Skip to main content

Storage | Android Document Scanner

Since version 1.39.0 the Scanbot SDK for Android uses the internal storage by default. All files generated by the Scanbot SDK (images, PDF files, thumbnails, temp files, etc.) are stored in the application data directory. Using the internal storage provides the following benefits:

  • all stored files are accessible by only your app
  • does not require storage permission prompts for your users.
tip

For more details about the Android file storage system we highly recommend checking out:

Change the default storage directory#

It is strongly recommended to use the internal storage. However, you can override the default storage directory of the Scanbot SDK on initialization. The ScanbotSDKInitializer class provides the method sdkFilesDirectory(Application application, File sdkFilesDirectory) which allows you to change the default storage directory.

Example:

import io.scanbot.sdk.ScanbotSDKInitializer
    ...
    // Example for using a sub-folder in the external(!) storage:    val customStorageDir = File(getExternalFilesDir(null), "my-custom-storage-dir")    customStorageDir.mkdirs()
    ScanbotSDKInitializer()        .sdkFilesDirectory(this, customStorageDir)        ...        .initialize(this)
caution

When overriding the default storage location, make sure

  • you have implemented suitable storage permissions request handling
  • the storage directory is available (e.g. unmounted SD card).

Enable page storage encryption#

By default encryption for image and PDF files is disabled.

The Scanbot SDK provides the ability to encrypt all stored images and PDF files in the SDK app folder.

To accomplish this you have to follow these steps:

  1. Add the Scanbot SDK Crypto Persistence library to your app dependencies
implementation("io.scanbot:sdk-crypto-persistence:VERSION")
  1. Enable files encryption in ScanbotSDKInitializer
ScanbotSDKInitializer()    // ...    .useFileEncryption(true)    .initialize(this)

Default Encryptor implementation uses AndroidX Crypto solution under the hood. More info can be found here: https://developer.android.com/topic/security/data The files encryptor uses the AES256_GCM_HKDF_4KB file encryption scheme. More info can be found here: https://developer.android.com/reference/kotlin/androidx/security/crypto/EncryptedFile.FileEncryptionScheme

caution

security-crypto AndroidX library is still in development and has an Alpha version

Also, Scanbot SDK provides a custom AES based encryption solution io.scanbot.sdk.persistence.fileio.AESEncryptedFileIOProcessor. To enable it you have to set it in the SDK initializer in the useFileEncryption() method:

.useFileEncryption(true, AESEncryptedImageFileIOProcessor("any_user_password", AESEncryptedFileIOProcessor.AESEncrypterMode.AES256))

AESEncryptedImageFileIOProcessor exposes as public initial salt, iterations count and IV (initialization vector) values and the generated key:

val scanbotSDK = ScanbotSDK(context)val aesEncryptedFileIOProcessor = scanbotSDK.fileIOProcessor() as AESEncryptedFileIOProcessor
val generatedKey = aesEncryptedFileIOProcessor.keyval initialSalt = aesEncryptedFileIOProcessor.saltval initialIterationCounts = aesEncryptedFileIOProcessor.iterationCountval initialIV = aesEncryptedFileIOProcessor.initializationVector
caution

AESEncryptedFileIOProcessor does not save the password in secure storage between app sessions, so you have to implement this yourself and reuse it for SDK initialization.

The Scanbot SDK allows setting up a completely custom encryption implementation. To do this you have to implement the io.scanbot.sdk.persistence.fileio.FileIOProcessor interface and pass it to the useFileEncryption(true, your_file_io_processor) method.

An instance of FileIOProcessor will be available during the app session and the user can use it to read and copy decrypted images, PDF files and Bitmaps. For example:

val scanbotSDK = ScanbotSDK(context)val decryptedImageBitmap: Bitmap = scanbotSDK.fileIOProcessor().readImage(source: File, options: BitmapFactory.Options? = null)