Hi,

followed the same approach in iOS API, e.g:

AGKeyStoreCryptoConfig *config = [[AGKeyStoreCryptoConfig alloc] init];
[config setAlias:@"alias"];
[config setPassword:@"passphrase"];
 
AGStoreConfiguration* config = [[AGStoreConfiguration alloc] init];
[config setRecordId:@"id"];
// apply the desired crypto service
[config setEncryptionService:encService];
 
encMemStore = [AGEncryptedMemoryStorage storeWithConfig:config];

The AGEncryptedMemoryStorage will now use the configured EncryptionService to encrypt/decrypt data.

Implemented EncryptionService is the AGPasswordKeyServices[1]  that uses apple keychain to store password and encryption key

Work branch is here [2]

-
Christos

[1] https://github.com/cvasilak/aerogear-ios/blob/d04c9627b1dd96b69c92c4a4fefcfbbc7ab3e6c1/AeroGear-iOS/AeroGear-iOS/security/AGPasswordKeyServices.m
[2] https://github.com/cvasilak/aerogear-ios/commit/d04c9627b1dd96b69c92c4a4fefcfbbc7ab3e6c1



On Nov 8, 2013, at 5:38 PM, Summers Pittman <supittma@redhat.com> wrote:

Ok so I updated a little bit:

So KeyService is now EncryptionService.

https://github.com/secondsun/aerogear-android/blob/security/src/org/jboss/aerogear/android/security/EncryptionService.java

Usages are here :

https://gist.github.com/secondsun/c1fb32a4c49f9bb6bed2

KeyManager is in Process.

Here are links to the classes for my impls of EncryptionService

https://github.com/secondsun/aerogear-android/blob/security/src/org/jboss/aerogear/android/impl/security/AbstractEncryptionService.java

https://github.com/secondsun/aerogear-android/blob/security/src/org/jboss/aerogear/android/impl/security/PasswordKeyServices.java

https://github.com/secondsun/aerogear-android/blob/security/src/org/jboss/aerogear/android/impl/security/PassPhraseKeyServices.java


On 11/05/2013 03:00 PM, Summers Pittman wrote:
One of the things we briefly discussed on the chat was key generation
and secret storage.

For Android we want to combine the two in an "easy" API which follows
the Object/Factory/Config patterns of our other systems (Pipeline,
Authentication, Push).

Here is a high level code flavored example of what I am talking about.

https://gist.github.com/secondsun/d602d19255b1fd085ac8

Actual work is going forward here:
https://github.com/secondsun/aerogear-android/tree/security

wdyt?
_______________________________________________
aerogear-dev mailing list
aerogear-dev@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/aerogear-dev

_______________________________________________
aerogear-dev mailing list
aerogear-dev@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/aerogear-dev