData="M0,19L108,19"
 68 |         android:strokeWidth="0.8"
 69 |         android:strokeColor="#33FFFFFF" />
 70 |     <path
 71 |         android:fillColor="#00000000"
 72 |         android:pathData="M0,29L108,29"
 73 |         android:strokeWidth="0.8"
 74 |         android:strokeColor="#33FFFFFF" />
 75 |     <path
 76 |         android:fillColor="#00000000"
 77 |         android:pathData="M0,39L108,39"
 78 |         android:strokeWidth="0.8"
 79 |         android:strokeColor="#33FFFFFF" />
 80 |     <path
 81 |         android:fillColor="#00000000"
 82 |         android:pathData="M0,49L108,49"
 83 |         android:strokeWidth="0.8"
 84 |         android:strokeColor="#33FFFFFF" />
 85 |     <path
 86 |         android:fillColor="#00000000"
 87 |         android:pathData="M0,59L108,59"
 88 |         android:strokeWidth="0.8"
 89 |         android:strokeColor="#33FFFFFF" />
 90 |     <path
 91 |         android:fillColor="#00000000"
 92 |         android:pathData="M0,69L108,69"
 93 |         android:strokeWidth="0.8"
 94 |         android:strokeColor="#33FFFFFF" />
 95 |     <path
 96 |         android:fillColor="#00000000"
 97 |         android:pathData="M0,79L108,79"
 98 |         android:strokeWidth="0.8"
 99 |         android:strokeColor="#33FFFFFF" />
100 |     <path
101 |         android:fillColor="#00000000"
102 |         android:pathData="M0,89L108,89"
103 |         android:strokeWidth="0.8"
104 |         android:strokeColor="#33FFFFFF" />
105 |     <path
106 |         android:fillColor="#00000000"
107 |         android:pathData="M0,99L108,99"
108 |         android:strokeWidth="0.8"
109 |         android:strokeColor="#33FFFFFF" />
110 |     <path
111 |         android:fillColor="#00000000"
112 |         android:pathData="M19,29L89,29"
113 |         android:strokeWidth="0.8"
114 |         android:strokeColor="#33FFFFFF" />
115 |     <path
116 |         android:fillColor="#00000000"
117 |         android:pathData="M19,39L89,39"
118 |         android:strokeWidth="0.8"
119 |         android:strokeColor="#33FFFFFF" />
120 |     <path
121 |         android:fillColor="#00000000"
122 |         android:pathData="M19,49L89,49"
123 |         android:strokeWidth="0.8"
124 |         android:strokeColor="#33FFFFFF" />
125 |     <path
126 |         android:fillColor="#00000000"
127 |         android:pathData="M19,59L89,59"
128 |         android:strokeWidth="0.8"
129 |         android:strokeColor="#33FFFFFF" />
130 |     <path
131 |         android:fillColor="#00000000"
132 |         android:pathData="M19,69L89,69"
133 |         android:strokeWidth="0.8"
134 |         android:strokeColor="#33FFFFFF" />
135 |     <path
136 |         android:fillColor="#00000000"
137 |         android:pathData="M19,79L89,79"
138 |         android:strokeWidth="0.8"
139 |         android:strokeColor="#33FFFFFF" />
140 |     <path
141 |         android:fillColor="#00000000"
142 |         android:pathData="M29,19L29,89"
143 |         android:strokeWidth="0.8"
144 |         android:strokeColor="#33FFFFFF" />
145 |     <path
146 |         android:fillColor="#00000000"
147 |         android:pathData="M39,19L39,89"
148 |         android:strokeWidth="0.8"
149 |         android:strokeColor="#33FFFFFF" />
150 |     <path
151 |         android:fillColor="#00000000"
152 |         android:pathData="M49,19L49,89"
153 |         android:strokeWidth="0.8"
154 |         android:strokeColor="#33FFFFFF" />
155 |     <path
156 |         android:fillColor="#00000000"
157 |         android:pathData="M59,19L59,89"
158 |         android:strokeWidth="0.8"
159 |         android:strokeColor="#33FFFFFF" />
160 |     <path
161 |         android:fillColor="#00000000"
162 |         android:pathData="M69,19L69,89"
163 |         android:strokeWidth="0.8"
164 |         android:strokeColor="#33FFFFFF" />
165 |     <path
166 |         android:fillColor="#00000000"
167 |         android:pathData="M79,19L79,89"
168 |         android:strokeWidth="0.8"
169 |         android:strokeColor="#33FFFFFF" />
170 | </vector>
171 | 


--------------------------------------------------------------------------------
/gradlew:
--------------------------------------------------------------------------------
  1 | #!/usr/bin/env sh
  2 | 
  3 | #
  4 | # Copyright 2015 the original author or authors.
  5 | #
  6 | # Licensed under the Apache License, Version 2.0 (the "License");
  7 | # you may not use this file except in compliance with the License.
  8 | # You may obtain a copy of the License at
  9 | #
 10 | #      https://www.apache.org/licenses/LICENSE-2.0
 11 | #
 12 | # Unless required by applicable law or agreed to in writing, software
 13 | # distributed under the License is distributed on an "AS IS" BASIS,
 14 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 15 | # See the License for the specific language governing permissions and
 16 | # limitations under the License.
 17 | #
 18 | 
 19 | ##############################################################################
 20 | ##
 21 | ##  Gradle start up script for UN*X
 22 | ##
 23 | ##############################################################################
 24 | 
 25 | # Attempt to set APP_HOME
 26 | # Resolve links: $0 may be a link
 27 | PRG="$0"
 28 | # Need this for relative symlinks.
 29 | while [ -h "$PRG" ] ; do
 30 |     ls=`ls -ld "$PRG"`
 31 |     link=`expr "$ls" : '.*-> \(.*\)$'`
 32 |     if expr "$link" : '/.*' > /dev/null; then
 33 |         PRG="$link"
 34 |     else
 35 |         PRG=`dirname "$PRG"`"/$link"
 36 |     fi
 37 | done
 38 | SAVED="`pwd`"
 39 | cd "`dirname \"$PRG\"`/" >/dev/null
 40 | APP_HOME="`pwd -P`"
 41 | cd "$SAVED" >/dev/null
 42 | 
 43 | APP_NAME="Gradle"
 44 | APP_BASE_NAME=`basename "$0"`
 45 | 
 46 | # Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
 47 | DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"'
 48 | 
 49 | # Use the maximum available, or set MAX_FD != -1 to use that value.
 50 | MAX_FD="maximum"
 51 | 
 52 | warn () {
 53 |     echo "$*"
 54 | }
 55 | 
 56 | die () {
 57 |     echo
 58 |     echo "$*"
 59 |     echo
 60 |     exit 1
 61 | }
 62 | 
 63 | # OS specific support (must be 'true' or 'false').
 64 | cygwin=false
 65 | msys=false
 66 | darwin=false
 67 | nonstop=false
 68 | case "`uname`" in
 69 |   CYGWIN* )
 70 |     cygwin=true
 71 |     ;;
 72 |   Darwin* )
 73 |     darwin=true
 74 |     ;;
 75 |   MINGW* )
 76 |     msys=true
 77 |     ;;
 78 |   NONSTOP* )
 79 |     nonstop=true
 80 |     ;;
 81 | esac
 82 | 
 83 | CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar
 84 | 
 85 | 
 86 | # Determine the Java command to use to start the JVM.
 87 | if [ -n "$JAVA_HOME" ] ; then
 88 |     if [ -x "$JAVA_HOME/jre/sh/java" ] ; then
 89 |         # IBM's JDK on AIX uses strange locations for the executables
 90 |         JAVACMD="$JAVA_HOME/jre/sh/java"
 91 |     else
 92 |         JAVACMD="$JAVA_HOME/bin/java"
 93 |     fi
 94 |     if [ ! -x "$JAVACMD" ] ; then
 95 |         die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME
 96 | 
 97 | Please set the JAVA_HOME variable in your environment to match the
 98 | location of your Java installation."
 99 |     fi
100 | else
101 |     JAVACMD="java"
102 |     which java >/dev/null 2>&1 || die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
103 | 
104 | Please set the JAVA_HOME variable in your environment to match the
105 | location of your Java installation."
106 | fi
107 | 
108 | # Increase the maximum file descriptors if we can.
109 | if [ "$cygwin" = "false" -a "$darwin" = "false" -a "$nonstop" = "false" ] ; then
110 |     MAX_FD_LIMIT=`ulimit -H -n`
111 |     if [ $? -eq 0 ] ; then
112 |         if [ "$MAX_FD" = "maximum" -o "$MAX_FD" = "max" ] ; then
113 |             MAX_FD="$MAX_FD_LIMIT"
114 |         fi
115 |         ulimit -n $MAX_FD
116 |         if [ $? -ne 0 ] ; then
117 |             warn "Could not set maximum file descriptor limit: $MAX_FD"
118 |         fi
119 |     else
120 |         warn "Could not query maximum file descriptor limit: $MAX_FD_LIMIT"
121 |     fi
122 | fi
123 | 
124 | # For Darwin, add options to specify how the application appears in the dock
125 | if $darwin; then
126 |     GRADLE_OPTS="$GRADLE_OPTS \"-Xdock:name=$APP_NAME\" \"-Xdock:icon=$APP_HOME/media/gradle.icns\""
127 | fi
128 | 
129 | # For Cygwin or MSYS, switch paths to Windows format before running java
130 | if [ "$cygwin" = "true" -o "$msys" = "true" ] ; then
131 |     APP_HOME=`cygpath --path --mixed "$APP_HOME"`
132 |     CLASSPATH=`cygpath --path --mixed "$CLASSPATH"`
133 | 
134 |     JAVACMD=`cygpath --unix "$JAVACMD"`
135 | 
136 |     # We build the pattern for arguments to be converted via cygpath
137 |     ROOTDIRSRAW=`find -L / -maxdepth 1 -mindepth 1 -type d 2>/dev/null`
138 |     SEP=""
139 |     for dir in $ROOTDIRSRAW ; do
140 |         ROOTDIRS="$ROOTDIRS$SEP$dir"
141 |         SEP="|"
142 |     done
143 |     OURCYGPATTERN="(^($ROOTDIRS))"
144 |     # Add a user-defined pattern to the cygpath arguments
145 |     if [ "$GRADLE_CYGPATTERN" != "" ] ; then
146 |         OURCYGPATTERN="$OURCYGPATTERN|($GRADLE_CYGPATTERN)"
147 |     fi
148 |     # Now convert the arguments - kludge to limit ourselves to /bin/sh
149 |     i=0
150 |     for arg in "$@" ; do
151 |         CHECK=`echo "$arg"|egrep -c "$OURCYGPATTERN" -`
152 |         CHECK2=`echo "$arg"|egrep -c "^-"`                                 ### Determine if an option
153 | 
154 |         if [ $CHECK -ne 0 ] && [ $CHECK2 -eq 0 ] ; then                    ### Added a condition
155 |             eval `echo args$i`=`cygpath --path --ignore --mixed "$arg"`
156 |         else
157 |             eval `echo args$i`="\"$arg\""
158 |         fi
159 |         i=`expr $i + 1`
160 |     done
161 |     case $i in
162 |         0) set -- ;;
163 |         1) set -- "$args0" ;;
164 |         2) set -- "$args0" "$args1" ;;
165 |         3) set -- "$args0" "$args1" "$args2" ;;
166 |         4) set -- "$args0" "$args1" "$args2" "$args3" ;;
167 |         5) set -- "$args0" "$args1" "$args2" "$args3" "$args4" ;;
168 |         6) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" ;;
169 |         7) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" ;;
170 |         8) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" ;;
171 |         9) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" "$args8" ;;
172 |     esac
173 | fi
174 | 
175 | # Escape application args
176 | save () {
177 |     for i do printf %s\\n "$i" | sed "s/'/'\\\\''/g;1s/^/'/;\$s/\$/' \\\\/" ; done
178 |     echo " "
179 | }
180 | APP_ARGS=`save "$@"`
181 | 
182 | # Collect all arguments for the java command, following the shell quoting and substitution rules
183 | eval set -- $DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS "\"-Dorg.gradle.appname=$APP_BASE_NAME\"" -classpath "\"$CLASSPATH\"" org.gradle.wrapper.GradleWrapperMain "$APP_ARGS"
184 | 
185 | exec "$JAVACMD" "$@"
186 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
  1 | # About
  2 | This repository contains a sample app that shows how to encrypt the room database in an Android app.
  3 | The password used for encryption is generated on the first use
  4 | and is saved in the Android EncryptedSharedPreferences.
  5 | The app is programmed in kotlin. In java it should work in the same way.
  6 | 
  7 | The reason I created this repository was
  8 | that when I wanted to encrypt the database of an Android App,
  9 | I could only find outdated blog posts and tutorials using deprecated classes and methods.
 10 | So after I dug through the Android Documentation
 11 | I came up with a solution that I thought might be helpful to others.
 12 | So I am sharing this here in a sample App.
 13 | 
 14 | Feel free to open a pull request with improvements.
 15 | 
 16 | ## Room Database Without Encryption
 17 | The branch `no-encryption` in this repository contains the source code of the app
 18 | without the room database being encrypted.
 19 | 
 20 | <img src="screenshots/screenshot_app.png" width="200"/>
 21 | 
 22 | By analyzing the database file with `hexdump` it is possible to verify that the database is not encrypted.
 23 | ```shell
 24 | hexdump -C secret-database.db-wal
 25 | ```
 26 | 
 27 | ![](screenshots/screenshot_hex_not_encrypted.png)
 28 | 
 29 | ## Encrypting the Room Database
 30 | ### SQLCipher
 31 | [SQLCipher for Android](https://github.com/sqlcipher/android-database-sqlcipher)
 32 | adds encryption to a room database. The setup is simple:
 33 | The following dependency needs to be added to the app's `build.gradle` file:
 34 | ```groovy
 35 | implementation 'net.zetetic:android-database-sqlcipher:4.5.0'
 36 | ```
 37 | In the database class only two lines of code need to be added.
 38 | A SGLCipher `SupportFactory` is instantiated and passed to the `Room.databaseBuilder`:
 39 | ```kotlin
 40 | val factory = SupportFactory(passphrase)
 41 | //Room.databaseBuilder( ... )
 42 |     .openHelperFactory(factory)
 43 |     //.build()
 44 | ```
 45 | That is already it for the actual encryption.
 46 | Sadly SQLCipher does not handle the scenario
 47 | where a password is generated for encryption on the first use of the app
 48 | and stored encrypted in Android for future use.
 49 | The `SupportFactory` constructor needs a passphrase as an argument.
 50 | So a passphrase has to be generated.
 51 | 
 52 | ### Generating a Passphrase
 53 | The class [javax.crypto.KeyGenerator](https://developer.android.com/reference/javax/crypto/KeyGenerator)
 54 | provides the means to generate Keys. A simple function to generate a passphrase would look like this:
 55 | ```kotlin
 56 | const val ALGORITHM_AES = "AES"
 57 | const val KEY_SIZE = 256
 58 | 
 59 | private fun generatePassphrase(): ByteArray {
 60 |     val keyGenerator = KeyGenerator.getInstance(ALGORITHM_AES)
 61 |     keyGenerator.init(KEY_SIZE)
 62 |     return keyGenerator.generateKey().encoded
 63 | }
 64 | ```
 65 | The generated passphrase can be used to create the SQLCipher `SupportFactory`.
 66 | But, of course, the passphrase also needs to be saved so the database can be decrypted in the future.
 67 | 
 68 | ### Storing the Key in the EncryptedSharedPreferences
 69 | The passphrase can be stored in the
 70 | [EncryptedSharedPreferences](https://developer.android.com/reference/androidx/security/crypto/EncryptedSharedPreferences).
 71 | Those preferences can only be accessed by the app that created them and are encrypted by Android.
 72 | 
 73 | To do this a reference to the `EncryptedSharedPreferences` is needed. The classes
 74 | [MasterKey](https://developer.android.com/reference/androidx/security/crypto/MasterKey)
 75 | and [MasterKey.Builder](https://developer.android.com/reference/androidx/security/crypto/MasterKey.Builder)
 76 | and this specific [create method](https://developer.android.com/reference/androidx/security/crypto/EncryptedSharedPreferences#create(android.content.Context,%20java.lang.String,%20androidx.security.crypto.MasterKey,%20androidx.security.crypto.EncryptedSharedPreferences.PrefKeyEncryptionScheme,%20androidx.security.crypto.EncryptedSharedPreferences.PrefValueEncryptionScheme))
 77 | of `EncryptedSharedPreferences` are, as the time of writing, the way to do this.
 78 | Other classes and methods have been deprecated.
 79 | To use these classes the following dependencies have to be added to the app's `build.gradle` file:
 80 | ```groovy
 81 | implementation "androidx.security:security-crypto:1.0.0"
 82 | implementation "androidx.security:security-crypto-ktx:1.1.0-alpha03"
 83 | ```
 84 | 
 85 | A function retrieving the reference to the `EncryptedSharedPreferences` could look like this:
 86 | ```kotlin
 87 | const val SHARED_PREFS_NAME = "de.krbmr.encryptedroomdb.shared_prefs"
 88 | 
 89 | private fun getSharedPrefs(context: Context): SharedPreferences {
 90 |     val masterKey =
 91 |         MasterKey.Builder(context, MasterKey.DEFAULT_MASTER_KEY_ALIAS)
 92 |             .setKeyScheme(MasterKey.KeyScheme.AES256_GCM)
 93 |             .build()
 94 | 
 95 |     return EncryptedSharedPreferences.create(
 96 |         context,
 97 |         SHARED_PREFS_NAME,
 98 |         masterKey,
 99 |         EncryptedSharedPreferences.PrefKeyEncryptionScheme.AES256_SIV,
100 |         EncryptedSharedPreferences.PrefValueEncryptionScheme.AES256_GCM
101 |     )
102 | }
103 | ```
104 | Two more functions are needed. One to initialize the preference with a newly generated passphrase.
105 | And one to retrieve the passphrase from the preference:
106 | ```kotlin
107 | const val PREFS_KEY_PASSPHRASE = "PREFS_KEY_PASSPHRASE"
108 | 
109 | private fun initializePassphrase(context: Context): ByteArray {
110 |     val passphrase = generatePassphrase()
111 | 
112 |     getSharedPrefs(context).edit(commit = true) {
113 |         putString(PREFS_KEY_PASSPHRASE, passphrase.toString(Charsets.ISO_8859_1))
114 |     }
115 | 
116 |     return passphrase
117 | }
118 | 
119 | private fun getPassphrase(context: Context): ByteArray? {
120 |     val passphraseString = getSharedPrefs(context)
121 |         .getString(PREFS_KEY_PASSPHRASE, null)
122 |     return passphraseString?.toByteArray(Charsets.ISO_8859_1)
123 | }
124 | ```
125 | Important to note is that the ByteArray is converted to a String before saving it to the preference.
126 | The ISO-8859-1 encoding is used for that because it does not lose information on encoding and decoding.
127 | 
128 | Now it is possible to call the function `getPassphrase`
129 | in the function `createDB` to get the passphrase.
130 | When the app is used for the first time, null will be returned.
131 | In this case the function `initializePassphrase` needs to be called.
132 | ```kotlin
133 | val passphrase = getPassphrase(context) ?: initializePassphrase(context)
134 | ```
135 | 
136 | The finished kotlin database class can be found [here](app/src/main/java/de/krbmr/encryptedroomdb/database/SecretDatabase.kt).
137 | 
138 | By analyzing the database file with `hexdump` it is now possible to verify that the database is encrypted.
139 | ```shell
140 | hexdump -C secret-database.db-wal
141 | ```
142 | 


--------------------------------------------------------------------------------