How to store key-values in KMP in the secure way
Along time ago I had an Android app as a pet project. And last year I decided to created the iOS version of the application. The best option for me was to use KMP technology since it allowed me to keep the UI part almost as it was, refactor the modules which contain the business logic, replace JVM dependencies with their analogues in pure Kotlin (or implement expect/actual mechanism) and create the UI part for the iOS.
I stored the key-value data in SharedPreferences and I wanted to find some similar solution but for KMP. Luckily, there’s such a library — multiplatform-settings. One of the biggest pros for me was that it can use default SharedPreferences which I already had in the Android app. So, you shouldn’t overthink data migration. Here’s the way how I implemented it.
In common sourceSet:
In android sourceSet:
So, as you can see, Settings is just a wrapper over SharedPreferences in the Android part.
In the iOS part there’s nothing complicated too — Settings wrap old-good NSUserDefaults.
Again, using this library you shouldn’t worry about the data migration, since the app still uses same data sources. But is there any way to store the data in the secure way and still use this library? Sure, and here’s the way how you can do it. In the Android it’s more secure to use EncryptedSharedPreferences than default implementation of SharedPreferences. Since EncryptedSharedPreferences still implements SharedPreferences interface, you can rewrite the Android part of your code in the following way:
In iOS secure data can be stored in the keychain
At the end, I’d also like to share my experience with you in migration from default key-value storage to more secure implementation in each platform. I had some values, which had to be stored in the secure way. Since the library doesn’t provide any migration mechanism out of the box, here’s the way how I solved this issue — I modified the way of retrieving encrypted preferences (Keychain) in the following way:
In common sourceSet nothing was changed
In android sourceSet now code looks like this:
and here’s the iOS part:
Hope, that this article would help you!
Thank you for reading! Feel free to ask questions and leave the feedback in comments or Linkedin.
