Better all round encryption implementation
Encrypt all fields using a standard program password to make it harder to read out the database and obscure icons.
Blueprint information
- Status:
- Complete
- Approver:
- Prunus dulcis
- Priority:
- Medium
- Drafter:
- Prunus dulcis
- Direction:
- Approved
- Assignee:
- Prunus dulcis
- Definition:
- Approved
- Series goal:
- Accepted for 10.12
- Implementation:
- Implemented
- Milestone target:
- 10.12
- Started by
- Prunus dulcis
- Completed by
- Prunus dulcis
Related branches
Related bugs
Sprints
Whiteboard
Base level of encryption [universal]
- use a standard universal password for encrypting all fields [advantage: all fields, including user, isPrivate, UUID can be encrypted, so that reading out the database is at least a bit harder to do and icons are not displayable by file explorers, this is a first basic layer of security though since the password is universal and open in the sourcecode, this layer can easily be disabled by a programmer]
Second level of encryption [per user]
- if a user marks an entry as private, it's fields are decrypted using the universal password and then re-encrypted using the user password [encrypted by the session password the user uses for logging in] and stored as such [this is the second security layer providing a much higher level of security, since each user has a different encryption password that is used for encryption]
Note - some fields are still not encrypted - would be necessary to convert them all to String and back for encryption - most Integer fields work like this now and are encrypted, strings are encrypted now in all cases. Missing are Long values, some HashMaps, ArrayLists (though alTags ArrayLists are now encrypted, too) and UUIDs.