[aerogear-dev] Should encrypted store fail to open when passphrase is wrong?
Tadeas Kriz
tkriz at redhat.com
Tue Jan 21 09:46:50 EST 2014
Right, the whole time all I was trying to agree on is that the user should know that the EncryptedSQLStore can’t decrypt the data inside it with the passphrase (or any other authentication method) when trying to open the store and not on ‘read’ like it’s now. All my suggestions were how that could be done and it seems that you have just another solution for that. As I see it, we’ve just misunderstood each other (or it might be just on my side).
To wrap it up, if there are plans that EncryptedSQLStore#open would be the method to throw InvalidKeyException and not other methods (well, of course other methods might be throwing this too, but that’d be just in some corner cases in which the database was tampered after it was already opened), I’m all good with that.
—
Tadeas Kriz
tkriz at redhat.com
On 21 Jan 2014, at 15:39, Bruno Oliveira <bruno at abstractj.org> wrote:
> Yes, we are under the data encryption domain right?
>
> Either way you are free to suggest whatever you think is ideal for you, if the team agree on that, I would respect their decision. Even if it doesn’t sound right for me.
>
> --
> abstractj
>
> On January 21, 2014 at 12:36:24 PM, Tadeas Kriz (tkriz at redhat.com) wrote:
>>> So, does that mean that when user calls ‘open’ on EncryptedSQLStore,
>> he’ll get an exception if he used wrong passphrase (or for example
>> keystore) ?
>
More information about the aerogear-dev
mailing list