This is a simple library that lets you encrypt and decrypt data/text. Android's keystore system is used to store cryptographic keys in a container to make it more difficult to extract from the device. The key material is non-exportable. The keystore system is used instead of the KeyChain API, because this library does not intend to allow system-wide credential storage, allowing multiple apps to access the keys. This library is single-app use only.

You should have a relatively good understanding of RxJava before using this library.

The Gradle dependency is available via jCenter. jCenter is the default Maven repository used by Android Studio.

dependencies {
	// ... other dependencies here
    compile 'com.afollestad:android-secure-storage:0.0.1'
}

RxSecureStorage secureStorage =
    RxSecureStorage.create(this, "alias_name")

The create method takes a Context and an alias. An alias can encrypt and decrypt data, another alias cannot encrypt/decrypt the same data successfully. An alias is not a password, think of it as the name of an entry in a keychain which stores generated encryption keys.

Using the same alias name across different devices would not result in shared encryption keys.

secureStorage
    .encryptString("string to encrypt")
    .observeOn(AndroidSchedulers.mainThread())
    .subscribe(result -> {
        // Use the resulting string
    },
    error -> {
        // Handle error
    });

You can replace .encryptString(String) with .encrypt(byte[]) also.

It's not recommended, but you can perform thread-blocking encryption also:

String result = secureStorage
    .encryptString("string to encrypt")
    .blockingGet();

secureStorage
    .decryptString("9yIfhiwf3eDENxI1XG/XWYZOPc5RH6B9ez9y7I7BtEsig==")
    .observeOn(AndroidSchedulers.mainThread())
    .subscribe(result -> {
        // Use the resulting string
    },
    error -> {
        // Handle error
    });

You can replace .decryptString(String) with .decrypt(byte[]) also.

It's not recommended, but you can perform thread-blocking decryption also:

String result = secureStorage
    .decryptString("9yIfhiwf3eDENxI1XG/XWYZOPc5RH6B9ez9y7I7BtEsig==")
    .blockingGet();

You can save encrypted data in local secure storage:

secureStorage.putString("key", "hello, world!").subscribe();

And retrieve it later:

secureStorage
    .getString("key")
    .subscribe(
        latest -> {
          // preference was changed, here's the latest decryped value
        });

Retrievla returns an observable, which receives emissions with every put. You should manage the subscription to this observable on your end and unsubscribe when necessary.