[guardian-dev] Signal switches to SQLCipher, with Android KeyStore

VanitasVitae vanitasvitae at riseup.net
Wed Mar 28 15:07:15 EDT 2018


Is there a TL;DR on how they manage to decrypt messages before the database gets unlocked?
They need to have the keys accessible somewhere right?

Vanitasvitae

Am 28. März 2018 21:02:17 MESZ schrieb Hans-Christoph Steiner <hans at guardianproject.info>:
>
>So Signal just switched from its custom encrypted store to good ol'
>android-database-sqlcipher, which is lovingly maintained by Zetetic:
>
>https://github.com/signalapp/Signal-Android/commit/f36b296e2ed211893835372513da57bb135c52c1
>
>Its a good example for hooking up SQLCipher to the Android KeyStore
>API.
>
>.hc
>
>
>-- 
>PGP fingerprint: EE66 20C7 136B 0D2C 456C  0A4D E9E2 8DEA 00AA 5556
>https://pgp.mit.edu/pks/lookup?op=vindex&search=0xE9E28DEA00AA5556
>_______________________________________________
>List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev
>To unsubscribe, email:  guardian-dev-unsubscribe at lists.mayfirst.org

-- 
Diese Nachricht wurde von meinem Android-Mobiltelefon mit K-9 Mail gesendet.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mayfirst.org/pipermail/guardian-dev/attachments/20180328/08523c1f/attachment.html>


More information about the guardian-dev mailing list