ForestDB: Implement database encryption #826
Comments
Implementation notes:Encryption is hooked into ForestDB's filesystem abstraction layer as a new set of The file is considered as a series of 4096-byte blocks. It is assumed that a read or write call will operate on exactly one entire block — this is always true when ForestDB's file cache is enabled. A block is encrypted using AES-256 (same as SQLCipher); the key is the exact 256-bit key registered for that file. The padding is CBC, which requires that every message (block) use a different initialization vector; the IV is derived from the block number using the Encrypted Salt-Sector Initialization Value (ESSIV) algorithm. (This is the same crypto system used in the Linux kernel as part of the dm-crypt disk encryption feature.) I had to implement a kludge to support database compaction. The automatic compactor creates a temporary file that it writes the live documents to, then replaces the original file with the new one. Unfortunately it isn't possible at the file-I/O layer to tell that the temporary file is associated with the original one; but the new file needs to be encrypted using the same key. The kludge is to detect the naming pattern that ForestDB uses for the temporary file: it appends a suffix consisting of a period and one or more digits. When the I'm discussing a better solution with the ForestDB team; it will require some changes to ForestDB itself, which will hopefully be minor. For now, the kludge is reliable enough. |
We don't support database encryption for ForestDB-based databases because there's no ForestDB equivalent of SQLCipher. We may need to implement one ourselves, i.e. a ForestDB file I/O plugin that encrypts the file.
It looks like libSodium's Salsa20 cipher would be a good choice for this because it supports jumping to an arbitrary place in the ciphertext and deciphering from there.[see implementation notes below]The text was updated successfully, but these errors were encountered: