I am thinking along the same lines. A wrapper around the CBLDocument (if I don't hack CBLModel)
New class OTSModel (a subclass of NSObject): 1a) Either keeps the original CBLDocument or or 1b) holds the original CBLDocument's documentID. 2) Decrypts the original document's properties dictionary into its own properties dictionary 3) Implement valueForUndefinedKey: and setValue:forUndefinedKey: to get at the properties in the dictionary. Or write the accessors. 4) Accessors get and set the values in the decrypted properties 5) Intercept save: with the model and encrypt the properties dictionary. 6a) Still in save:, putProperties:error: into the original document (if you have it as in 1a) or 6b) Still in save: get the original document (if all you have is the docID as in 1b) and putProperties:error: into it I'm intrigued about hooking into the CBLModel though and will investigate what it will take to put the encryption/decryption into the CBLModel hooks. On Thursday, February 13, 2014 10:35:25 AM UTC-8, Mark W. wrote: > > Hey Alan, > > I played with this idea a few weeks ago for a future project. One > suggestion is using the CBLModel and have the encrypted item as property > that is your saved using the @dynamic keyword and a decrypted version > that's not stored. When the model is loaded, decrypt the encrypted prop and > drop it the decryptedDictionaryProperty. Then, either intercept the save > function or encrypt and store on change of the decryptedDictionaryProperty. > > The tricky bit is if you need something decrypted for your view. You could > decrypt during the map phase, but the view indexes are stored and I didn't > see a way to create an in-memory index (and I stopped working on it at this > point as I didn't need it). > > If that's not clear, I'll try to write up some code for you. > > Good luck. > > On Feb 13, 2014, at 9:59 AM, Alan McKean <[email protected] <javascript:>> > wrote: > > > On another note, I would like an opinion on the decryption/encryption > that I am using. I have a subclass of CBLMode called OTSCBLModel. It > overrides modelForDocument:encrypted: like this: > > > > + (CBLModel *) modelForDocument:(CBLDocument *)document > encrypted:(BOOL)encrypted { > > if(encrypted) { > > NSString *encryptionKey = [OTSKeychainHelper > keychainStringFromMatchingIdentifier:PROVIDER_ENCRYPTION_KEY]; > > NSDictionary *dictionary = [OTSCrypter decrypt:document.properties > encryptionKey:encryptionKey]; > > NSError *error; > > [document putProperties:dictionary error:&error]; > > } > > return [self modelForDocument:document]; > > } > > > > Unfortunately, due to the putProperties:error: call, I now have an > unencrypted document in the db. What I want is to leave the original in the > db encrypted and the in-memory properties unencrypted. I would like > anything on disk to be encrypted but unencrypted for use in the app when I > load them. Also, when I push, the server needs to get encrypted versions. > Is there a way to 'putProperties' in the document that does not update the > document on disk? Then, when I save the model, I would need to encrypt the > in-memory document and save it back to disk for the push, I assume with > putProperties:error:. > > > > On Wednesday, February 12, 2014 4:58:02 PM UTC-8, Jens Alfke wrote: > > > > On Feb 12, 2014, at 4:49 PM, Alan McKean <[email protected]> wrote: > > > > > I assume it is not persistent since I am not setting it so, > > > > Correct. > > > > > but I get a 409 conflict at the end of the pull on successive launches > so it makes me think that I am creating another replication on top of the > previous one. > > > > Hm, weird. You can enable the 'Sync' logging keyword [see the wiki for > info on logging] and then look through the logs to see if multiple > CBLPuller instances are running. Look for messages like > > CBLPuller[http:/...] STARTING > > and > > CBLPuller[http:/...] Checkpointing sequence=… > > > > —Jens > > > > > > -- > > You received this message because you are subscribed to the Google > Groups "Couchbase Mobile" group. > > To unsubscribe from this group and stop receiving emails from it, send > an email to [email protected] <javascript:>. > > To view this discussion on the web visit > https://groups.google.com/d/msgid/mobile-couchbase/eeefb1a1-42bc-44b0-a3d6-4df00c89aee8%40googlegroups.com. > > > > For more options, visit https://groups.google.com/groups/opt_out. > > -- You received this message because you are subscribed to the Google Groups "Couchbase Mobile" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/mobile-couchbase/749e71ed-1f9c-417f-b7c1-661911cc1ee6%40googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
