Android Question Write Encrypted Object .. Am I missing something ?

[mangojack]

I need to test a password before I allow viewing of a html file.
I have read threads on encryption and storing objects in random access files ,but I just don't get how this solves the problem if someone was to decompile the app and read code ? ... ie,

Dim MyPassword As String  ' = "ABC123"  ... OK This is Removed !

'And This  ...
' Dim raf As RandomAccessFile
  ' raf.Initialize(File.DirInternal, "1.dat", False)
  ' raf.WriteEncryptedObject(MyPassword, "some secret password", raf.CurrentPosition)
  ' raf.Close
 
     Dim raf As RandomAccessFile
     raf.Initialize(File.DirInternal, "1.dat", False)
     MyPassword = raf.ReadEncryptedObject("some secret password", raf.CurrentPosition)
   raf.Close

   If  MyPassword = "ABC123" Then ....   ' @@@   isnt this defeating the purpose  ???
     'Open the Safe

Is it just a case of compiling / releasing obfuscated that solves this ?

Thanks and Regards mj

 

[Erel]

What is the purpose of MyPassword?

The important password in the code above is: "some secret password" string.

You can ask the user to enter the password and use the user password to encrypt / decrypt the data.

 

[mangojack]

Thanks Erel .. all makes sense now.

just to confirm , I am writing a user password to the file as "Param" and then removing that code block from project.

Then .. in Globals I have a variable ' uID '

    Dim raf As RandomAccessFile
     raf.Initialize(File.DirInternal, "1.dat", False)
     uID = raf.ReadEncryptedObject("Param", raf.CurrentPosition)
   raf.Close

End Sub

Sub EditText1_EnterPressed
   
   If EditText1.Text = uID Then Log ("Success")
   
End Sub

Thinking as Im typing there is never any need to have any "Passwords" visible in code .. correct

Thanks again Cheers

 

[Erel]

This is one possible approach.