On Tue, 3 Sep 2019 12:11:32 +0530, Vadiraj Villivalam wrote: > Hi, > > Our client software uses sqlite for persistence and db is currently > encrypted by passing a app generated key to SEE. > With the open os like android providing keystore and key generation > mechanism, we want to switch to this secure key generation mechanism and > avoid generating key ourselves. As the key store does not allow the key > itself to be exported out, I would like to know if sqlite has a mechanism > to leverage the key store way of en/decrypting it (could be with a callback > implemented by app that interfaces with Android keystore)? Any insight will > help. Thanks.
This article may be of help. It also talks about limitations, e.g. "The Keystore itself is encrypted using the user’s own lockscreen pin/password, hence, when the device screen is locked the Keystore is unavailable. Keep this in mind if you have a background service that could need to access your application secrets." <https://www.androidauthority.com/use-android-keystore-store-passwords-sensitive-information-623779/> It is the first hit in a search on "android keystore api tutorial". Hope this helps. -- Regards, Kees Nuyt _______________________________________________ sqlite-users mailing list sqlite-users@mailinglists.sqlite.org http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users
