From your comments, you need to encrypt data using a local key for current Android versions and the old ones

根据您的评论，您需要使用当前 Android 版本和旧版本的本地密钥加密数据

Android Keystoreis designed to generate and protect your keys. But it is not available for API level below 18 and it has some limitations until API level 23.

Android Keystore旨在生成和保护您的密钥。但是它不适用于低于 18 的 API 级别，并且在 API 级别 23 之前它有一些限制。

You will need a random symmetric encryption key, for example AES. The AES key is used to encrypt and decrypt you data. I'm going to summarize your options to generate and store it safely depending on Android API level.

您将需要一个随机对称加密密钥，例如 AES。AES 密钥用于加密和解密您的数据。我将总结您根据 Android API 级别安全生成和存储它的选项。

• API Level < 18: Android Keystore not present. Request a password to the user, derive an encryption key from the password, The drawback is that you need to prompt for the password when application starts. The encryption key it is not stored in the device. It is calculated each time when the application is started using the password

• API Level >=18 <23: Android Keystore available without AES support. Generate a random AES key using the default cryptographic provider (not using AndroidKeystore). Generate a RSA key pair into Android Keystore, and encrypt the AES key using RSA public key. Store encrypted AES key into Android SharedPreferences. When application starts, decrypt the AES key using RSA private key

• API Level >=23: Android Keystore available with AES support. Generate a random AES key using into Android Keystore. You can use it directly.

• API 级别 < 18：Android 密钥库不存在。向用户请求密码，从密码推导出加密密钥，缺点是需要在应用程序启动时提示输入密码。加密密钥不存储在设备中。每次启动应用程序时使用密码计算

• API 级别 >=18 <23：Android Keystore 可用，无需 AES 支持。使用默认加密提供程序（不使用 AndroidKeystore）生成随机 AES 密钥。生成 RSA 密钥对到 Android Keystore 中，并使用 RSA 公钥对 AES 密钥进行加密。将加密的 AES 密钥存储到 Android SharedPreferences 中。应用程序启动时，使用 RSA 私钥解密 AES 密钥

• API 级别 >=23：支持 AES 的 Android 密钥库。使用到 Android Keystore 生成随机 AES 密钥。您可以直接使用它。

To encrypt to can use AES/CBC/PKCS7Paddingalgorithm. It requires also a random initialization vector (IV) to encrypt your data, but it can be public.

加密可以使用AES/CBC/PKCS7Padding算法。它还需要一个随机初始化向量 (IV) 来加密您的数据，但它可以是公开的。

Alternatives:

备择方案：

• API level >14: Android Key Chain: KeyChain is a system-wide credential storage. You can install certificates with private keys that can be used by applications. Use a preinstalled key to encrypt/decrypt your AES key as shown in the second case above.

• External token: The protected keys are not stored in the device. You can use an external token containing a private/public key pair that allows you to encrypt the AES key. The token can be accesed using bluetooth or NFC

• API 级别 >14：Android Key Chain：KeyChain 是系统范围的凭证存储。您可以使用可由应用程序使用的私钥安装证书。使用预安装的密钥来加密/解密您的 AES 密钥，如上面的第二种情况所示。

• 外部令牌：受保护的密钥不存储在设备中。您可以使用包含允许您加密 AES 密钥的私有/公共密钥对的外部令牌。可以使用蓝牙或 NFC 访问令牌

You cannot place the encryption key inside your apk file. You may want to keep it in a remote server and decrypt using server. Or you may make it difficult for others by encoding the key and keeping it in non-obvious places. But there's no bullet proof solution for this.

您不能将加密密钥放在您的 apk 文件中。您可能希望将其保存在远程服务器中并使用服务器解密。或者，您可能会通过对密钥进行编码并将其保存在不明显的地方而让其他人感到困难。但是对此没有防弹解决方案。

There is no way to securely save your private api keys into code. But you can use NDK to securely save private keys. It is not trivial to get key from NDK. Secue Key With NDK Example

没有办法将您的私有 api 密钥安全地保存到代码中。但是您可以使用 NDK 来安全地保存私钥。从 NDK 获取密钥并非易事。使用 NDK 示例保护密钥

You can use Android Keystore system to store and retrieve sensitive information. Read this 5 minute article to understand how it works. Using the Android Keystore system to store and retrieve sensitive information

您可以使用 Android Keystore 系统来存储和检索敏感信息。阅读这篇 5 分钟的文章，了解它是如何工作的。 使用Android Keystore系统存储和检索敏感信息