[guardian-dev] NoteCipher pull request on guthub

Nick Parker nparker at zetetic.net
Mon Jan 14 14:24:37 EST 2013

On 1/13/13 3:25 PM, Andy Nicholson wrote:
> On 08/01/13 09:15, Abel Luck wrote:
>> Thanks for the contributions! This app has been quite neglected for
>> awhile now as we focus our energies on other projects. Just goes to
>> show that any software project, no how simple or small, needs
>> continuous love and care. As FOSS project we shouldn't have to say
>> this, but we love contributions from the community :D Looks like n8fr8
>> is managing your pull request on git. Hopefully we can get that
>> compatibility issue sorted out. If you're willing to take it further,
>> by all means! ~abel
> Hi
> As n8fr8 mentions on Github [1] there is the issue of the previous
> version's database, and importing the old notes.
> As it stands, the "v2" code changes the package name, so its technically
> a completely different application, and as such we can't get access to
> the sqlite file inside the previous versions' data directory. The
> package name went from "info.guardianproject.notepadbot" to
> "info.guardianproject.notecipher". This also means the two apps (with
> the same icon and name) are going to live side by side with each other.
> I see three options:
> 1/ You could export the sqlite database to a /sdcard location inside the
> old version, and import this inside the "v2" application.
> This requires publishing one more version of the old version of
> NoteCipher to add the "export db" option.
> This process isnt automatic either - the "v2" application will require
> the user to manually open up the old version of NoteCipher and export
> the db to the sdcard.
> however, it works, and I have most of the code finished as a proof of
> concept.
> 2/ You could possibly use the "android:sharedUserId" [2] which allows
> apps to read/write each others data directories (apparently)
> This would at least require one more version of the old version to be
> published presumably, so it gets knowledge of the new user id its
> process runs under. Its probably the user would need to run it at least
> once so its database file gets chown'd to the new userid.
> 3/ You could revert back to the old version's package name , so you can
> open the old database file directly and do the import automatically.
> Any other thoughts on how to move forward? Was it always the intention
> to create a separate, new app for the next version?
> [1] https://github.com/guardianproject/notepadbot/pull/10
> [2]
> http://developer.android.com/guide/topics/manifest/manifest-element.html#uid
> regards
> Andy
> _______________________________________________
> Guardian-dev mailing list
> Post: Guardian-dev at lists.mayfirst.org
> List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev
> To Unsubscribe
>        Send email to:  Guardian-dev-unsubscribe at lists.mayfirst.org
>        Or visit:
> https://lists.mayfirst.org/mailman/options/guardian-dev/nparker%40zetetic.net
> You are subscribed as: nparker at zetetic.net

Hi Andy,

The newer versions of SQLCipher for Android are in fact compatible with
the older SQLCipher (i.e., 1x format) database files.  In order to
access a 1x database file using the 2.0+ version(s) of SQLCipher for
Android, you must disable the per page HMAC checking with a
SQLiteDatabaseHook like so:

SQLiteDatabase.openOrCreateDatabase(file, password, null, new
  public void preKey(SQLiteDatabase database) {
                database.rawExecSQL("PRAGMA cipher_default_use_hmac = OFF");
  public void postKey(SQLiteDatabase database) {}

You could also upgrade the database file to the new format using the
SQLiteDatabase.upgradeDatabaseFormatFromVersion1To2(file, password) API.

Nick Parker

More information about the Guardian-dev mailing list