[Ssc-dev] SQLCipher and SSC/Obscura

Harlo Holmes harlo.holmes at gmail.com
Mon May 9 10:30:23 EDT 2011 

Thank you for getting started on the implementation.  I think having the
metadata handler call for a new db implementation is a good idea-- those new
methods are fine, and since only the ImageEditor class makes calls to the
metadata handler, it will be easy to implement these changes to the app
overall.

Although the database in the assets folder comes with its main table already
set-up, it does not contain any pre-loaded data (other than in the
android_metadata table, which is required.)  Now that we have SQLCipher up
and running, it's the perfect time to work on the Preferences Actitity to
prompt the user for a password, and other global info that the metadata will
require.  I'll be going there next...

Thanks,
Harlo

On Mon, May 9, 2011 at 10:21 AM, Nathan of Guardian <
nathan at guardianproject.info> wrote:

>
> Hans and I have been working on SQLCipher (http://sqlcipher.net) for
> Android, and I'm happy to say we have a build of it now that seems to
> work pretty well. We have an SDK packaged up with all the JAR and .SO
> files needed, so I thought I would try integrating it with Obscura/SSC.
>
> I am happy to say it works! I modified SSCMetadataHandler to use our new
> SQLiteDatabase class:
>
> import info.guardianproject.database.sqlcipher.*;
>
> and then instead of loading the .db file from assets, I just create a
> new one from scratch on the device, and added the necessary. (I am not
> sure why we were preloading the .db file in the first place - preloading
> it with data?)
>
> The only real change to a developer is that somewhere in the main
> activity, you have to call. SQLiteDatabase.loadLibs(context) one time,
> and then whenever you need to get a db, just use a password:
>
>        db = getWritableDatabase(SQLCIPHER_TEMP_PASSWORD);
>        db = getReadbleDatabase(SQLCIPHER_TEMP_PASSWORD);
>
> Right now I am using a static password string, but the real solution
> would be to prompt the user with a password or PIN keypad entry screen,
> and then have those credentials cache themselves for some period of time.
>
> All in all, it seems like just a few hours work to implement this, which
> is a very exciting prospect.
>
> +n8fr8
> _______________________________________________
> Ssc-dev mailing list
>
> Post: Ssc-dev at lists.mayfirst.org
> List info: https://lists.mayfirst.org/mailman/listinfo/ssc-dev
>
> To Unsubscribe
>        Send email to:  Ssc-dev-unsubscribe at lists.mayfirst.org
>        Or visit:
> https://lists.mayfirst.org/mailman/options/ssc-dev/harlo.holmes%40gmail.com
>
> You are subscribed as: harlo.holmes at gmail.com
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mayfirst.org/pipermail/ssc-dev/attachments/20110509/fdc142fe/attachment-0001.htm>

More information about the Ssc-dev mailing list