ishangsf/rspec
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Modify rule S6291[java]: Add Java examples

Browse Source
This commit is contained in:
Quentin Jaquier 2021-09-28 15:31:11 +02:00 committed by quentin-jaquier-sonarsource
parent fcb6b521e8
commit 92c23dd5a0
1 changed files with 52 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

53
rules/S6291/java/rule.adoc
View File

@ -4,6 +4,57 @@ include::../ask-yourself.adoc[]
include::../recommended.adoc[]
== Sensitive Code Example
For https://developer.android.com/reference/kotlin/android/database/sqlite/SQLiteDatabase[SQLiteDatabase]:
----
SQLiteDatabase db = activity.openOrCreateDatabase("test.db", Context.MODE_PRIVATE, null); // Sensitive
----
For https://developer.android.com/training/data-storage/shared-preferences[SharedPreferences]:
----
SharedPreferences pref = activity.getPreferences(Context.MODE_PRIVATE); // Sensitive
----
For https://docs.mongodb.com/realm/[Realm]:
----
RealmConfiguration config = new RealmConfiguration.Builder().build();
Realm realm = Realm.getInstance(config); // Sensitive
----
== Compliant Solution
Instead of SQLiteDatabase you can use https://www.zetetic.net/sqlcipher/sqlcipher-for-android/[SQLCipher]:
----
SQLiteDatabase db = SQLiteDatabase.openOrCreateDatabase("test.db", getKey(), null);
----
Instead of SharedPreferences you can use https://developer.android.com/reference/androidx/security/crypto/EncryptedSharedPreferences[EncryptedSharedPreferences]:
----
String masterKeyAlias = new MasterKeys.getOrCreate(MasterKeys.AES256_GCM_SPEC);
EncryptedSharedPreferences.create(
"secret",
masterKeyAlias,
context,
EncryptedSharedPreferences.PrefKeyEncryptionScheme.AES256_SIV,
EncryptedSharedPreferences.PrefValueEncryptionScheme.AES256_GCM
);
----
For Realm an encryption key can be specified in the config:
----
RealmConfiguration config = new RealmConfiguration.Builder()
.encryptionKey(getKey())
.build();
Realm realm = Realm.getInstance(config);
----
include::../see.adoc[]
@ -15,4 +66,4 @@ ifdef::env-github,rspecator-view[]
include::../message.adoc[]
endif::env-github,rspecator-view[]
endif::env-github,rspecator-view[]