Hi gang,
I agree that an encryption intent isn't too difficult. I modified OI
Notepad more or less as a learning experience, but I think that there
are some standard behaviors that a set of well defined intents could
usefully provide.
(By the way, I got the encryption and UI code from Passwordsafe so
that's at least two programs that could use it ;)
http://code.google.com/p/android-passwordsafe/ )
= A simple encrypt/decrypt intent =
* The user should be able to type in their password just once for
multiple applications. We could avoid allowing various applications to
actually have access to the password, (just the ability to encrypt &
decrypt) which is nice.
* Store certain preferences from the user:
* How long to remember the password they've typed in
* change the password
* Maybe we could plug into the "draw a pattern on the screen"
capability instead of using a password
* Query for and store the password. This involves generating an MD5
of the password and storing that MD5 in the database so that when the
user enters in the password you can detect whether it's correct.
Otherwise it's hard to tell if you're properly decrypting things,
although maybe there's a better way. That's how passwordsafe did it.
* Changing the password is tricky with the method used here; if you
wanted to change the AES password, you'd have to go through and re-
encrypt everything, so some kind of indirection would be necessary,
possibly with a private key, gnupg style? Not sure what the best way
to do that is.
* Really I should look at how Gnome already does stuff like this so
as to not reinvent the wheel :)
= A more complex system =
* Store public & private keys, and provide the kinds of functionality
that Jose suggested. I like that idea, but maybe it would be good to
get a simple version like above working first :)
* Perhaps we could provide a crypto ContentProvider so it would be
really easy to use?
I dropped the code up onto the web as a darcs repository, or you can
just scp it to play with it. The darcs repo maintains the original
code so you can see everything as diffs if you want:
darcs get
http://www.syntaxpolice.org/tmp/CryptoNotePad
peace,
isaac
p.s. It's a shame to see that the biowallet folks aren't able to
release their product because they don't have access to a G1 phone!