Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Move icons out of the vault file to a separate folder #134

Closed
alexbakker opened this issue Jun 7, 2019 · 2 comments
Closed

Move icons out of the vault file to a separate folder #134

alexbakker opened this issue Jun 7, 2019 · 2 comments
Assignees
@alexbakker
Labels
proposal A proposal for a new feature

Comments

@alexbakker
Copy link
Member

Today, we store everything in the vault file, even icons. This decision was made early on in the project to get quick and easy support for icons, but as more people are starting to use Aegis, this technical debt is starting to show issues all over. It's a source of performance issues and crashes. The most recent example of this is #130.

Therefore, I propose to move icons out of the vault file, into a separate folder. This would allow us to load the vault separately from the icons, improving performance and stability, with the cost of some added complexity to the code. All icons would be stored in the icons folder, with random UUID's as filenames. I think we should still encrypt them, so entries in the vault also need a reference to their icon, along with some parameters for decryption. It'd look like this:

"icon": {
	"uuid": "01234567-89ab-cdef-0123-456789abcdef",
	"mime": "image/jpeg",
	"params": {
		"nonce": "0123456789abcdef01234567",
		"tag": "0123456789abcdef0123456789abcdef"
	}
}

As icons are no longer included in the vault, they would also not be included in exports. We'd have to use some kind of container format to export the vault along with all of the icons, like zip or tar. Java seems to have a decent API to create zip files, so we might as well use that, but I'd rather have something that doesn't do compression as we won't benefit much from that anyway.

The only security-related consequence is that someone with access to the vault would be able to determine the (minimum) amount of entries the vault contains. I think that's acceptable.
@alexbakker alexbakker added the proposal-accepted An accepted proposal for a new feature label Jun 7, 2019
@alexbakker alexbakker self-assigned this Jun 7, 2019
@chiraag-nataraj
Copy link

The one thing I worry about with a container format is resilience to corruption. With the current backup methods, the files are plain-text. While that's not too useful with the encrypted backup, it's a lifesaver with the unencrypted backup, since users can always recover something from even a corrupt backup.

What if the icons were merged together with the vault data at export time? It might increase the time for an export, but it would also ensure the current resilience to corruption and data loss.

@alexbakker alexbakker added proposal A proposal for a new feature and removed proposal-accepted An accepted proposal for a new feature labels Oct 16, 2019
@ukanuk ukanuk mentioned this issue May 13, 2020
Closed
@alexbakker alexbakker mentioned this issue Jul 5, 2020
Closed
@alexbakker
Copy link
Member Author

We don't have plans to do this anymore. #509 will be implemented first, and we'll see if this is still necessary afterwards. Closing for now.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@alexbakker alexbakker

Labels
proposal A proposal for a new feature
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@alexbakker @chiraag-nataraj