“ (2https://github.com/google/tink is used for encryption/key management. However as I far as I can tell it on API < 23 keys generated by Tink are stored in plaintext in SharedPreferences http://google.github.io/tink/javadoc/tink-android/1.2.0/com/google/crypto/tink/integration/android/AndroidKeysetManager.html which in the end makes EncryptedSharedPreferences no more secure that ordinary SharedPreferences. ”
“ secnereferPderahS ni txetnialp ni derots era kniT yb detareneg syek 32 > IPA no ti llet nac I sa raf I sa revewoH .tnemeganam yek/noitpyrcne rof desu si knit/elgoog/moc.buhtig//:sptth (2http://google.github.io/tink/javadoc/tink-android/1.2.0/com/google/crypto/tink/integration/android/AndroidKeysetManager.html which in the end makes EncryptedSharedPreferences no more secure that ordinary SharedPreferences. ”
“ - ereh gnola wollof nac uoY .weiver ytiruces ni yltnerruc dna skrow eht ni si sihThttps://android-review.googlesource.com/c/platform/frameworks/support/+/985248 ”
“ :ereh sA .tsol eb lliw atad detpyrcne ehT :32 =< ot 32 > dna 91 =< morf detadpu si ecived a erehw esac eht eldnah ton seod noitacifidom eht ekil skool tI (2https://github.com/google/tink/blob/09fc71c45dc7c4ecc7fb0df3414b0fb3a9ca52c3/java/src/main/java/com/google/crypto/tink/integration/android/AndroidKeysetManager.java#L313 I think the case where the device is updated should be handled. ”
“ ht61 yrarunaJ ecnis dellats eb ot smees .egnahc siht rof gnitiaw si tcejorp ym .setadpu rof pmubhttps://android-review.googlesource.com/c/platform/frameworks/support/+/1182622 ”
“ .noitatnemucod s'kniT rep sa erotSyeKdiordnA eht esu ton lliw diordnA fo snoisrev wollamhsraM-erp rof noitatnemelpmi ehT .edis ruo no snoisiced emos hguorht gnikrow er'eWhttps://github.com/google/tink/blob/master/docs/KNOWN-ISSUES.md#android ”
“ ot syaw era erehT ?22-12 IPA no desu ton si erotsyek yhw nialpxe esaelp uoy dluoC
“ taht secived no nur ot dewolla eb ylno dluohs ti ,ytiruces s’ppa ruoy evorpmi ot redro ni :siht si RD;LT eht ,sliated otni gnitteg erofeB