Android

If you can’t use authenticated encryption like AES+GCM, this article will show how and why to use AES+CBC with Ecrypt-then-Mac with HMAC.

In this article I will show you how to strengthen ProGuard’s name obfuscation, making it harder for an attacker the reverse engineer your…

When starting a new project, all the Proguard configuration goes into that single proguard-rules.pro file. This is fine for the beginning…

In this article I will show you how we adapted our logging strategy to a massively grown project structure. In the first part I will go…

SLF4J binding for Timber - a logger with a small, extensible API which provides utility on top of Android`s normal Log class.

A shared preference implementation for confidential data in Android. Per default uses AES-GCM, BCrypt and HKDF as cryptographic primitives. Uses the concept of device fingerprinting combined with optional user provided passwords and strong password hashes.

This was originally posted as an answer to the question “Android: How to programmatically access the device serial number shown in the AVD manager (API Version 8)” on stackoverflow.com.

This was originally posted as an answer to the question “Android Studio 3.0 Error. Migrate dependency configurations for local modules” on stackoverflow.com.

My personal developer account on Google Play Store. Most Apps are Demo Apps for various OSS Android libraries with no active development since around 2018.

My bog post “Security Best Practices: Symmetric Encryption with AES in Java and Android” was mentioned in the AndroidDev Digest newsletter.

Under the Hood is a flexible and powerful Android debug view library. It uses a modular template system that can be easily extended to your needs, although coming with many useful elements built-in.

This was originally posted as an answer to the question “How to Sign an Already Compiled Apk” on stackoverflow.com.

This was originally posted as an answer to the question “How to sign an android apk file” on stackoverflow.com.

A cli tool that helps signing and zip aligning single or multiple Android application packages (APKs) with either debug or provided release certificates. It supports v1, v2 and v3 Android signing scheme has an embedded debug keystore and auto verifies after signing.

A crash recovery library for Android. It allows tracking and handling crashes with different rules for debugging and production.