How to securely share data between two or more applications in android? - McMap

About

How to securely share data between two or more applications in android?

Asked 30/3, 2016 at 7:43 Answered 30/3, 2016 at 8:3

android android-contentprovider keychain android-contentresolver android-security

C

1

8

I am making an application framework for the enterprise environment which involves data sharing between two or more applications from the device memory. This data needs to be stored on the device and accessible to only a few applications (which can be identified by the certificates used to install them). Also, it needs to be stored in a secure way so as to be not accessible to other third party applications . Which is the best way to implement this functionality ?

I have read up about ContentProviders and ContentResolvers which to my understanding only facilitate this process . The actual storage of data is what is more important .I have also looked into the Keychain API of Android which seems to be the closest to what I need to achieve.

Is there a way to integrate ContentProviders and ContentResolvers with Keychain APIs ? Is this the correct way to do so ? If not , what is the best way to achieve the same? Also, I haven't been able to find good code samples to completely understand the functioning of the Keychain API. Please Help!

Edit :
I've also looked at the Keystore API. This internally uses the Keychain API and for sharing data between applications, Keychain should be used. Though I haven't been able to find code samples for the same or a detailed documentation or API guide on how to use the Keychain API. I am looking for an android equivalent of the iOS Keychain.

Something known as managed profiles has also been introduced in Android 5 . Is this the correct way to acheive what I am trying to do ?

Crumley answered 30/3, 2016 at 7:43 Comment(6)

What you have did so far? – Mezoff 30/3, 2016 at 7:44

@Mezoff , I've edited the question and added links. Can you help ? – Crumley 31/3, 2016 at 5:32

did you solve this? I am also looking for a similar thing. – Streusel 26/3, 2018 at 7:21

How did you end up resolving this? – Macrophage 27/10, 2019 at 20:18

@KeyaMadhukar are you able to get it through? Managed profiles is not the best option to use as it got deprecated in API 29. I also want to implement similar to this, but wasn't able to find some good samples on Keychain. Any help is much appreciated. – Poussin 25/2, 2020 at 10:10

@KeyaMadhukar Were you able to find a solution to the problem? It would be really helpful if you can share the same with others. Thank you. – Alesha 24/5, 2021 at 21:59

I

2

You have to declare your applications with the same sharedUserId, like:

<manifest xmlns:android="http://schemas.android.com/apk/res/android"
    package="com.mydomains.myapp"
    android:sharedUserId="com.mydomains.shared.user.id"
    android:sharedUserLabel="@string/appName">

In this case all data stored in private storage of both apps will be available to each other (supposed they have signed with the same signature)

As read manual:

sharedUserId: The name of a Linux user ID that will be shared with other applications. By default, Android assigns each application its own unique user ID. However, if this attribute is set to the same value for two or more applications, they will all share the same ID — provided that they are also signed by the same certificate. Application with the same user ID can access each other's data and, if desired, run in the same process.

Idiocy answered 30/3, 2016 at 8:3 Comment(4)

Shared user Ids have certain limitations some of which are mentioned int the link Also, my main concern is not how to make the data accessible, but more on how is should be stored (SharedPreferences vs file in Internal or External storage vs sqlite DB vs on the server ) developer.android.com/guide/topics/data/data-storage.html – Crumley 30/3, 2016 at 10:52

My application was published already with out android:sharedUserId, now I want to share the data for my new app, how can I do this? Do you know what's default value of android:sharedUserId if we didn't set? – Rations 15/8, 2017 at 11:8

If you will set sharedUserId for new version of your old app - your users won't be able to automatically update your app - it's significant problem, so just keep it in mind before setting sharedUserId – Idiocy 15/8, 2017 at 11:14

As of API Level 29, sharedUserId is deprecated. developer.android.com/guide/topics/manifest/… – Campania 5/12, 2023 at 2:11

Recommended topics

#Godot #Unity #Godot 4.X #Mongodb

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

© 2022 - 2024 — McMap. All rights reserved.