Android 安全开发涉及多个层面,包括应用层(Kotlin/Java)、系统层、数据存储、网络通信、权限管理、代码混淆与反逆向等
Android 安全开发涉及多个层面,包括应用层(Kotlin/Java)、系统层、数据存储、网络通信、权限管理、代码混淆与反逆向等。在 Kotlin 和 Java 中进行 Android 安全编码时,需重点关注以下核心实践:
✅1. 权限安全
- 动态申请危险权限(
ActivityCompat.requestPermissions/ActivityResultLauncher) - 避免在
AndroidManifest.xml中过度声明权限(如REQUEST_IGNORE_BATTERY_OPTIMIZATIONS需明确业务必要性) - 使用
android:permission保护自定义组件(如BroadcastReceiver)
✅2. 数据存储安全
- 敏感数据禁用
SharedPreferences明文存储 → 改用EncryptedSharedPreferences(Jetpack Security Crypto) - 数据库加密:使用
SQLCipher或Room+SQLCipher;避免getDatabasePath()暴露路径 Internal Storage默认私有,但MODE_WORLD_READABLE/WRITEABLE(已废弃)绝对禁用
✅3. 网络安全
- 强制启用
android:usesCleartextTraffic="false"(API 28+ 默认为 false) - 使用
Network Security Config(res/xml/network_security_config.xml)配置证书固定(Certificate Pinning) - OkHttp 中集成
CertificatePinner,防止中间人攻击
✅4. WebView 安全
- 禁用
setJavaScriptEnabled(true)除非绝对必要;若启用,必须同时禁用setAllowFileAccess(false)、setAllowContentAccess(false) - 使用
WebViewClient.shouldOverrideUrlLoading()防止外部浏览器劫持 - Kotlin 示例(安全初始化 WebView):
webView.settings.apply{javaScriptEnabled=falseallowFileAccess=falsedomStorageEnabled=falsedatabaseEnabled=false}✅5. 代码与资源防护
- 启用 R8/ProGuard:
minifyEnabled true+shrinkResources true,移除调试日志(Log.d等) - 敏感字符串(如 API Key)禁止硬编码 → 使用构建变量或安全密钥管理服务(如 Android Keystore +
KeyGenParameterSpec.Builder) - Keystore 示例(Kotlin 生成 AES 密钥):
valkeyStore=KeyStore.getInstance("AndroidKeyStore").apply{load(null)}valkeyGenerator=KeyGenerator.getInstance(KeyProperties.KEY_ALGORITHM_AES,"AndroidKeyStore")keyGenerator.init(KeyGenParameterSpec.Builder("my_key",KeyProperties.PURPOSE_ENCRYPTorKeyProperties.PURPOSE_DECRYPT).setBlockModes(KeyProperties.BLOCK_MODE_GCM).setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_NONE).setKeySize(256).build())keyGenerator.generateKey()✅6. 组件暴露风险
Activity/Service/BroadcastReceiver/ContentProvider默认exported="false"(Android 12+ 强制要求显式声明)ContentProvider若需导出,务必设置android:permission并校验调用方 UID/PID
⚠️ 注意:Kotlin 与 Java 在安全逻辑上无本质差异,但 Kotlin 的空安全(?/!!)、不可变集合(listOf())、作用域函数(let/run)可减少 NPE 和误用风险,提升代码健壮性。
// ✅ 安全读取加密 SharedPrefs(Jetpack Security)valmasterKey=MasterKey.Builder(context).setKeyScheme(MasterKey.KeyScheme.AES256_GCM).build()valencryptedPrefs=EncryptedSharedPreferences.create(context,"secret_prefs",masterKey,EncryptedSharedPreferences.PrefKeyEncryptionScheme.AES256_SIV,EncryptedSharedPreferences.PrefValueEncryptionScheme.AES256_GCM)android.security Kotlin |Java
Provides access to a few facilities of the Android security subsystems.
Interfaces
KeyChainAliasCallback The KeyChainAliasCallback is the callback for KeyChain#choosePrivateKeyAlias.
Classes
AttestedKeyPair The AttestedKeyPair class contains a KeyPair instance of keys generated by Keystore and owned by KeyChain, as well as an attestation record for the key.
ConfirmationCallback Callback class used when signaling that a prompt is no longer being presented.
ConfirmationPrompt Class used for displaying confirmation prompts.
ConfirmationPrompt.Builder A builder that collects arguments, to be shown on the system-provided confirmation prompt.
FileIntegrityManager This class provides access to file integrity related operations.
KeyChain The KeyChain class provides access to private keys and their corresponding certificate chains in credential storage.
KeyPairGeneratorSpec This class was deprecated in API level 23. Use KeyGenParameterSpec instead.
KeyPairGeneratorSpec.Builder This class was deprecated in API level 23. Use KeyGenParameterSpec.Builder instead.
KeyStoreParameter This class was deprecated in API level 23. Use KeyProtection instead.
KeyStoreParameter.Builder This class was deprecated in API level 23. Use KeyProtection.Builder instead.
NetworkSecurityPolicy Network security policy.
Exceptions
ConfirmationAlreadyPresentingException This exception is thrown when presenting a prompt fails because another prompt is already being presented.
ConfirmationNotAvailableException This exception is thrown when presenting a prompt fails because the the environment lacks facilities for showing confirmations.
KeyChainException Thrown on problems accessing the KeyChain.