> On Jun 17, 2017, at 7:02 AM, Yuriy M. Kaminskiy <[email protected]> wrote: > > *) don't appear to be able to keep key in system-provided secure > device/enclave;
In their defense, I think this is out-of-scope for a cross-platform db encryption library, as there are so many different APIs for this on different platforms, and different valid choices even on one platform. So I see this more as an application responsibility. For example, on iOS you could store the key as a normal Keychain item or put it under Touch ID control, or make the user enter a passphrase. Storing or accessing the key may require user interaction, which means UI code that likely needs to be customized to the application. In some environments you might need to request the key from a key-server. Etc. > *) error handling looks problematic in a lot of places (no error > checks, there are memory/resource leaks on error paths). If you have notes on those, could you share them? It would be good to get those cleaned up. (I don’t work on SQLCipher, but I do work on a library that uses it in some configurations.) —Jens _______________________________________________ sqlite-users mailing list [email protected] http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users
