I have a content provider that implements openFile() to return large data BLOBs. these are encrypted files on the SD card. I (obviously) need to decrypt the data on the way out of the content provider so it's usable to the consumer.
The problem is that openFile() returns a ParcelFileDescriptor, which gives me no opportunity to decrypt the data on the way out. Is there any solution to this?
This of course begs the question ... if I'm opening the data up through a content provider, what's the point of encrypting it? I suppose my answer would be that having the data sitting on the SD card unencrypted is slightly worse than exposing it through a content provider.
No obvious way to solve this. I ended up creating a temporary file that gets deleted after some period of time.
My first attempt was to use the Unix trick of deleting the file after it is opened, causing the file to be removed immediately after it closed by the reader. It turns out that many apps will read and re-read the data from the content provider for a single logical open. For example, the gallery app seems to first read data in at low resolution so it can display it quickly, then read it again to display at full resolution.