[guardian-dev] NoteCipher pull request on guthub

Andy Nicholson andy at infiniterecursion.com.au
Mon Jan 14 15:08:01 EST 2013

On 14/01/13 20:24, Nick Parker wrote:
> On 1/13/13 3:25 PM, Andy Nicholson wrote:
>> On 08/01/13 09:15, Abel Luck wrote:
>>> Thanks for the contributions! This app has been quite neglected for
>>> awhile now as we focus our energies on other projects. Just goes to
>>> show that any software project, no how simple or small, needs
>>> continuous love and care. As FOSS project we shouldn't have to say
>>> this, but we love contributions from the community :D Looks like n8fr8
>>> is managing your pull request on git. Hopefully we can get that
>>> compatibility issue sorted out. If you're willing to take it further,
>>> by all means! ~abel
>> Hi
>> As n8fr8 mentions on Github [1] there is the issue of the previous
>> version's database, and importing the old notes.
>> As it stands, the "v2" code changes the package name, so its technically
>> a completely different application, and as such we can't get access to
>> the sqlite file inside the previous versions' data directory. The
>> package name went from "info.guardianproject.notepadbot" to
>> "info.guardianproject.notecipher". This also means the two apps (with
>> the same icon and name) are going to live side by side with each other.
>> I see three options:
>> 1/ You could export the sqlite database to a /sdcard location inside the
>> old version, and import this inside the "v2" application.
>> This requires publishing one more version of the old version of
>> NoteCipher to add the "export db" option.
>> This process isnt automatic either - the "v2" application will require
>> the user to manually open up the old version of NoteCipher and export
>> the db to the sdcard.
>> however, it works, and I have most of the code finished as a proof of
>> concept.
>> 2/ You could possibly use the "android:sharedUserId" [2] which allows
>> apps to read/write each others data directories (apparently)
>> This would at least require one more version of the old version to be
>> published presumably, so it gets knowledge of the new user id its
>> process runs under. Its probably the user would need to run it at least
>> once so its database file gets chown'd to the new userid.
>> 3/ You could revert back to the old version's package name , so you can
>> open the old database file directly and do the import automatically.
>> Any other thoughts on how to move forward? Was it always the intention
>> to create a separate, new app for the next version?
>> [1] https://github.com/guardianproject/notepadbot/pull/10
>> [2]
>> http://developer.android.com/guide/topics/manifest/manifest-element.html#uid
>> regards
>> Andy
>> _______________________________________________
>> Guardian-dev mailing list
>> Post: Guardian-dev at lists.mayfirst.org
>> List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev
>> To Unsubscribe
>>         Send email to:  Guardian-dev-unsubscribe at lists.mayfirst.org
>>         Or visit:
>> https://lists.mayfirst.org/mailman/options/guardian-dev/nparker%40zetetic.net
>> You are subscribed as: nparker at zetetic.net
> Hi Andy,
> The newer versions of SQLCipher for Android are in fact compatible with
> the older SQLCipher (i.e., 1x format) database files.  In order to
> access a 1x database file using the 2.0+ version(s) of SQLCipher for
> Android, you must disable the per page HMAC checking with a
> SQLiteDatabaseHook like so:
> SQLiteDatabase.openOrCreateDatabase(file, password, null, new
> SQLiteDatabaseHook(){
>    public void preKey(SQLiteDatabase database) {
>                  database.rawExecSQL("PRAGMA cipher_default_use_hmac = OFF");
>    }
>    public void postKey(SQLiteDatabase database) {}
> });
> You could also upgrade the database file to the new format using the
> SQLiteDatabase.upgradeDatabaseFormatFromVersion1To2(file, password) API.
Hi Nick

Thanks for that info - good to know - but im not sure this is the issue. 
The versions I was referring it my email were the versions of the 
NoteCipher application itself, not SQLCipher.
I was able to extract a encrypted sqlite db file from v1 NoteCipher and 
open it up using my password, using cmdline SQLCipher (latest version 
from github) without using the above HMAC stuff.

As the code is written in the "v2" branch on github at the moment, the 
NoteCipher application is in fact a completely independent application 
from v1.
  That is, if published via the google play store, it would not be seen 
as an upgrade by the existing users, it wont be able to access any of 
the data from the previous application install etc. This last issue is 
what is making the upgrade from v1 to v2 of NoteCipher an issue - we 
just need access to the actual bits of the sqlite file itself.  I could 
be wrong about this obviously but i'm almost sure :)


More information about the Guardian-dev mailing list