Mark is talking about downloading and installing on the fly so as long as
baked into the app it would be fine. Widgets do use foreign code if native.
As long as the private key isn’t compromised, then you can keep using the
same pair. One advantage to changing though would be to ensure that the
co
Do Android widgets use foreign handlers? If only some of them would be
excluded, it would be helpful to know which those are. A symbol or note
in the inclusions list would be nice. Or am I conflating widgets with
other extensions?
I'm using the Android toast library. Would that count? It doesn
Thanks very much for this, Brian. It's not only helpful, it's easier
than I was trying to make it.
Am I correct that I can continue to use the same .pem files for each
update, as long as I recreate the signatures? Is there any disadvantage
to that? It doesn't matter too much since your generat
On 2018-05-23 05:14, Brian Milby wrote:
@Mark
Would the loading of LCB extensions be a good thing to add to the
securityPermissions (or does external already cover it)?
The securityPermissions is definitely the right place to do this.
Standalones are built with a small startup script which is
@Mark
Would the loading of LCB extensions be a good thing to add to the
securityPermissions (or does external already cover it)?
On Tue, May 22, 2018 at 7:12 PM Brian Milby wrote:
> Well, it isn't a full library, but I did put together a demo of how it can
> work:
>
> https://github.com/bwmilby/
Well, it isn't a full library, but I did put together a demo of how it can
work:
https://github.com/bwmilby/lc-misc/tree/master/SignVerify
https://github.com/bwmilby/lc-misc/raw/master/SignVerify/SignVerify.livecode
I've only tested on Mac, but it should work everywhere if you already have
the ke
Can’t make any changes to the stack once you generate the hash or it will
not match.
On Tue, May 22, 2018 at 2:41 PM J. Landman Gay via use-livecode <
use-livecode@lists.runrev.com> wrote:
> Would it be okay to store the encrypted hash in a custom property of the
> remote stack?
>
> I'll need to e
Would it be okay to store the encrypted hash in a custom property of the
remote stack?
I'll need to experiment to see if I can do what you've outlined, unless
you write a library before I figure it out... ;)
On 5/22/18 12:03 AM, Brian Milby via use-livecode wrote:
The dictionary entries tha
The dictionary entries that you want are "encrypt using rsa", "decrypt
using rsa", and "messageDigest'.
High level process...
- Generate a public/private key pair
- Package the file that you want to ensure is not tampered with
- Generate a hash of the file (messageDigest)
- Encrypt the hash with y
@Mark, thanks so much for your post, it helps. When you get a chance it
would be great to get more detail about how to set up the RSA keys. I'm
sure I won't be the only person here who needs this, so you'll be
helping everyone.
I think I can find out how to generate the keys, but I'm not quite
On 2018-05-21 17:51, J. Landman Gay via use-livecode wrote:
My client sells supplies to hospitals and the mobile app is part of a
tracking system. We have been distributing the app from a web site but
some users don't trust that and others don't understand why they need
to enable "unknown sources
That's great! Thanks for posting that Colin, I'm going to take the chance.
I didn't know things had proceeded that far.
Do you have any more details about the decision so we can avoid potential
conflicts? How is the determination about noncompliance made?
--
Jacqueline Landman Gay | jac...@h
At the time Mark thought there might be some LCB tweaks LiveCode might make to
keep Google happy, but after the Google guys looked at a number of LiveCode
apps, they concluded that they don’t seem to violate the new policy. Well, it
was new 11 months ago when this came up last time!
Would you need to go full “splash stack”? Could you have a “supplemental
data” stack that is checked for/updated on launch and has data inside it to
update any objects that need to be adjusted?
On Mon, May 21, 2018 at 10:52 AM J. Landman Gay via use-livecode <
use-livecode@lists.runrev.com> wrote:
My client sells supplies to hospitals and the mobile app is part of a
tracking system. We have been distributing the app from a web site but some
users don't trust that and others don't understand why they need to enable
"unknown sources" in prefs. It would be easier to distribute through the
o
Hi Jacque,
If your app is for a specific client/company do you put it on the Play
Store still?
Or is it an app for a company who wants to sell it? -
Lagi
On 20 May 2018 at 21:06, J. Landman Gay via use-livecode <
use-livecode@lists.runrev.com> wrote:
> Has anyone released an Android app on Goog
Has anyone released an Android app on Google Play that uses the
splash-stack method to download the real working stack from a server?
Was it rejected? My current project needs to provide instant updates in
case there is a serious bug, and having an accessible stack on the
server accomodates tha
17 matches
Mail list logo
