Corrupted EncryptedLocalStore in Adobe AIR

Adobe AIR has a feature called EncryptedLocalStore, which is where apps can store potentially sensitive data that needs to be secure or safeguarded from other applications. Examples of things you might want to store there are user passwords, SSL connection data, or even something slightly more mundane such as e-mail addresses.

According to the Adobe AIR 1.5 JavaScript Language Reference, accessing an EncryptedLocalStore should only throw an error if you don't pass it an item name to look for:

    var els      = air.EncryptedLocalStore;   // for convenience
    var password = els.getItem('MyPassword'); // returns string (or null)
    var blank    = els.getItem();             // error

However, sometimes you may find that calls to EncryptedStore.getItem or EncryptedLocalStore.setItem are failing, and catching the error doesn't produce any useful information. In this case, the application's EncryptedLocalStore may have become corrupted. After installation, if you change the contents of any installed files, that application's signature will have changed, and it will no longer be able to access its EncryptedLocalStore.

This is actually a pretty handy security feature, especially since HTML AIR apps have their source code available in plain text after installation. This safeguards against users or other programs changing your code to get sensitive data from your EncryptedLocalStore.

I just wanted to mention this problem because it is not (yet) a thoroughly documented error situation. Reinstalling the application will fix the problem.

Tags




blog comments powered by Disqus
search blog
random posts
  • HTML-CSS-Parts-Animal-Guide
  • Performance-JavaScript-Faster-Application-Interfaces
categories & tags
about hb stone

I'm a Front-End Engineer at Yahoo! working on the Mail and Messenger teams. I blog about web design and development topics including accessibility, usability, performance, and developing HTML / CSS / JavaScript applications on Appcelerator Titanium and Adobe AIR.

If you're a web developer, you might enjoy Jelo, my JavaScript library.

@hbstone follows:
@hbstone tweets:
  • Learning-MySQL-JavaScript-Step-Step
  • Project-Guide-Design-Experience-Designers
copyright

All original work on this site is covered by a Creative Commons Attribution 3.0 license unless otherwise specified.

You may share or use any code or images from this site in any manner, for free, so long as reasonable effort has been made to give credit where due.

The views expressed in the posts and comments on this blog do not necessarily reflect the views of Yahoo!