Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support vault format 8 #258

Closed
SailReal opened this issue Jan 28, 2021 · 0 comments
Closed

Support vault format 8 #258

SailReal opened this issue Jan 28, 2021 · 0 comments
Labels
type:feature-request New feature or request
Milestone
1.6.0

Comments

@SailReal
Copy link
Member

SailReal commented Jan 28, 2021
edited

Summary

Starting with Cryptomator 1.6.0 the user should be able to open and create vaults in the new vault format 8.

Additional Context

Add Vault

Listing of the folder, if vault.cryptomator and masterkey.cryptomator found, hide masterkey.cryptomator.

Unlock Vault

  1. No listing, directly read vault.cryptomator, if not found, read masterkey.cryptomator
  2. If vault.cryptomator exists, check scheme
  3. If masterkeyfile scheme, load masterkey.cryptomator and verify the JWT using the masterkey.
  4. Read vault version and further parameters like maxFilenameLen to initialize and configure the correct CryptoDecorator.

While starting the unlock, display a generic progress dialog. As soon as the vault.cryptomator is found and the masterkeyfile scheme is recognized, switch to the EnterPasswordDialog. The same applies when no vault.cryptomator file found but a masterkey.cryptomator for legacy vaults.

Format

vault.cryptomator : which is a JWT, e.g.
eyJraWQiOiJtYXN0ZXJrZXlmaWxlOm1hc3RlcmtleS5jcnlwdG9tYXRvciIsInR5cCI6IkpXVCIsImFsZyI6IkhTMjU2In0.eyJtYXhGaWxlbmFtZUxlbiI6MjIwLCJmb3JtYXQiOjgsImp0aSI6IjhmNzhkNTIwLTNiYzMtNDQ3NS04ZDlmLTM0OWRlZjg3Yzk4OCIsImNpcGhlckNvbWJvIjoiU0lWX0NUUk1BQyJ9.BRAq_FN-ahAh6iy8jY32r0ZRfPlIDy-UzOoRL6xHPUk

HEADER
{
  "kid": "masterkeyfile:masterkey.cryptomator",
  "typ": "JWT",
  "alg": "HS256"
}

PAYLOAD
{
  "maxFilenameLen": 220,
  "format": 8,
  "jti": "8f78d520-3bc3-4475-8d9f-349def87c988",
  "cipherCombo": "SIV_CTRMAC"
}

masterkey.cryptomator

{
  "version": 999,
  "scryptSalt": "34HorXsZLss=",
  "scryptCostParam": 32768,
  "scryptBlockSize": 8,
  "primaryMasterKey": "KDywJdKFqSVtABXiqtqPkkZ8zH5dhBkNQBhJSnU/JpPr7fCE6GPPEw==",
  "hmacMasterKey": "PqHtidj8g011TMNZXugWXRTqM7P24e+j2zHkpWFuRA7yGDUOLo9iuw==",
  "versionMac": "WPxqVFYsjXcUuXPGCpaovUh0ZGgyxUc8TOns8t7evPA="
}

See cryptomator/cryptofs#95 for more details.
@SailReal SailReal added the type:feature-request New feature or request label Jan 28, 2021
@SailReal SailReal added this to the 1.6.0 milestone Jan 28, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
type:feature-request New feature or request
Projects
None yet
Milestone
1.6.0
Development

No branches or pull requests
1 participant
@SailReal