I am new in Android Security. I have used Androidkeystore to save application secrets. For getting the saved key from Android keystore, I need to pass everytime alias key what I have passed before at the time of encryption. So, My question is, I also wanted to safely save that alias key. So, no one key see the alias key by reviewing code. Please help me out.
No need to hide alias key. It points to unique memory location at keystore for each installation/after clear caches. Well, if someone know about your alias, still they will not know about the key which is saved in keystore. Also keystore can not be accessed from outside of app/ or any third party tool. So, we can say, your data will be secured even others know your alias.