The LiteDataVault class provides encrypted storage of occasionally used, small pieces
of data. All exceptions thrown by LiteDataVault methods are of type
LiteDataVaultException.
If you have installed the SybaseDataProvider.apk package, you can use the LiteDataVault
class for on-device persistent storage of certificates, database encryption keys,
passwords, and other sensitive items. Use this class to:
- Create a vault
- Set a vault's properties
- Store objects in a vault
- Retrieve objects from a vault
- Change the password used to access a vault
The contents of the data vault are strongly encrypted using AES-256. The
LiteDataVault class allows you to create a named vault, and specify a password and salt
used to unlock it. The password can be of arbitrarily length and can include any
characters. The password and salt together are used to generate the AES key. If the user
enters the same password when unlocking, the contents are decrypted. If the user enters
an incorrect password, exceptions will occur. If the user enters the incorrect password
a configurable number of times, the vault is deleted and any data stored within it
becomes unrecoverable. The vault can also re-lock itself after a configurable amount of
time.
Typical usage of the LiteDataVault would be to implement an application login screen.
Upon application start, the user is prompted for a password, which is then used to
unlock the vault. If the unlock attempt is successful, the user is allowed into the rest
of the application. User credentials needed for synchronization can also be extracted
from the vault so the user us not repeatedly prompted to re-enter passwords.
The LiteDataVault is a wrapper class of the DataVault class that is used specifically for
the ODP scenario.
Private Data Vault
In addition to this, there is a class PrivateDataVault that belongs to the
com.sybase.persistence package. The advantages of using the private data vault are:
- To securely store data that is specific to an application
- You do not have to install the SybaseDataProvider.apk to use the private
data vault.
The PrivateDataVault class comprises of methods that are identical to the
methods defined in the LiteDataVault class.All exceptions thrown by PrivateDataVault
methods are of type PrivateDataVaultException.