I have an application (Amnesia) which lets you create memos/stickers/alarms/Phone Book, and uses db4o (embedded) to store the objects in a .db file.
What I am thinking of doing, is adding an encryption/decryption to protect the data. Let me describe you the process(of what I want to do):
When the app is installed and run for the first time, it will ask for a passphrase. Then it will use that passphrase to encrypt/decrypt the demo data that is created at the first initialization of the database, as well for any entry that is made later on (yes the first time it is run there is no database. It gets created and populated with demo data).
Every time the user opens the app, it will ask a passphrase from him. The user enters the pass phrase and the app will try to read from the db and decrypts the data. If decryption fails, that means the user entered a “wrong” (different from the first used) passhrase and the app will exit.
What I would like to ask is if this is possible or not? From my search on google, I’ve only found encryption / decryption of objects like strings, and for other objects the only tutorials were with serialize examples. I do not want to export/import the data from a file (like all the serialization examples) every time a save or read is done to the database (due to the fact that calls to the database are done very often and it would be un-productive to do so).
What I want is a simple encryption every time an object is written (saved) and a decryption every time an object/class is queried/retrieved from the .db file (embedded db4o).
Can this be done ?
(my other alternative is to use an external file,like a .ini, to store an encrypted user password, and then just check that password with user input each time the app starts, but that is much less secure)
Don’t try to encrypt the objects. Encrypt the database.
db4o doesn’t include encryption of its own, but you can add it. You need to write a custom Storage implementation that encrypts the data. I think you can do this by writing a subclass of StorageDecorator that wraps a normal FileStorage and adds encryption. You can then use that by setting it on the FileConfiguration.