Open hank opened 10 years ago
Are the private keys themselves encrypted at rest? If not, maybe the password/PIN can be used as a key to do so. That way, the password/PIN will always be needed every time a private key is involved.
https://code.google.com/p/android-lockpattern/wiki/Encryption
Would this be an acceptable library to use?
I was hoping to try and help implement this, and was looking at a few existing pin / password prompts, this one caught my eye, (largely because I'm a fan of the pattern locks).
Yeah that would be acceptable if it used encryption packaged in SpongyCastle, which is currently packaged in the app.
Either on app entrance or on send - on send might be easier. Thanks to CryptoDude for the suggestion!