[aerogear-dev] AeroGear Android Crypto / DataManager Proposal
Corinne Krych
corinnekrych at gmail.com
Tue Nov 5 12:08:09 EST 2013
Hi Summers
Referring to
http://aerogear-dev.1069024.n5.nabble.com/aerogear-dev-Fallback-Strat-for-DataManager-td5188.html
where we might have async API for store in JS, I think we might benefit of
async for native apps too, specially in the case of encrypted stores.
Something like https://github.com/rnapier/RNCryptor#asynchronous-use
Of course, it can be done in later releases. Encrypting large field, you
don't want to have your UI sluggish.
wdyt?
++
Corinne
On 5 November 2013 17:44, Summers Pittman <supittma at redhat.com> wrote:
> On 11/05/2013 02:41 AM, Corinne Krych wrote:
> > Hello all,
> >
> > I've got 2 points:
> >
> > - modularity: AeroGear libs are small and modular: we have a separate
> aerogear-otp-ios, aerogear-push-ios-registration so that if the user wants
> to use aerogear without push, he can use aerogear-ios, if he needs the
> push-registration, he uses both. For encryption store, where do we want to
> put EncryptedStore? aerogear-android depends on aerogear-crypto.
> On Android it is going into the main library. We can research slicing
> the client library up for 2.0, but I would like to, for now, make
> getting up and running with anything AeroGear on Android as simple as
> including the dependency.
> >
> > - Encrypting data takes time. It would be nice to have EncryptedStore
> encrypts data on separate thread and provide callbacks on completion.
> > thoughts?
> Then we would have an encrypted Pipe. One of the things about Stores is
> that they are synchronous, Pipes are asynchronous.
>
>
> > ++
> > Corinne
> > On Nov 4, 2013, at 5:30 PM, Daniel Passos <daniel at passos.me> wrote:
> >
> >> The idea is implementing only save(add/update) and delete, using the
> stores we already have today by just adding crypt / decrypt and scheduling
> Query (readWithFilter) for the next release
> >> DataManager
> >>
> >> public Store encryptedStore(String storeName, String passphrase) {
> >> // TODO Create a default passphrase-based KeyStore
> >> KeyStore keyStore = null;
> >> return encryptedStore(storeName, keyStore);
> >> }
> >>
> >> public Store encryptedStore(String storeName, KeyStore keyStore) {
> >> StoreConfig storeConfig = new StoreConfig();
> >> storeConfig.setType(StoreTypes.ENCRYPTED_MEMORY);
> >> return encryptedStore(storeName, storeConfig, keyStore);
> >> }
> >>
> >> public Store encryptedStore(String storeName, StoreConfig config,
> String passphrase) {
> >> // TODO Create a default passphrase-based KeyStore
> >> KeyStore keyStore = null;
> >> return encryptedStore(storeName, config, keyStore);
> >> }
> >>
> >> public Store encryptedStore(String storeName, StoreConfig config,
> KeyStore keyStore) {
> >> config.setKeyStore(keyStore);
> >> Store store = storeFactory.createStore(config);
> >> stores.put(storeName, store);
> >> return store;
> >> }
> >>
> >> EncryptedMemoryStore
> >>
> >> public class EncryptedMemoryStore<T> implements Store<T> {
> >>
> >> private final MemoryStorage<T> memoryStorage;
> >> private final CryptoUtils<T> cryptoUtils;
> >>
> >> public EncryptedMemoryStore(IdGenerator idGenerator, KeyStore
> keyStore) {
> >> memoryStorage = new MemoryStorage(idGenerator);
> >> cryptoUtils = new CryptoUtils<T>(keyStore);
> >> }
> >>
> >> @Override
> >> public StoreType getType() {
> >> return StoreTypes.ENCRYPTED_MEMORY;
> >> }
> >>
> >> @Override
> >> public Collection<T> readAll() throws InvalidKeyException {
> >> Collection<T> encryptedCollection = memoryStorage.readAll();
> >> return cryptoUtils.decrypt(encryptedCollection);
> >> }
> >>
> >> @Override
> >> public T read(Serializable id) throws InvalidKeyException {
> >> T encryptedItem = memoryStorage.read(id);
> >> return cryptoUtils.decrypt(encryptedItem);
> >> }
> >>
> >> @Override
> >> public List<T> readWithFilter(ReadFilter filter) throws
> InvalidKeyException {
> >> List<T> encryptedList = memoryStorage.readWithFilter(filter);
> >> return cryptoUtils.decrypt(encryptedList);
> >> }
> >>
> >> @Override
> >> public void save(T item) {
> >> memoryStorage.save(cryptoUtils.encrypt(item));
> >> }
> >>
> >> @Override
> >> public void reset() {
> >> memoryStorage.reset();
> >> }
> >>
> >> @Override
> >> public void remove(Serializable id) {
> >> memoryStorage.remove(id);
> >> }
> >>
> >> @Override
> >> public boolean isEmpty() {
> >> return memoryStorage.isEmpty();
> >> }
> >>
> >> }
> >>
> >> CryptoUtils
> >>
> >> Here is where the magic happens.
> >>
> >>
> >> public class CryptoUtils<T> {
> >>
> >> private final KeyStore keyStore;
> >>
> >> public CryptoUtils(KeyStore keyStore) {
> >> this.keyStore = keyStore;
> >> }
> >>
> >> public Collection<T> decrypt(Collection<T> encryptedCollection) {
> >> List<T> decryptedList = new ArrayList<T>();
> >> for (T item : encryptedCollection) {
> >> decryptedList.add(decrypt(item));
> >> }
> >> return decryptedList;
> >> }
> >>
> >> public List<T> decrypt(List<T> encryptedList) {
> >> List<T> decryptedList = new ArrayList<T>();
> >> for (T item : encryptedList) {
> >> decryptedList.add(decrypt(item));
> >> }
> >> return decryptedList;
> >> }
> >>
> >> public T decrypt(T item) {
> >> // TODO Read all fields and decrypt
> >> return item;
> >> }
> >>
> >> public T encrypt(T item) {
> >> // TODO Read all fields and encrypt
> >> return item;
> >> }
> >>
> >> }
> >>
> >> _______________________________________________
> >> aerogear-dev mailing list
> >> aerogear-dev at lists.jboss.org
> >> https://lists.jboss.org/mailman/listinfo/aerogear-dev
> >
> > _______________________________________________
> > aerogear-dev mailing list
> > aerogear-dev at lists.jboss.org
> > https://lists.jboss.org/mailman/listinfo/aerogear-dev
>
> _______________________________________________
> aerogear-dev mailing list
> aerogear-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/aerogear-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/aerogear-dev/attachments/20131105/41d5ef1d/attachment-0001.html
More information about the aerogear-dev
mailing list