-
-
Notifications
You must be signed in to change notification settings - Fork 5.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Improving management of E2EE master keys #956
Comments
I would love to see the ability to "cleanup" master keys as well. I have a few leftover from having to enable and disable encryption, and it would be nice to clear up the unused ones. |
I would also very much prefer a cleanup option in order to remove older keys. |
Any progress on being able to remove old keys, or at least disable the orange prompt for a password for them? |
Deletion of old keys would be great. |
Export master keys. Since everything is encrypted with master key, and master key is not fully derived from password, it would be impossible to access encrypted data if the master key is corrupted or deleted. For data safety, there should be a method to backup master key. (maybe export master key in encrypted format) #389 (comment) has mentioned exporting master, but it seems this feature is not implemented yet? |
+1. An "Edit" button needed. |
I would like to work on it. |
@kowalskidev @laurent22 I would very much like to contribute to implementing this as well, and have access to XCode on a Mac (as well as Linux boxes) if that would be helpful in any way. |
We can start by building the code and write some tests. |
@scrumit clear game plan. What I (and most likely @kowalskidev) could use to jumpstart the plan are some links to lines of code where the handling for E2EE keys currently occurs. Any pointers? |
Initially, I'm ignoring the test folders. From a cursory look, Master key handling is dealt with in only two files:
I did a search for MasterKey and found it is handled in only three places in EncryptionService.js; where it is saved (line 60), loaded (97) or checked for validity(226). When I say found in only three places it means that I need to look more carefully because the MasterKey is assigned to something else, like masterKey or newMasterKey and so becomes hidden from a simple search. These probably need further investigation
in EncryptionService.js: and
in encryption-config-shared.js |
Even if I have old keys that does not have a password, please allow me to dismiss the Android persistent warning banner of "input password". This is so intrusive... |
https://discourse.joplinapp.org/t/understanding-the-encryption-feature/18758 Can we at least update the documentation to give user enough warning on the downside? |
Add a "status" field that can be:
Also allow manually creating master key without having to disable/enable encryption.
The text was updated successfully, but these errors were encountered: