<div dir="ltr"><br><div class="gmail_extra"><br><br><div class="gmail_quote">On Tue, Nov 5, 2013 at 5:41 PM, Summers Pittman <span dir="ltr"><<a href="mailto:supittma@redhat.com" target="_blank">supittma@redhat.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000"><div class="im">
<div>On 11/04/2013 11:30 AM, Daniel Passos
wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr">
<div><a href="#1422924aa0738a79_" name="1422924aa0738a79_aerogear-android-crypto"></a>
<h1 style="margin:1.3em 0px 1em;padding:0px;font-weight:bold;font-size:1.6em">
<span style="font-size:small;font-weight:normal">The idea is
implementing only save(add/update) and delete, using the
stores we already have today by just adding crypt /
decrypt and scheduling Query (readWithFilter) for the next
release</span><br>
</h1>
</div>
</div>
</blockquote></div>
+1, Do we have relevant JIRA's which are up to date with respect to
query?<div class="im"><br>
<blockquote type="cite">
<div dir="ltr">
<div>
<h1 style="margin:1.3em 0px 1em;padding:0px;font-weight:bold;font-size:1.6em">
</h1>
<p style="margin:1.2em 0px!important"><b>DataManager</b></p>
<pre style="font-size:0.85em;font-family:Consolas,Inconsolata,Courier,monospace;font-size:1em;line-height:1.2em;margin:1.2em 0px"><code style="font-size:0.85em;font-family:Consolas,Inconsolata,Courier,monospace;margin:0px 0.15em;padding:0px 0.3em;white-space:pre-wrap;border:1px solid rgb(234,234,234);background-color:rgb(248,248,248);border-top-left-radius:3px;border-top-right-radius:3px;border-bottom-right-radius:3px;border-bottom-left-radius:3px;display:inline;white-space:pre-wrap;overflow:auto;border-top-left-radius:3px;border-top-right-radius:3px;border-bottom-right-radius:3px;border-bottom-left-radius:3px;border:1px solid rgb(204,204,204);padding:0.5em 0.7em;display:block!important;display:block;padding:0.5em;color:rgb(51,51,51);background-color:rgb(248,248,255);background-repeat:initial initial">public Store encryptedStore(String storeName, String passphrase) {
// TODO Create a default passphrase-based KeyStore
KeyStore keyStore = null;
return encryptedStore(storeName, keyStore);
}
public Store encryptedStore(String storeName, KeyStore keyStore) {
StoreConfig storeConfig = new StoreConfig();
storeConfig.setType(StoreTypes.ENCRYPTED_MEMORY);
return encryptedStore(storeName, storeConfig, keyStore);
}
public Store encryptedStore(String storeName, StoreConfig config, String passphrase) {
// TODO Create a default passphrase-based KeyStore
KeyStore keyStore = null;
return encryptedStore(storeName, config, keyStore);
}
public Store encryptedStore(String storeName, StoreConfig config, KeyStore keyStore) {
config.setKeyStore(keyStore);
Store store = storeFactory.createStore(config);
stores.put(storeName, store);
return store;
}</code></pre>
</div>
</div>
</blockquote></div>
Maybe it bight be better to extract all of these methods into a
factory?<br>
<br>
From the user's point of view they would preform something like this<br>
<br>
<pre style="font-size:0.85em;font-family:Consolas,Inconsolata,Courier,monospace;font-size:1em;line-height:1.2em;margin:1.2em 0px"><code style="font-size:0.85em;font-family:Consolas,Inconsolata,Courier,monospace;margin:0px 0.15em;padding:0px 0.3em;white-space:pre-wrap;border:1px solid rgb(234,234,234);background-color:rgb(248,248,248);border-top-left-radius:3px;border-top-right-radius:3px;border-bottom-right-radius:3px;border-bottom-left-radius:3px;display:inline;white-space:pre-wrap;overflow:auto;border-top-left-radius:3px;border-top-right-radius:3px;border-bottom-right-radius:3px;border-bottom-left-radius:3px;border:1px solid rgb(204,204,204);padding:0.5em 0.7em;display:block!important;display:block;padding:0.5em;color:rgb(51,51,51);background-color:rgb(248,248,255);background-repeat:initial initial">StoreConfig config = new StoreConfig();
config.setType(ENCRYPTED_MEMORY);
config.setCryptoBox(crypto);
config.setName("encrypted")
EncryptedStore = dataManager.store(config);
</code></pre>
and have the selecting which encryptedStore method left up to the
library on the back end.<br></div></blockquote><div><br></div><div><br></div><div>+1</div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div bgcolor="#FFFFFF" text="#000000">
<br>
My biggest concern is that having so many possible methods.<div><div class="h5"><br>
<blockquote type="cite">
<div dir="ltr">
<div>
<p style="margin:1.2em 0px!important"><b>EncryptedMemoryStore</b></p>
<pre style="font-size:0.85em;font-family:Consolas,Inconsolata,Courier,monospace;font-size:1em;line-height:1.2em;margin:1.2em 0px"><code style="font-size:0.85em;font-family:Consolas,Inconsolata,Courier,monospace;margin:0px 0.15em;padding:0px 0.3em;white-space:pre-wrap;border:1px solid rgb(234,234,234);background-color:rgb(248,248,248);border-top-left-radius:3px;border-top-right-radius:3px;border-bottom-right-radius:3px;border-bottom-left-radius:3px;display:inline;white-space:pre-wrap;overflow:auto;border-top-left-radius:3px;border-top-right-radius:3px;border-bottom-right-radius:3px;border-bottom-left-radius:3px;border:1px solid rgb(204,204,204);padding:0.5em 0.7em;display:block!important;display:block;padding:0.5em;color:rgb(51,51,51);background-color:rgb(248,248,255);background-repeat:initial initial">public class EncryptedMemoryStore<T> implements Store<T> {
private final MemoryStorage<T> memoryStorage;
private final CryptoUtils<T> cryptoUtils;
public EncryptedMemoryStore(IdGenerator idGenerator, KeyStore keyStore) {
memoryStorage = new MemoryStorage(idGenerator);
cryptoUtils = new CryptoUtils<T>(keyStore);
}
@Override
public StoreType getType() {
return StoreTypes.ENCRYPTED_MEMORY;
}
@Override
public Collection<T> readAll() throws InvalidKeyException {
Collection<T> encryptedCollection = memoryStorage.readAll();
return cryptoUtils.decrypt(encryptedCollection);
}
@Override
public T read(Serializable id) throws InvalidKeyException {
T encryptedItem = memoryStorage.read(id);
return cryptoUtils.decrypt(encryptedItem);
}
@Override
public List<T> readWithFilter(ReadFilter filter) throws InvalidKeyException {
List<T> encryptedList = memoryStorage.readWithFilter(filter);
return cryptoUtils.decrypt(encryptedList);
}
@Override
public void save(T item) {
memoryStorage.save(cryptoUtils.encrypt(item));
}
@Override
public void reset() {
memoryStorage.reset();
}
@Override
public void remove(Serializable id) {
memoryStorage.remove(id);
}
@Override
public boolean isEmpty() {
return memoryStorage.isEmpty();
}
}</code></pre>
</div>
</div>
</blockquote></div></div>
So do we need a KeyStore with an in memory implementation? Since
the data will be wiped every time the app starts, we could just
generate the key on the fly and keep it resident while the store is
around. If the store gets GC'd then we have to fetch the data again
anyway.<br>
<br>
Alternatively, if we are NOT keeping a reference to the key, how do
we make sure it is only in memory for a little time as possible?<br>
<br>
<blockquote type="cite"><div class="im">
<div dir="ltr">
<div>
<p style="margin:1.2em 0px!important"><b>CryptoUtils</b> <br>
<br>
Here is where the magic happens.</p>
<pre style="font-size:0.85em;font-family:Consolas,Inconsolata,Courier,monospace;font-size:1em;line-height:1.2em;margin:1.2em 0px"><code style="font-size:0.85em;font-family:Consolas,Inconsolata,Courier,monospace;margin:0px 0.15em;padding:0px 0.3em;white-space:pre-wrap;border:1px solid rgb(234,234,234);background-color:rgb(248,248,248);border-top-left-radius:3px;border-top-right-radius:3px;border-bottom-right-radius:3px;border-bottom-left-radius:3px;display:inline;white-space:pre-wrap;overflow:auto;border-top-left-radius:3px;border-top-right-radius:3px;border-bottom-right-radius:3px;border-bottom-left-radius:3px;border:1px solid rgb(204,204,204);padding:0.5em 0.7em;display:block!important;display:block;padding:0.5em;color:rgb(51,51,51);background-color:rgb(248,248,255);background-repeat:initial initial">
public class CryptoUtils<T> {
private final KeyStore keyStore;
public CryptoUtils(KeyStore keyStore) {
this.keyStore = keyStore;
}
public Collection<T> decrypt(Collection<T> encryptedCollection) {
List<T> decryptedList = new ArrayList<T>();
for (T item : encryptedCollection) {
decryptedList.add(decrypt(item));
}
return decryptedList;
}
public List<T> decrypt(List<T> encryptedList) {
List<T> decryptedList = new ArrayList<T>();
for (T item : encryptedList) {
decryptedList.add(decrypt(item));
}
return decryptedList;
}
public T decrypt(T item) {
// TODO Read all fields and decrypt
return item;
}
public T encrypt(T item) {
// TODO Read all fields and encrypt
return item;
}
}</code></pre>
</div>
</div>
<br>
<fieldset></fieldset>
<br>
</div><div class="im"><pre>_______________________________________________
aerogear-dev mailing list
<a href="mailto:aerogear-dev@lists.jboss.org" target="_blank">aerogear-dev@lists.jboss.org</a>
<a href="https://lists.jboss.org/mailman/listinfo/aerogear-dev" target="_blank">https://lists.jboss.org/mailman/listinfo/aerogear-dev</a></pre>
</div></blockquote>
<br>
</div>
<br>_______________________________________________<br>
aerogear-dev mailing list<br>
<a href="mailto:aerogear-dev@lists.jboss.org">aerogear-dev@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/aerogear-dev" target="_blank">https://lists.jboss.org/mailman/listinfo/aerogear-dev</a><br></blockquote></div><br><br clear="all"><div><br></div>-- <br>Matthias Wessendorf <br>
<br>blog: <a href="http://matthiaswessendorf.wordpress.com/" target="_blank">http://matthiaswessendorf.wordpress.com/</a><br>sessions: <a href="http://www.slideshare.net/mwessendorf" target="_blank">http://www.slideshare.net/mwessendorf</a><br>
twitter: <a href="http://twitter.com/mwessendorf" target="_blank">http://twitter.com/mwessendorf</a>
</div></div>