On Android operating systems, all Hybrid Web Container files, and extra data entered by the user or retrieved from the server, are encrypted before being stored into a SQLite database on the device.
The crypto libraries provided by Google/Android are used.
Specifically, the encryption algorithm used is AES-256 symmetric encryption.
Hybrid Web Container Files
Hybrid Web Container files include all the files contained in the
<workflow_package_name>.zip that is deployed to the
device, including all HTML, JavaScript, CSS, and any other files that may be
included as part of the zip package.
- When the platform’s browser control requests these Web
files, they are read from the device’s SQLite database, stored unencrypted
on the file system temporarily, and then passed to the browser control
through a Content Provider.
- These temporary files are removed from the Content Provider
immediately after the last of them are requested by the browser control. The
Content Provider URL is further obfuscated with a randomly generated number
that is required on the URL when the files are requested.
Attachments
If attachments, such as *.docx, *.pdf, and so on, are part of the
<workflow_package_name>.zip deployed to the device,
they are stored in the encrypted SQLite database after they have been encrypted
through the Google/Android crypto libraries.
Attachments that are downloaded through an online request using an
object query are stored unencrypted in the device’s flash memory for the file
viewers to display them. Once the mobile workflow closes, these temporary attachment
files are immediately removed.
Images
The image is saved, unencrypted on the file system, into the Gallery
application, (ImageOptions.CAMERA, ImageOptions.BOTH).
Note: The Android operating system enforces the sandboxing of these
image files.
Cached Online Requests
The results of online requests that are specified to be cached are
stored on the device’s SQLite database (after they are encrypted through the
Google/Android crypto libraries). Cached results are removed when the Hybrid Web
Container is unassigned from the device, or uninstalled from the server.
Notifications From the Server
Notifications from the server are stored in the same SQLite database
after they have been encrypted through the Google/Android crypto libraries,
including the payload that makes up the notification. When the notification is acted
upon, the JavaScript makes a request for the notification contents. This is read
from the SQLite database, unencrypted, and passed to the browser in memory.
User Input Sent to the Server
When the device has no network connectivity, and the user submits a
Workflow for the server to process, the data destined for the server is queued up on
the device. The contents of this queue are again encrypted through the
Google/Android crypto libraries before it is stored into the SQLite database.
Encryption Keys
- How the encryption key is generated:
- A
generated GUID is used as the key for encrypting the data (“data
password”)
- A
user-provided password (PIN) is used to secure/encrypt the “data
password," which is persisted in its encrypted form. In order to
have access to the "data password", one must know the user
password.
- The salt is a different persisted, generated GUID.
- Encryption
of data is done with the "data password."
- Where is the encryption key stored?
- The
"data
password" is persisted in its encrypted form in a separate table in
the SQLite database.