Received: from malur.postgresql.org ([217.196.149.56])
	by arkaria.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <pgsql-general-owner+archive@lists.postgresql.org>)
	id 1v5Ktl-0059GL-TT
	for pgsql-general@arkaria.postgresql.org; Sun, 05 Oct 2025 09:19:22 +0000
Received: from localhost ([127.0.0.1] helo=malur.postgresql.org)
	by malur.postgresql.org with esmtp (Exim 4.94.2)
	(envelope-from <pgsql-general-owner+archive@lists.postgresql.org>)
	id 1v5Kti-002Aav-G3
	for pgsql-general@arkaria.postgresql.org; Sun, 05 Oct 2025 09:19:19 +0000
Received: from makus.postgresql.org ([2001:4800:3e1:1::229])
	by malur.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <mathieu@opengis.ch>)
	id 1v5Kth-002Aam-Pt
	for pgsql-general@lists.postgresql.org; Sun, 05 Oct 2025 09:19:19 +0000
Received: from mail-lf1-x134.google.com ([2a00:1450:4864:20::134])
	by makus.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
	(Exim 4.96)
	(envelope-from <mathieu@opengis.ch>)
	id 1v5Ktf-0008I5-0y
	for pgsql-general@lists.postgresql.org;
	Sun, 05 Oct 2025 09:19:17 +0000
Received: by mail-lf1-x134.google.com with SMTP id 2adb3069b0e04-57a292a3a4bso2197018e87.3
        for <pgsql-general@lists.postgresql.org>; Sun, 05 Oct 2025 02:19:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=opengis.ch; s=google; t=1759655953; x=1760260753; darn=lists.postgresql.org;
        h=cc:to:subject:message-id:date:from:in-reply-to:references
         :mime-version:from:to:cc:subject:date:message-id:reply-to;
        bh=CQ/pLQFXME88BmUgczRlTyRQADVDdODADeG8AjC+I48=;
        b=GmhwpuK++Ljb214OLAwg7tQ2gHamioZ7hjzwM/YW4agHMVoGMUwDmX3SnbTUUVbtce
         ZMSXniUJgN3OLTBuubkC8fSi5TrCpHQcn92lLAXp2SIzFYPON8WNPWwY9gLqrGQkmHsH
         eUMA9uhCVqaENtqXnMTcl3AQLgkP3xtXG3IElYH74Et9NVkG4ohBkBERzGahAc2aErcX
         /suFUxxQ4nbu2NmCMQsGz0dZfhI+u00GgfTIMZHbEYoBaePl8zPmWdaIMLUFAK9cgHQe
         pWE5RSRJaf+cNgPrdh9BOMWyqY179l6PfTZJKaBr3RehuZnYyGHr48kYGbhs1qy3csjo
         68rQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1759655953; x=1760260753;
        h=cc:to:subject:message-id:date:from:in-reply-to:references
         :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=CQ/pLQFXME88BmUgczRlTyRQADVDdODADeG8AjC+I48=;
        b=Zn8unjBO+5xL99kAg0fmTvDish3FWHSG2Yr+Z9rwLm1lrsacFaUHLOXjceawXobpIL
         cZDxdPCT/0uLNlvrt/OwdfICRj9AYaUdLOkdjJYSR086UEP4e8ipyLMcXe5yAUDNiJ0y
         U5BfGK3u32sGI70IxSaUq+17mE9TUVLykrPv4LoV91dNmDVnxKZAkjpHsKsiRy2s2ABK
         M3MPc91nFAUbERcoNPFiDKKr7HjmaY+40rOHsxqmYxdtROTVva/NjSD/5Xqra59z4udC
         iyYINeghkq14rxBxCmlHskyUhNDpV7s7WINjjD9cJSLJnPosnhnJInYibW0D2ytywIIa
         A1XQ==
X-Gm-Message-State: AOJu0YyPFgeI74tbn5wacH/sNp7BAoodaT9mBBihjGf3C5CSSrZBv+pk
	shJ7CA0LwXYj1kOBXt+TgbidLilX/7WB58btiGw2NLdmz1vuJL3mBVwc8koeRi//sajoN1AIqa6
	xmo7EKTQUUVAgOECqksfn1ScO9vtesJPZu626PDohMQ==
X-Gm-Gg: ASbGncszOhUumrW4mKKk3czRNLdmAghuv9KYqoIaoyEreCTDy8RnIH+Bn8qWVrpmivM
	GC6zFqyBvVAwWSvuDJmdLSXXSOle/D35sFVpuPzzb1DCJ3RyNX4Wkgpuea2IPh8jlsopMNid9s3
	s+buOd6JcwiNwyqE8woUZc2wQC15pQKxQl26p2KtPpwHDxSsBne+OkRuVkw7s4pqlwAVPr4hvHE
	/e55ObtF2MXsxUm8ls8syOfvwKKsKJZHyoMYL35J/FSLcc=
X-Google-Smtp-Source: AGHT+IF2A/NG3xZ6qfHvTgCZ0IniHJoK1HQpIpUH92a+rscb3Og5D3k4ufgevYRx1P0VqM0oeMi6gVZ+KRRo+56wRJ0=
X-Received: by 2002:a05:6512:3c87:b0:57d:b8a1:832b with SMTP id
 2adb3069b0e04-58cb9d1ace5mr3372212e87.24.1759655952493; Sun, 05 Oct 2025
 02:19:12 -0700 (PDT)
MIME-Version: 1.0
References: <CAKOSLFXOxaNG2B9WyZ2B-_KmrL2mHmCpd3agSP6kRAaL0=7YOA@mail.gmail.com>
 <CD466ADF-0C2B-4458-A511-37C11F67AF7D@yesql.se>
In-Reply-To: <CD466ADF-0C2B-4458-A511-37C11F67AF7D@yesql.se>
From: Mathieu Pellerin <mathieu@opengis.ch>
Date: Sun, 5 Oct 2025 16:19:01 +0700
X-Gm-Features: AS18NWAqhsweWebFjlZdQ4YoSQIVdvy_i9CAYdbL8ruLy9ap5-zpo1w8SjQGemY
Message-ID: <CAKOSLFXaMgWdqZgyQiLQ=RfgeTtn5XNHvk6bpE0hXRTDEtQrdw@mail.gmail.com>
Subject: Re: Client/server certificates verification support on Android platform
To: daniel@yesql.se
Cc: pgsql-general@lists.postgresql.org
Content-Type: multipart/alternative; boundary="000000000000f9bf37064065d38c"
List-Id: <pgsql-general.lists.postgresql.org>
List-Help: <https://lists.postgresql.org/manage/>
List-Subscribe: <https://lists.postgresql.org/manage/>
List-Post: <mailto:pgsql-general@lists.postgresql.org>
List-Owner: <mailto:pgsql-general-owner@lists.postgresql.org>
List-Archive: <https://www.postgresql.org/list/pgsql-general>
Archived-At: <https://www.postgresql.org/message-id/CAKOSLFXaMgWdqZgyQiLQ%3DRfgeTtn5XNHvk6bpE0hXRTDEtQrdw%40mail.gmail.com>
Precedence: bulk

--000000000000f9bf37064065d38c
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

Thanks for the response Daniel.

AFAIK, Android has a KeyCert API, however this doesn't let you extract
private keys as such and only to perform certain cryptographic operations
on it. Guessing a bit here, this likely means that we would need to provide
an openssl engine (via libpq?) that implements certain openssl callbacks
and connects them through JNI to the android KeyCert API. This is a rather
complex integration to begin with, and one I wouldn=E2=80=99t blame libpq t=
o not be
interested in.

I also can=E2=80=99t see the method suggested above to be super friendly to
services defined via pg_service.conf across multiple OSes; the filesystem
access for that is quite useful.

While presumed-safe locations are not bulletproof, they do have their uses
on Windows, and would definitively ease things when using libpq on Android.
When it comes to the actual use case described in this thread, I=E2=80=99d =
rather
rely on a clearly established and documented presumed-safe location logic
than doing the workaround I linked above. Both ultimately get us a workable
connection.

On Fri, Sep 19, 2025 at 5:44=E2=80=AFPM Daniel Gustafsson <daniel@yesql.se>=
 wrote:

> > On 19 Sep 2025, at 12:18, Mathieu Pellerin <mathieu@opengis.ch> wrote:
>
> > Would it make sense for other operating systems beyond Windows to also
> have relaxed permissions within specific application-specific folders? On
> Android, the application=E2=80=99s data directory would certainly match a=
 similar
> set of secure assumptions as the OS restricts its access.
>
> FWIW, I am not a fan of the presumed-safe approach to filesystem
> locations, and
> even less so of relaxed permissions via configuration.
>
> One thing which has been discussed is to add support for vaults, like mac=
OS
> keychain etc, as an alternative to filesystem acceess.  Are there any suc=
h
> capabilities on Android which could be relied upon?
>
> --
> Daniel Gustafsson
>
>

--=20
[image: OG]
<https://link.bulksignature.com/4054a10b-3c19-46a2-9e27-813335d7dbdc>

*Mathieu Pellerin*
Mr. Ordinato

QField Product Owner | UX/UI Expert
Team QField
[image: email]
mathieu@opengis.ch

[image: www]
https://opengis.ch

[image: linkedin] <https://www.linkedin.com/company/opengisch/> [image:
mastodon] <https://fosstodon.org/@opengisch> [image: github]
<https://github.com/opengisch/>

--000000000000f9bf37064065d38c
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><div>Thanks for the response Daniel.</div><div><br></div><=
div>AFAIK, Android has a KeyCert API, however this doesn&#39;t let you extr=
act private keys as such and only to perform certain cryptographic operatio=
ns on it. Guessing a bit here, this likely means that we would need to prov=
ide an openssl engine (via libpq?) that implements certain openssl callback=
s and connects them through JNI to the android KeyCert API. This is a rathe=
r complex integration to begin with, and one I wouldn=E2=80=99t blame libpq=
 to not be interested in.<br><br>I also can=E2=80=99t see the method sugges=
ted above to be super friendly to services defined via pg_service.conf acro=
ss multiple OSes; the filesystem access for that is quite useful.<br><br>Wh=
ile presumed-safe locations are not bulletproof, they do have their uses on=
 Windows, and would definitively ease things when using libpq on Android. W=
hen it comes to the actual use case described in this thread, I=E2=80=99d r=
ather rely on a clearly established and documented presumed-safe location l=
ogic than doing the workaround I linked above. Both ultimately get us a wor=
kable connection.</div></div><br><div class=3D"gmail_quote gmail_quote_cont=
ainer"><div dir=3D"ltr" class=3D"gmail_attr">On Fri, Sep 19, 2025 at 5:44=
=E2=80=AFPM Daniel Gustafsson &lt;<a href=3D"mailto:daniel@yesql.se">daniel=
@yesql.se</a>&gt; wrote:<br></div><blockquote class=3D"gmail_quote" style=
=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding=
-left:1ex">&gt; On 19 Sep 2025, at 12:18, Mathieu Pellerin &lt;<a href=3D"m=
ailto:mathieu@opengis.ch" target=3D"_blank">mathieu@opengis.ch</a>&gt; wrot=
e:<br>
<br>
&gt; Would it make sense for other operating systems beyond Windows to also=
 have relaxed permissions within specific application-specific folders? On =
Android, the application=E2=80=99s data directory would certainly match a s=
imilar set of secure assumptions as the OS restricts its access.<br>
<br>
FWIW, I am not a fan of the presumed-safe approach to filesystem locations,=
 and<br>
even less so of relaxed permissions via configuration.<br>
<br>
One thing which has been discussed is to add support for vaults, like macOS=
<br>
keychain etc, as an alternative to filesystem acceess.=C2=A0 Are there any =
such<br>
capabilities on Android which could be relied upon?<br>
<br>
--<br>
Daniel Gustafsson<br>
<br>
</blockquote></div><div><br clear=3D"all"></div><br><span class=3D"gmail_si=
gnature_prefix">-- </span><br><div dir=3D"ltr" class=3D"gmail_signature"><t=
able dir=3D"ltr" style=3D"margin-top:15px;font-family:Verdana,sans-serif;wi=
dth:736px" width=3D"600" cellspacing=3D"0" cellpadding=3D"0"><tbody><tr><td=
 style=3D"width:734px"><table style=3D"width:557px" cellspacing=3D"0" cellp=
adding=3D"0"><tbody><tr><td style=3D"padding-right:16px;width:242px" valign=
=3D"top"><a style=3D"float:left;margin:0px" href=3D"https://link.bulksignat=
ure.com/4054a10b-3c19-46a2-9e27-813335d7dbdc" rel=3D"noopener" target=3D"_b=
lank"><img src=3D"https://d2603p5nbqhrhm.cloudfront.net/4054a10b-3c19-46a2-=
9e27-813335d7dbdc.jpg" alt=3D"OG" width=3D"232" height=3D"250"></a></td><td=
 style=3D"height:0px;line-height:0px;border-left:1px solid rgba(74,74,74,0.=
5);padding:0px 5px 0px 0px;width:0px">=C2=A0</td><td style=3D"width:635px" =
valign=3D"top"><table style=3D"width:635px" cellspacing=3D"0" cellpadding=
=3D"0"><tbody><tr><td style=3D"color:rgb(74,74,74);font-weight:bold;line-he=
ight:1;padding:0px 0px 0px 2px;text-align:left;font-size:19px;width:631px">=
<div style=3D"font-weight:400;line-height:18px;height:33px;padding:0px 0px =
8px 2px;text-align:left;font-size:16px">
           =20
              <img src=3D"https://cdn.bulksignature.com/cloud/photo/4152_10=
3882648048443805102.jpg" width=3D"90" height=3D"90" style=3D"border-radius:=
 50%; float: left; margin: 0px 10px 10px 0px;">
           =20
            <strong>Mathieu Pellerin</strong> <br><span style=3D"color:rgb(=
130,203,42);font-size:14px">Mr. Ordinato</span> <p style=3D"margin-top:8px;=
font-size:12px;color:rgb(74,74,74)">QField Product Owner | UX/UI Expert<br>=
Team QField</p></div></td></tr><tr><td style=3D"padding:0px 0px 5px 2px;wid=
th:631px"><div style=3D"margin:0px;float:left"><table border=3D"0" cellspac=
ing=3D"0" cellpadding=3D"0"><tbody><tr><td style=3D"width:20px;vertical-ali=
gn:middle;padding-top:2px;padding-bottom:2px"><div style=3D"display:inline-=
block;vertical-align:middle"><img style=3D"vertical-align: middle;" src=3D"=
https://cdn.appsrecord.com/social/transparent/1565c0/32/email.png" alt=3D"e=
mail" width=3D"16"></div></td><td style=3D"padding-top:2px;padding-bottom:2=
px;vertical-align:middle"><a style=3D"display:inline-block;color:rgb(0,0,0)=
;font-size:12px;text-decoration:none;vertical-align:middle" href=3D"mailto:=
mathieu@opengis.ch" rel=3D"noopener" target=3D"_blank">mathieu@opengis.ch <=
/a></td></tr><tr><td style=3D"width:20px;vertical-align:middle;padding-top:=
2px;padding-bottom:2px"><div style=3D"display:inline-block;vertical-align:m=
iddle"><img style=3D"vertical-align: middle;" src=3D"https://cdn.appsrecord=
.com/social/transparent/1565c0/32/www.png" alt=3D"www" width=3D"16"></div><=
/td><td style=3D"padding-top:2px;padding-bottom:2px;vertical-align:middle">=
<a style=3D"display:inline-block;color:rgb(0,0,0);font-size:12px;text-decor=
ation:none;vertical-align:middle" href=3D"https://opengis.ch" rel=3D"noopen=
er" target=3D"_blank">https://opengis.ch </a></td></tr></tbody></table></di=
v> =C2=A0</td></tr><tr><td style=3D"padding:11px 0px 0px 3px;width:633px"><=
table style=3D"margin:0px;padding:0px;float:left" border=3D"0" cellspacing=
=3D"0" cellpadding=3D"0"><tbody><tr><td style=3D"padding-right:5px"><a styl=
e=3D"color:rgb(0,0,0);display:flex" href=3D"https://www.linkedin.com/compan=
y/opengisch/" rel=3D"noopener" target=3D"_blank"><img src=3D"https://cdn.ap=
psrecord.com/social/border-round/4a4a4a/40/linkedin.png" alt=3D"linkedin" w=
idth=3D"20"></a></td><td style=3D"padding-right:5px"><a style=3D"color:rgb(=
0,0,0);display:flex" href=3D"https://fosstodon.org/@opengisch" rel=3D"noope=
ner" target=3D"_blank"><img src=3D"https://cdn.appsrecord.com/social/border=
-round/4a4a4a/40/mastodon.png" alt=3D"mastodon" width=3D"20"></a></td><td s=
tyle=3D"padding-right:5px"><a style=3D"color:rgb(0,0,0);display:flex" href=
=3D"https://github.com/opengisch/" rel=3D"noopener" target=3D"_blank"><img =
src=3D"https://cdn.appsrecord.com/social/border-round/4a4a4a/40/github.png"=
 alt=3D"github" width=3D"20"></a></td></tr></tbody></table></td></tr></tbod=
y></table></td></tr></tbody></table></td></tr></tbody></table></div>

--000000000000f9bf37064065d38c--