Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Redesign defaultKeyEncrypter to use modern encryption. #19

Open
3 tasks
nanov opened this issue Nov 6, 2019 · 0 comments
Open
3 tasks

Redesign defaultKeyEncrypter to use modern encryption. #19

nanov opened this issue Nov 6, 2019 · 0 comments
Labels
enhancement New feature or request

Comments

@nanov
Copy link
Contributor

nanov commented Nov 6, 2019

Currently the defaultKeyEncrypter which is used to encrypt persisted keys is using deprecated createCipher method.

This results in weaker encryption. Migrating the encryption into some modern one would involve changing the keys files format, so a convertor should be written in order to migrate old ones to new ones, as well as some kind of metadata in the new format in order to assure correct keys file version.

TODO:

  • Discuss and decide the new keys format (maybe a binary one with metadata as first few bits)
  • Implement encryption and decryption with the newly decided format, plus version and corruption checking.
  • Write a tool to upgrade v1 ( current ) files to v2.
@nanov nanov added the enhancement New feature or request label Nov 6, 2019
@nanov nanov changed the title Redesign defaultKeyEncypter to use modern encryption. Redesign defaultKeyEncrypter to use modern encryption. Nov 7, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@nanov