What's the mechanism behind crypto-file ? And what's the difference between crypt-file and crypto-file ? #22
Assignees
Labels
enhancement
New feature or request
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hello, I have a question for cordova-plugin-crypto-file,
So I know the repository is generating random password at compilation (cordova prepare/ run/build) and using that to encrypt file, I have the following questions:
I was wondering what's the algorithm for generating random password?
What encryption algorithm and how strong is it (AES256?)
Can it be a next feature to allow users manually configure these settings like changing the encryption type and level of encryption?
And finally I was wondering how do you store the password? Because every time you open the app, the first thing the app do is to decrypt the files , so I guess the password is stored inside the APK/APP.
Given the hypothesis that the password for decryption is stored inside APK/APP, how is this password being protected/shielded from attacker?
Because if the effort for attacker to decrypt the password is less than the effort for attacker to force decrypt the actual file, the encryption of the file doesn't make much sense then (it will just be a decoration then).
Thank you very much for answering the question.
The text was updated successfully, but these errors were encountered: