Akavache
Akavache copied to clipboard
reactiveui
Provide a full implementation for the IEncryptionProvider that works for all platforms
Note: for support questions, please ask on StackOverflow: https://stackoverflow.com/questions/tagged/Akavache . This repository's issues are reserved for feature requests and bug reports.
Do you want to request a feature or report a bug?
Currently the IEncryptedProvider is only implemented on Windows Apps and not on any of the other platforms. All of the other platforms just pass the data through without encrypting it and leave it up to the user to provide an implementation. Now with a much larger API landscape there should be a useful way to implement this into the library.
What is the current behavior? Data is only encrypted on windows everywhere else it's just passed through
What is the expected behavior? To provide an encryption implementation for all platforms
What is the motivation / use case for changing the behavior?
A handful of issues have popped up as of late with people having issues implementation Secure Blob Cache. Also the lack of encryption right now isn't very apparent unless you dive into the code and see it's not actually encrypting anything..
Other information (e.g. stacktraces, related issues, suggestions how to fix) http://kent-boogaart.com/blog/password-protected-encryption-provider-for-akavache
I'm not really an expert on encryption or best practices so I'm all ears on this one on the best way to provide this implementation.
Best way to roll this out? For people who have been using Secure Cache we don't want that data to all of a sudden just stop working with a release so does this need to be opt in or configurable? For example just leave the shim in place and provide a secure implementation they can opt in for
Is implementing this inside Akavache out of scope? Encryption is an ever changing landscape so not sure if this will cause the library to take on too much responsibility staying current on encryption while staying compatible through upgrades. For example on the ASP.net core side of things just updating the version on your DataProtection libraries causes all of your encryption keys to invalidate. Not that that's completely relevant but more just a story of how encryption is a fickle friend.
I tested Kent's code from his blog and it indeed compiles for netstandard2.0 but it doesn't compile for netstandard1.6 so if we wanted to use that we'd have to just up everything to netstandard2.0 or provide both?
