[guardian-dev] Writing about SQLCipher

Nathan of Guardian nathan at guardianproject.info
Sun Feb 12 12:38:03 EST 2012


On 02/11/2012 05:35 PM, Mark Murphy wrote:
> I am interested in adding a section on SQLCipher to one of my books on
> Android application development, along with a sample app.

Great! I am cc'ing Nick and Stephen from Zetetic, who maintain SQLCipher
core, and are fully involved in the Android edition, as well. I am going
to answer, but hopefully they will chime in, as well, to enhance or correct.

> Two and a half questions:
> 1. Should I wait until SQLCipher 2.0, or will that be similar enough
> to SQLCipher 1.1 that it'd be reasonable for me to go ahead with
> covering 1.1?

I think what we have shipped right now, especially the recent ICS
update, is good enough that we want people to be spreading the word.
SQLCipher 2 is mostly under the cover improvements around cryptography
and performance, and very little will change from a developer standpoint.

> 2. Has there been any progress on "some dialog builder helper methods
> for password and PIN input, password caching, and other features that
> we would like to standardize across all applications that use
> 2.b. If the answer to #2 is "not really", are there any design notes,
> specific things out of Notepadbot, or any other pointers, in case I
> wanted to put something together myself?

The only progress we have made on this is through our NoteCipher sample
app, which has some best practices helper code in it. You can start by
looking here:
https://github.com/guardianproject/notepadbot/blob/master/src/info/guardianproject/notepadbot/NoteCipher.java#L149

We also have some much grander R&D going on related to key storage and
management across devices, that includes some potential work in this
area over the next three months. However, currently we are mostly
focused on OpenPGP and OTR, and not SQLCipher as much.

http://guardianproject.info/wiki/PSST

Thanks again, and glad to have your valuable support and interest!

+n


More information about the Guardian-dev mailing list