Passing encryption key via a callback #1636
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…ry region that can be reset later to enhance security
nhachicha
commented
Jan 18, 2024
packages/library-base/src/commonMain/kotlin/io/realm/kotlin/internal/RealmImpl.kt
Outdated
Show resolved
Hide resolved
- Adding jni lib for Android test
cmelchior
reviewed
Jan 19, 2024
packages/library-base/src/commonMain/kotlin/io/realm/kotlin/Configuration.kt
Outdated
Show resolved
Hide resolved
| @@ -354,6 +378,52 @@ public interface Configuration { | |||
| public fun encryptionKey(encryptionKey: ByteArray): S = | |||
| apply { this.encryptionKey = validateEncryptionKey(encryptionKey) } as S | |||
|
|
|||
| /** | |||
| * Similar to [encryptionKey] but instead this will read the encryption key from native memory. | |||
| // These touches the notifier and writer lazy initialised Realms to open them with the provided configuration. | ||
| awaitAll( | ||
| async(notificationScheduler.dispatcher) { | ||
| notifier.realm.version().version |
There was a problem hiding this comment.
Nitpick, would it make sense to have a helper method like openRealm() or something, just to make it more readable.
There was a problem hiding this comment.
I'll add a TODO. There might be other feedbacks we can incorporate after the POC
packages/test-base/src/androidMain/kotlin/io/realm/kotlin/test/platform/PlatformUtils.kt
Show resolved
Hide resolved
packages/test-base/src/commonTest/kotlin/io/realm/kotlin/test/common/EncryptionTests.kt
Show resolved
Hide resolved
| @ExperimentalEncryptionCallbackApi | ||
| public interface EncryptionKeyCallback { | ||
| /** | ||
| * Provides the native memory address of the 64 byte array containing the key used to encrypt and decrypt the Realm file. |
There was a problem hiding this comment.
I would also document that this can be called multiple times and that release is only called once, so they do not accidentially create a new Pointer for every call to this, but only release it once.
This was also why I thought it might make a better API if this was an symmetric API, i.e. called 3 times, and released 3 times, but I do agree that the current behavior is easier to implement for the sake of an POC.
…nfiguration.kt Co-authored-by: Christian Melchior <[email protected]>
Co-authored-by: Christian Melchior <[email protected]>
Co-authored-by: Christian Melchior <[email protected]>
cmelchior
approved these changes
Jan 22, 2024
packages/library-base/src/commonMain/kotlin/io/realm/kotlin/Configuration.kt
Outdated
Show resolved
Hide resolved
…nfiguration.kt Co-authored-by: Christian Melchior <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR adds the ability to pass in the AES encryption key from a native memory region. After opening the Realm the caller can reset this native memory region to reduce the window where the key is available clear in memory.
openEncryptedRealmWithEncryptionKeyCallbacktest)Closes #1705