Encryption on Android devices

1) I am wondering if the Android SDK has already predefined encryption functions or if one would have to write this all from scratch?

2) Suppose you have classes for encryption, either written by yourself or provided by the SDK, how to make sure, that the content of the RAM (that contains the key in plaintext) is never written to the permanent storage of the android device? I guess if too much RAM is used, there's some kind of swapping, besides that there are te开发者_C百科chniques like HTC's fastboot that write the whole content to the storage if I am not wrong? Any chance to prevent the RAM content for your software being saved on a permanent storage? Or is there maybe some kind of event before the RAM content is written to the permanenent storage, so one could wipe the key before that?

Thanks you very much for any hint!

---

1) I am wondering if the Android SDK has already predefined encryption functions or if one would have to write this all from scratch?

You can do it with Java Cryptography Architecture (JCA). Mainly it is the javax.crypto.* package. Here is the JCA Reference Guide.

Also, this example may be helpful.

As to the second question - I just have not much to say. The only idea is to not keep a handle on the sensetive objects for long. Create per each need, use and nullify it as soon as used. Don't ever put into a static context.