Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Improving management of E2EE master keys #956

Closed
laurent22 opened this issue Nov 7, 2018 · 13 comments
Closed

Improving management of E2EE master keys #956

laurent22 opened this issue Nov 7, 2018 · 13 comments
Labels
enhancement Feature requests and code enhancements high High priority issues

Comments

@laurent22
Copy link
Owner

Add a "status" field that can be:

  • "Compromised" - in which case it will no longer be used for encryption (but it is kept to allow decrypting any existing items)
  • "Preferred" - in which case it will be used for encryption, instead of using the existing default one.

Also allow manually creating master key without having to disable/enable encryption.

@laurent22 laurent22 added enhancement Feature requests and code enhancements essential labels Nov 7, 2018
@WingofaGriffin
Copy link

I would love to see the ability to "cleanup" master keys as well. I have a few leftover from having to enable and disable encryption, and it would be nice to clear up the unused ones.

@ardevd
Copy link

ardevd commented Apr 11, 2019

I would also very much prefer a cleanup option in order to remove older keys.

@rclilly
Copy link

rclilly commented May 31, 2019

Any progress on being able to remove old keys, or at least disable the orange prompt for a password for them?

@Zer0CoolX
Copy link

Deletion of old keys would be great.

@QuantumGhost
Copy link

QuantumGhost commented Sep 13, 2019

Export master keys.

Since everything is encrypted with master key, and master key is not fully derived from password, it would be impossible to access encrypted data if the master key is corrupted or deleted. For data safety, there should be a method to backup master key. (maybe export master key in encrypted format)

#389 (comment) has mentioned exporting master, but it seems this feature is not implemented yet?

@KYLN24
Copy link

KYLN24 commented Feb 17, 2020

+1. An "Edit" button needed.

@kowalskidev
Copy link
Contributor

I would like to work on it.
@laurent22 it would be great if you can provide a detailed specs for the implementation so I can work accordingly.

@rayrrr
Copy link

rayrrr commented May 6, 2020

@kowalskidev @laurent22 I would very much like to contribute to implementing this as well, and have access to XCode on a Mac (as well as Linux boxes) if that would be helpful in any way.

@scrumit
Copy link

scrumit commented May 21, 2020

I would like to work on it.
@laurent22 it would be great if you can provide a detailed specs for the implementation so I can work accordingly.

We can start by building the code and write some tests.

@rayrrr
Copy link

rayrrr commented May 21, 2020

@scrumit clear game plan. What I (and most likely @kowalskidev) could use to jumpstart the plan are some links to lines of code where the handling for E2EE keys currently occurs. Any pointers?

@scrumit
Copy link

scrumit commented May 25, 2020

Initially, I'm ignoring the test folders.

From a cursory look, Master key handling is dealt with in only two files:

  • MasterKey.js
  • EncryptionService.js

I did a search for MasterKey and found it is handled in only three places in EncryptionService.js; where it is saved (line 60), loaded (97) or checked for validity(226).

When I say found in only three places it means that I need to look more carefully because the MasterKey is assigned to something else, like masterKey or newMasterKey and so becomes hidden from a simple search.

These probably need further investigation

masterKeysThatNeedUpgrading

in EncryptionService.js:

and

shared.upgradeMasterKey

in encryption-config-shared.js

@J4gQBqqR
Copy link

Even if I have old keys that does not have a password, please allow me to dismiss the Android persistent warning banner of "input password". This is so intrusive...

@J4gQBqqR
Copy link

https://discourse.joplinapp.org/t/understanding-the-encryption-feature/18758

Can we at least update the documentation to give user enough warning on the downside?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement Feature requests and code enhancements high High priority issues
Projects
None yet
Development

No branches or pull requests