Android Password Manager
This is an adaptation of PasswordSafe by Steven Osborn (released under the Apache License) which is basic password manager for the Android platform. The source code have been adapted to use db4o instead of SQLite which makes the handling of persistence much more intuitive while still being fast.
Details
The application basically stores login information for websites such as url, username and password in a secure way using 128 Bit AES Encryption. The user must provide the correct password in order to access the application and this password is then used to encrypt/decrypt the data.
This is a sample video of the db4o powered application running on the Android Emulator:
http://www.youtube.com/watch?v=UFSD44AcBwM
If you check the source code (see the end of this page) you'll see that the the DBHelper class (SQLite persistence) has been replaced by the Db4oHelper class (db4o persistence). Let me now show you some of the differences between handling persistence with db4o and SQLite.
SQL Initialization overhead
This is the SQL code that you need to initialize the password manager for SQLite (table names, table creation commands, etc):
And this is the equivalent db4o code:
As you might notice, you don't have to preinitialize your schema with db4o! (with db4o your object model is your schema and refactoring is handled gracefully or even automatically for simple cases)
Database opening and creation mechanism
With SQLite you need two different method calls, one for the creation of the database and another one for opening it:
while with db4o you just call openFile() and it will create or open depending on whether the DB exists:
Might not sound like a big deal but less code is cleaner code!
Updating and inserting data
As with any relational database with SQLite you need to pass insert or update commands according to the situation (not to mention that you must also construct the SQL string reflecting all fields with no errors for the commands to work properly):
And this is the equivalent db4o code:
Do you see any difference? db4o is indeed a one-line-of-code storage database. db4o detects automatically whether the object is new or preexisting and updates or inserts accordingly (we just call this a store operation). Note that here we provide the next id for the object manually but db4o can also be configured to autoincrement a field.
Fetching all entries
Note the manual object relational mapping that we have to do with SQLite:
and forget about it with db4o:
Note that in this simple query we're asking for all PassEntry objects and sorting the result by the field "id" (while there's no sorting in the SQLite example). In this case the query is performed via SODA.
It couldn't be simpler!!!
Fetching an entry by a field
Here the code for fetching entries by Id when using the SQLite version:
and here's the db4o version using one of the three query systems of db4o (in this case we use Query by Example aka QBE instead of SODA):
Much shorter an cleaner!
Conclusion
I hope you've realized about the benefits of db4o with this short demonstration (and this is just the basic stuff that you can do with db4o). Do you want to take persistence to the next level in your app too? Download db4o for Java or .NET now. It's FREE!!!
Other resources:
TODO
- Replace the custom encryption algorithm with XTEA (which will provide database level and io encryption instead of field encryption)
- Provide search capabilities (in order to filter the entries by name)
Steve's Password Safe project is under active development on Google Code (more TODOs here):
http://code.google.com/p/android-passwordsafe/issues/
Bugs
- There's an error when trying to edit a url in the website field of the password entry editor
Downloads
Original "Password Safe" by Steve Osborn (without db4o) can be downloaded here