This is a demo project made to demonstrate the usage of Bytemask - Android Gradle Plugin (Read More) by Shreyas Patil
We're used to include our secure credentials as a BuildConfig our gradle configuration files.
android {
productFlavours {
create("release") {
buildConfigField(Int::class.java.simpleName, API_KEY, "\"API KEY VALUE\"")
}
}
}The project is set up to use the SHA-256 certificate from the release build variant, meaning that an reverse-engineerd app instance of this application won't be able to decrypt the credentials.
We're interested in the following code blocks in app/build.gradle configuration.
bytemaskConfig {
// Strings to read from
defaultPropertiesFileName.set("secure.properties")
// Class name for the generated class
className.set("MaskedConfig")
configure("release") {
enableEncryption = true
encryptionKeySource = KeySource.SigningConfig("release")
}
}Next, we just need to store the encryped/masked credentials in secure.properties file
string properties to store our credentials, we won't consider any numeric value or any value type other than string
// secure.properties
API_KEY=ZGVtbzpwQDU1dzByZA==
WHATEVER_SECRET=DJ393kDJ4K12K