This repository has been archived by the owner on Jun 11, 2020. It is now read-only.
Data File Encryption #90
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This commit adds scrypt-jane as a submodule, and incorporates it source into the project. In order to have properly encrypted data files, we need to incorporate some form of key-derivation. Writing one's own is usually dangerous, and sodium doesn't provide that sort of functionality, so adding a second crypto dependency makes sense here.
Salsa20/8 & sha256 are the default mixer/hash for most scrypt implementations. It makes sense to keep this file format in line with the de facto standards, in case any other clients want interoperability.
This commit adds the Core::Profile class, which manages the saving/loading of tox messengers. The files it creates contain an encrypted copy of the given tox messenger, as well as some information about the saved 'profile' (a name, saved date, and scrypt/nacl key parameters).
This commit moves the Profile class out of Core, and simplifies its functions. Having the Profile class encapsulated within Core was visibly becoming a poor decision - it was going to create problems in the longer run with the login dialog. As such, this commit moves it to its own top-level file. Profile has also been simplified to work just with the Tox Messenger save data, and no longer with actual Tox instances & the tox_load/save() functions.
Conflicts: projectfiles/QtCreator/TOX-Qt-GUI.pro
The saveData() & loadData() functions each contained minor bugs introduced when Profile was moved out of Core.
|
I've moved much of the code for tox messenger saving into a separate repo, as @irungentoo suggested. Profile has been kept as a Qt wrapper for the new tox_data functions, which I think will be handy when implementing #65 & #67. |
|
Qt doesn't like exceptions, so we write exception-less code. |
This commit adds a Profile::brokenProfile() function that handles constructor errors without exceptions.
This commit changes Profile behavior to use tox_load/save() itself.
The use of tmpnam() was generating "the use of tmpnam is dangerous" warnings. This commit switches to a Qt-based solution for a random file name.
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
I've tackled issue #66.
These commits add a class Profile, responsible for saving/loading/encrypting a given Tox Messenger. The file format used is described here (it's loosely based on Toxic's design). I've also created a quick-and-dirty branch that shows Profile in use.