12-03-2012 04:09 PM - edited 12-03-2012 04:09 PM
I'm looking for a secure way to store credentials, but there doesn't seem to be any.
It seems Cascades doesn't support QtKeyChain and Webworks has no API to access a keychain either.
Native devs have at least access to the encryption API, so that's better than nothing, but we don't.
Is there an official solution coming our way?
12-04-2012 04:14 PM
No official statement???
In quite a few of the WebWorks samples requiring API keys, there is a paragraph about security and a recommendation:
"One way to securely pass your API Keys to your application is to host them on a server, then use SSL and do a POST to obtain your keys"
Will BB10 ever have a keystore which will only be accessible by apps and thus protect an app's keys or do we have to rely on security through obscurity (weak) or run every request through a server (costly)?
12-06-2012 09:42 AM
Interesting knowledgebase article about how to use the Security Builder Crypto-C APIs in Cascades.
Could we have the same for Webworks, please?
It would be a start.